Forensic investigation using DNS for faster incident response
When a security incident occurs, incident response teams have to quickly get to the root of the issue — identifying infected clients, potentially-breached services, or data sources. This video demonstrates the forensic value of DNS Edge to provide investigative insight, faster and more focused responses, and the ability to reduce attack surfaces. Watch as we demonstrate a comprehensive, investigation of a breach, identifying the origination point and taking action to further protect the network.
Reduce attack surface in real time with DNS
Unwitting users frequently download malicious payloads viruses, and other nasty stuff, often initiated from a DNS connection. Organizations adhering to “least privilege” strategies can apply policies to reduce their attack surface through DNS. Security policies set by DNS Edge at the client level can reduce access to critical assets, blocking access to all but select accepted client IPs or zones. DNS Edge also locks down single-use connected devices like security cameras and point-of-sale machines by restricting them only to the domains and assets they truly require. In both cases, DNS Edge protects the network by preventing unauthorized users or devices from accessing sensitive data.
Reduce network complexity
Network administrators can eliminate the need for complicated forwarding rules and duplicate name records by controlling resolution pathways. DNS Edge optimizes routing pathways by attempting to resolve queries in a customer-defined sequence. DNS Edge can also route traffic directly to trusted services supporting “internet breakout”, bypassing costly MPLS lines.
Protecting Your Data Migration
Data center migrations quickly get complicated. Large-scale migrations often result in a tangle of conditional DNS forwarding rules which require constant management and upkeep. Avoiding service disruptions in this constantly changing environment requires a great deal of effort. With BlueCat’s Intelligent DNS, you can protect against downtime by controlling the DNS resolution path. If a query returns a ‘not-found’ (NXDOMAIN) result, Intelligent DNS will re-route the query according to a pre-defined logic, ensuring services are always reachable by users.
