The DNS Security service collects additional server response and request information from the firewall when performing domain queries. The firewall forwards the DNS data in less than 30 seconds after collection and batching does not impact firewall performance. In cases where the firewall is experiencing a high load, DNS data collection scales down as needed to maintain expected performance levels. Palo Alto Networks uses this data to provide more accurate domain information (such as provider ASN, hosting information, and geolocation identification) to generate improved analytics, DNS detection, and prevention capabilities.