icn_150_dns_guardian

DNS GuardianAdaptive DNS Security To Ensure Service Continuity and Data Protection

Secure DNS Services Require A Purpose-Built Security Solution

The nature of DNS threats is quickly evolving and DNS attacks have become highly sophisticated based on distributed, multi-vector and multi-stage assault modes. Signature-based security solutions such as firewall, anti-DoS or IPS are not adapted to efficiently ensure DNS services availability and integrity. They have proved to be insufficient against most DNS attacks – such as DNS hijacking, amplification and reflection attacks, and DNS flooding – and even worse, present a high risk of blocking legitimate clients (false positives).

Restricted DNS analytics capacity and basic blocking-based countermeasure imply serious security limitations and risks: Business downtime, customer data or intellectual property theft, damaged reputations and embezzlement of money.

A modern DNS security system must be agile enough to adapt its DNS protection mechanisms to mitigate the risk of false positives, while safeguarding data and ensuring DNS service integrity and continuity to legitimate clients.

2019 Global DNS Threat Report

Discover the growing dangers of DNS attacks, and read the results of the worldwide survey from EfficientIP and IDC.

LEARN MORE

DNS_Guardian_Inspection

Spot DNS Attacks with Behavioral Threat Detection

DNS Guardian delivers built-in security to cache, recursive and authoritative DNS servers. It is the premier secure DNS appliance on the market offering complete and real-time DNS Transaction Inspection (DTI), enabling in-depth understanding of the context of client requests.

By analyzing transactions at the heart of the DNS server (queries, responses, fragments, recursions), threat visibility is enhanced well beyond known attack patterns and overcomes the limitations of signature-based protection systems that only offer limited peripheral traffic visibility.

DNS-Guardian-Coutermeasures

Protect DNS Service Continuity and Data with Adaptive DNS Security

DNS Guardian’s patented innovation enables graduated and adaptive countermeasures according to the threat analysis. It provides intelligent DNS protection to ensure service continuity and safeguard data while nearly eliminating all risk of false positives.

The product offers the most advanced DNS security solution on the market to protect against all types of DNS-based attacks, from stealth to volumetric attacks. including cache poisoning, DDoS attacks, DNS tunneling, DGA malware, and UDP flood.

Holistic Threat Intelligence

Thwart Malware & APT with External and Internal Threat Intelligence Services

Almost 100% of network connections are initiated using DNS services. Analyzing DNS traffic to develop internal threat intelligence in the specific context of the enterprise is a key security component of any modern security strategy.

DNS Guardian can detect zero-day malicious domains used by malware to communicate with external CnC servers (DNS tunneling) or exfiltrate data, and DGAs (domain generation algorithms). Identified malicious domains are dynamically shared between DNS Guardian appliances, delivering actionable predictive DNS security. This complements EfficientIP or third party threat intelligence services over domain reputation.

Enhance Threat Intelligence_light

Enhance Threat Remediation and SOC Efficiency

Get instantaneous visibility on DNS services to improve remediation capacity with out-of-the-box statistics, delivering unequaled insights and reports on DNS traffic, without the need for additional appliances. DNS Guardian delivers high-performing logging capabilities which can be seamlessly integrated with leading SIEM solutions such as Kibana, Splunk, or QRadar.

Events resulting from the analysis of DNS transactions, together with threat intelligence over domain reputation, are used to supplement traditional logs, allowing the SIEM to contextualize the threat

DNS Guardian Key Benefits

icn_firewall

Behavioral Threat Detection

Real-time DNS analytics accurately detect most advanced stealth attacks and threats hidden in the traffic.

deployement

Unequalled Service Continuity

Even with unidentifiable sources, via adaptive countermeasures (Block, patented quarantine and recovery modes).

icn_DEVICEmanager

Predictive Security

Detect zero-day malicious domains used by malware to exfiltrate data or communicate with external CnC servers via DNS tunneling.

icn_baffle_hackers

Data Confidentiality Protection

Sensitive data protected from exfiltration – assured regulation compliance: GDPR, US Cloud Act, NISD, PDPA….

pane of glass-blue-w75

In-depth DNS Traffic Visibility

DNS Transaction Inspection (DTI)  technology provides unmatched visibility and understanding of traffic over time.

Request a Free Trial of DNS Guardian

See how DNS Guardian can protect DNS service continuity, detect DNS tunneling and zero-day malicious domains used by malware to exfiltrate data.

FREE TRIAL

Related Content

HACKING DEMO VIDEO #3- DATA EXFILTRATION

Data exfiltration over DNS queries or via DNS tunneling circumvents traditional security systems. See how hackers abuse DNS services to steal data, and understand how EfficientIP solutions detect data theft attempts.

5 REASONS WHY TRADITIONAL SECURITY SYSTEMS ARE NOT ADAPTED

Existing DNS security solutions are not powerful enough to receive and properly analyze high volumes of DNS traffic in real-time. This dramatically limits threat detection capability on the DNS service and potentially creates dangerous side effects.

product brochuresDNS GUARDIAN PRODUCT BROCHURE

DNS Guardian is part of EfficientIP’s unique 360° DNS Security technology solution, protecting both public and private DNS infrastructures against all attack types including DNS hijacking, DNS tunneling, DNS cache poisoning, and data exfiltration.

Assess Your DNS Security Risk

Verify your protection against data theft with a swift security assessment of your existing DNS architecture and protection systems in place.

Get Started Now