PRESS RELEASE — SANTA CLARA, CA–(Marketwired – December 08, 2015) – Infoblox Inc.
This growing problem is creating concern among enterprises and service providers:
As the leader in enterprise-grade DNS technology, Infoblox is making significant investments in building technologies to help secure DNS. Infoblox DNS Threat Analytics further enables enterprises and service providers to protect their DNS infrastructure and leverage DNS as a control point to defeat cybercrime. Infoblox is the first to offer a DNS server with built-in behavioral analytics to address DNS-based threats.
Domain Name System (DNS) queries are typically small packets of data that make a simple request: translating a domain name such as www.infoblox.com into an Internet Protocol (IP) address such as 188.8.131.52 that computers and endpoints understand. However, cybercriminals have learned to exploit DNS to smuggle out an organization’s data — including highly sensitive information such as trade secrets and customer credit card numbers.
Infoblox DNS Threat Analytics examines outgoing DNS traffic for characteristics that are associated with data exfiltration attacks in real time. These characteristics include:
Traditional reputation-based and signature-based security — already built into Infoblox DNS security appliances — can already block known threats that have been identified by …
… threat intelligence researchers. Infoblox DNS Threat Analytics goes a step further with its ability to automatically block so-called zero-day threats — attacks that haven’t yet been discovered — after analyzing DNS queries and spotting suspicious behavior. There’s no need to install additional software on end-user devices or to deploy additional devices in the data center. Infoblox DNS Threat Analytics can scale to provide enforcement across the network and provide visibility into infected devices or rogue employees trying to steal data. Infoblox can also notify other security systems when threats are detected, accelerating remediation.
“For the Golden Nugget, data security is paramount to our success as a business,” said Shannon Provence, executive director of IT at Golden Nugget Hotel & Casino in Las Vegas. “We see value in Infoblox DNS Threat Analytics because it provides real-time streaming analytics on DNS queries. In our recent evaluation, the analytics helped us identify threat patterns that were otherwise hard to detect using alternate solutions. Infoblox DNS Threat Analytics gave us more visibility than we ever had before and allowed us to quickly identify, evaluate, and block suspicious DNS-based activity before it became an issue or caused data loss.”
The unique real-time analysis and detection capability in Infoblox DNS Threat Analytics works as queries are being processed. This is essential to fast identification of indicators of compromise (IOC). Other off-line approaches such as gathering mountains of log data and analyzing these files after the fact can take weeks to months — which is unacceptable in today’s high-stakes security environments.
“Most firewalls and other security solutions don’t examine or understand the structure of DNS queries, a vulnerability that hasn’t escaped the attention of cybercriminals,” said Scott Fulton, executive vice president of products at Infoblox. “Infoblox DNS Threat Analytics continues our leadership in delivering innovations in DNS security and helps our customers close the door on DNS as a channel for data theft.”
Pricing and Availability
Expected to be available in January 2016, Infoblox DNS Threat Analytics is a paid feature upgrade for Infoblox Internal DNS Security and Infoblox DNS Firewall products running NIOS software version 7.3 or higher. Details on pricing and appliance requirements are available from Infoblox sales representatives and channel partners.
1 SC Magazine, “DNS attacks putting organizations at risk, survey finds,” Dec. 23, 2014
2 Ponemon Institute 2015 Cost of Data Breach Study
3 ZDNet, “Anthem data breach cost likely to smash $100 million barrier,” Feb. 12, 2015