The growth in the number and type of new devices connecting to the network has exposed holes in typical enterprise security. Traditional security solutions tend to focus on particular devices or protocols and cannot provide a broad-based solution that covers all devices and applications. BlueCat Threat Protection leverages the pervasiveness of DNS to stop malicious activities before they can reach business-critical applications or data. DNS is the starting point for connectivity and is used by all devices to connect to applications and sites. BlueCat Threat Protection creates a DNS firewall that provides an additional layer of defense against malicious Internet content and infected devices.
Protection for all devices
By leveraging DNS, BlueCat Threat Protection secures all devices – traditional and non-traditional, corporate-owned and bring your own. Smart phones, point-of-sale (POS) systems, desktops and security cameras all rely on DNS to connect to the network and external sites. Whether the device is in a fixed location, or is mobile and lives beyond the walls of your enterprise, it can be protected from accessing malicious content.
Defense in depth
The coordinated use of multiple, complementary security countermeasures is key to enterprise defense in depth strategies. BlueCat delivers critical contextual network data extending across wired and wireless networks, virtual environments and mobile end points, encompassing DHCP scopes, IP address utilization, DNS host records, zones, subzones and devices, to provide a complete view of the security posture of all connected devices, across the entire network. Leveraging this intelligence, security teams can augment industry standard layers of security to pinpoint infected devices for remediation, and establish an incident response approach to protect business data.
Up-to-the-minute threat data with BlueCat Security Feed
The BlueCat Security Feed gathers threat data from a variety of sources to identify known sources of malicious content including malware, botnets, viruses, trojans, exploits and spam. Threat data is aggregated in the cloud and made available through geo-located clusters around the globe. Users simply subscribe their DNS servers to the security feed, which is automatically delivered through DNS and continuously updated to block threats as they emerge.
Simple to implement
Securing applications and devices through DNS does not require an architectural shift. BlueCat Threat Protection can be quickly and easily added to BlueCat DNS without disruption or conflict with strategic investments in existing security technology or DNS infrastructure. BlueCat Threat Protection represents an additional layer of protection to enhance an organization’s existing defense in depth security capabilities.
BlueCat’s optional SIEM integrations enable organizations to pinpoint attacks and threats by providing detailed information about every device on the network. With BlueCat DNS and DHCP data delivered in native data interchange formats for IBM QRadar and HP ArcSight, security teams can identify and respond to external DNS attacks, malware outbreaks and botnet-infected devices. BlueCat network and device data offers an additional layer of network security intelligence with no blind spots or gaps in compliance or control.