Secure DNS Services Require A Purpose-Built Security Solution
The nature of DNS threats is quickly evolving and DNS attacks have become highly sophisticated based on distributed, multi-vector and multi-stage assault modes. Signature-based security solutions such as firewall, anti-DoS or IPS are not adapted to efficiently ensure DNS services availability and integrity. They have proved to be insufficient, even against some basic attacks, and even worse, present a high risk of blocking legitimate clients (false positives). Restricted capacity for DNS traffic analysis and basic blocking-based countermeasure imply serious security limitations and risks: Business downtime, customer data or intellectual property theft, damaged reputations and embezzlement of money.
A modern DNS security system must be agile enough to adapt its protection mechanisms to mitigate the risk of false positives, while ensuring DNS service integrity and continuity to legitimate clients.
Prevent Network Outages and Data Theft via Security Innovations
DNS Guardian offers adaptive security to DNS cache and recursive services by detecting threats and activating adapted counter measures to ensure DNS services continuity and attack mitigation.
DNS Guardian is the premier solution on the market offering complete DNS Transactions Inspection (DTI), in real-time and with minimal performance impact.
As this innovative DTI technology provides complete understanding of the client’s context, it overcomes the limitations of signature-based security systems that only offer limited peripheral traffic visibility. DTI is therefore key for delivering true DNS analytics and enhanced behavioral threat detection capabilities.
DNS Guardian offers the most advanced DNS security analytics capacity. By analyzing transactions at the heart of the DNS server (queries, responses, fragments, recursions), threat visibility is enhanced well beyond known attack patterns and quickly outdated blacklist mechanisms, enabling the identification of the most advanced attacks such as volumetric attacks, exfiltration attempts on confidential customer data (DNS tunneling), phantom or sloth domain attacks.
Unique out-of-the-box statistics can be produced for unequalled insights, and reports on DNS traffic, without the need for additional appliances.
EfficientIP’s patented innovation enables graduated and adaptive countermeasures according to the threat analysis (through Block, Quarantine and Rescue Modes). It provides intelligent protection to ensure DNS services continuity, even if IP sources of the attacks are unidentifiable. The limit of traditional IP-based blocking solutions is overcome. DNS Guardian delivers high-performing logging capabilities which can be seamlessly integrated with leading SIEM solutions such as Kibana, Splunk, QRadar,…
DNS Guardian enables the SOLIDserver application to effectively become its own security system, delivering truly effective and reliable DNS security for protecting your business.
DNS Guardian Key Benefits
In-depth Traffic Visibility
DNS Transaction Inspection (DTI) technology provides unmatched visibility and understanding of traffic over time.
Unequalled Service Continuity
Even with unidentifiable sources, via adaptive countermeasures (Block, patented quarantine and recovery modes).
Simplify the DNS architecture with purpose-built security DNS servers.
Confidential Data Protection
Customer data and intellectual property protected from exfiltration – assured GDPR Compliance.
Advanced Behavioral Threat Detection
Real-time DNS analytics accurately detect threats hidden in the traffic.