Get a Live Demo of DNS Edge.
Your network is more exposed than you think…
Considering Cisco Umbrella? It’s a great offering, with lots of bells & whistles. But here’s what you’re not getting with Umbrella that Edge provides:
Full visibility and control of all DNS queries and responses needed to repel and remediate DNS-based malware exploits.
You know that 91% of malware uses DNS to reach command and control servers, receive instructions and exfiltrate data. But not all of those DNS queries are to external domains. Cisco Umbrella simply doesn’t give you the internal visibility you need to track lateral movement across your network or improper access to sensitive internal resources and data. Rely on BlueCat DNS Edge to give you the comprehensive protection you need to keep you ‘warm’ and ‘dry’ when suspicious activity rains down on your network.
How DNS Edge helps plug the holes in Umbrella:
- Edge tracks both external AND internal DNS queries – all the way to the specific client IP, going beyond Umbrella’s North-South (external) visibility. This helps speed investigations into DNS activity surrounding an event, uncover internal bad actors and detect lateral movement within your network.
- Edge reduces the attack surface by enforcing policy control for internal traffic, helping security teams lockdown sensitive internal data, applications and IoT devices.
- Edge is ‘agent-free’, requiring no end-point footprint to manage or deploy, making it the obvious choice for managing IoT devices like point-of-sale terminals.
- Edge is deployed as easy to configure virtual service points at a more competitive price. No surprises, no added costs, and no additional hardware needed.
The Possibilities are Endless With DNS Edge
- Correlate query and response logs to originating host
- View both internal and external traffic; for every client type
- Rely on logs for forensic investigations
- Root out patient zero and other infected devices
- Gain granular policy control by device, zone, time of day, etc
- Whitelist IoT or critical systems from accessing unallowed domains
- Monitor machines accessing sensitive data; be alerted on suspicious behavior
- Integrate with a SIEM or Splunk to correlate with other tools
- Apply smart analytics across all DNS queries on your network
- Detect behavior like data exfiltration, tunneling and DGA
- Ingest third-party threat intelligence to block known-bad domains