Company logoHelp Center
Visit www.threatlocker.com

ThreatLocker DNS Web Filtering Usage Policy 

2 min. readlast update: 08.27.2025

ThreatLocker Web Control is licensed per endpoint agent for Windows and macOS devices. 
Customers who subscribe to ThreatLocker Web Control also receive complimentary access to ThreatLocker DNS Servers for DNS-based web filtering. This complimentary service is intended only to extend web filtering protection to devices that cannot run the ThreatLocker Web Control agent.

The DNS Servers are provided solely for:

  • Unprotected devices that cannot be managed by the ThreatLocker Web Control agent (e.g., mobile phones, tablets, printers, network devices).
  • Guest devices connecting to a private WiFi network under the customer’s control.  

Customers must not:

  • Use DNS Servers for devices capable of running the ThreatLocker Web Control agent but not enrolled.
  • Use DNS Servers for public WiFi networks (e.g., coffee shops, airports, hotels) or any network accessible to the general public.
  • Resell, redistribute, or otherwise provide the DNS service outside the customer’s organization or approved guests.

Licensing & Charges

ThreatLocker bills for Web Control on a per-agent basis:

  • DNS Server access is provided free of charge to eligible customers and is not billed per DNS client.
  • Continued use of the DNS Servers is conditional on maintaining an active Web Control subscription. 

Fair Usage

The complimentary DNS service is provided on a fair usage basis:

  • Usage must be reasonable and consistent with protecting the limited number of unprotected devices as described above.
  • Excessive DNS query volumes, disproportionate to the number of protected endpoints, may be considered misuse.
  • ThreatLocker reserves the right to review usage, request remediation, or suspend access if usage exceeds reasonable limits or impacts service availability for other customers.

DNS Configuration Requirement

To ensure service availability and resilience, customers must configure at least two ThreatLocker DNS servers in their DNS settings. This redundancy helps maintain filtering availability in the event of network or service interruptions. ThreatLocker is not responsible for connectivity issues resulting from failure to configure the required ThreatLocker DNS servers.

Enforcement

ThreatLocker may monitor DNS usage for compliance. Misuse of the DNS Servers may result in suspension or termination of service.

Policy Updates

This policy may be updated at any time. Continued use of the DNS Servers after updates constitutes acceptance of the revised terms.

Was this article helpful?