icn_DNSfirewall150

DNS FirewallProtect Users and Block DNS-Based Malware Activity

Hackers and Malware Abuse DNS Services

DNS-based malware is particularly dangerous because it is often used to steal critical company and customer data, interrupt business continuity and damage brand reputation. Hackers take advantage of the underestimation of DNS services’ key role in the cyber kill chain – 91% of malware are using DNS services to build attacks. A global 2017 DNS Security survey conducted by EfficientIP shows that 76% of respondents said they had been targeted by a DNS attack in the last 12 months. When questioned on damages, more than 28% of respondents had intellectual property or sensitive customer information stolen. Traditional security systems are not enough to mitigate this type of threat, as they could be easily circumvented.

DNS Firewall from EfficientIP is a purpose-built and complementary solution to traditional security systems, to effectively protect against DNS-based malware and advanced persistent threats (APT). It’s enhanced DNS query filtering capabilities, combined with dynamic threat intelligence feeds, allow for the quick identification of suspicious device activity, preventing malware infection and spread within a network, as well as phishing campaigns and data exfiltration attempts.

Ensure Proactive and Efficient Protection Against DNS-Based Malware

The SOLIDserver™ DNS Firewall solution, based on RPZ (Response Policy Zone), offers a dedicated layer of defense to monitor and analyze DNS traffic, protecting users and infrastructures against DNS-based malware.

DNS Firewall prevents connected devices from becoming infected with malware and blocks their activity by enabling recursive DNS servers to stop or redirect queries from clients that want to access domains and/or IPs known to be malicious. Compromised devices can be identified and located on the network for rapid neutralization.

The SOLIDserver appliance offers advanced management based upon RPZ dynamic reputation data feed and manual configuration, ensuring an up to date list of malicious or forbidden IP addresses, domains, URLs, or name servers. The entire DNS architecture is automatically updated regardless of the server type (Linux, or EfficientIP’s secure DNS appliance).

To keep pace with the ever-evolving threat landscape, DNS Firewall includes dynamic threat intelligence services. Maintaining appropriate filtering rules regarding known malicious domains is difficult because of the dynamic property of the threat. The most sustainable solution is via a dynamically-updated filtering rule repository that can be extended through a customized filtering policy. DNS Firewall comes with this kind of dynamic data feed built from various distributed sources.

Benefit from Advanced Threat Reporting

The set of built-in reports produced by SOLIDserver™ offers immediate access to key information you need on DNS services. In addition to this, SOLIDserver delivers high-performing logging capabilities which can be seamlessly integrated with leading SIEM solutions such as Kibana, Splunk, QRadar. This integration provides DNS data for log correlation, enabling centralized analysis and reporting, including immediate access to requests to malicious domains.

DNS Firewall Key Benefits

DNS Firewall is part of EfficientIP’s unique 360° Security technology solution, protecting against volumetric, exploit and stealth attacks for both public and private DNS infrastructures. Click here to learn more about our total approach.

icn_exfiltration

Mitigate At
The Source

Thwart initial infection and phishing.

icn_evolving

Adapt To Evolving Threat Landscape

Threat Intelligence services to keep pace with malicious domains/IPs.

icn_prevent_attack

Proactively Prevent New Attacks

Detect and block malware communication with C&C server.

icn_reporting

Provide Advanced Threat Reporting

Combine logging with existing event managers, generate reports using plugins such as Splunk or Graylog.

icn_infected_device

Locate Infected Devices on Your Network

NetChange network discovery tool helps fast localization for immediate remediation.

Request a free trial demo of DNS Firewall
FREE TRIAL

product_brochures-240x212READ THE DNS FIREWALL DATASHEET

DNS Firewall is part of EfficientIP’s unique 360° Security technology solutionprotecting against volumetric, exploit and stealth attacks
for both public and private DNS infrastructures. Click here to learn more about our total approach.

5 Reasons Why Existing DNS Security
Filtering Solutions Are Inefficient

Whitepaper
Learn more about the challenges of legacy DNS security solutions.
DOWNLOAD NOW