Your network requires a series of defensive mechanisms such that if one mechanism fails, another will be in place to mitigate risk of attack or breach. Multiple layers of security (defense in depth) helps successfully protect your network and provide a tailored strategy to suit your unique enterprise needs. By leveraging DNS and DHCP to provide layers of protection for your network, BlueCat ensures your core network services are reliable and protected from exploits and attacks, providing visibility and insight into all devices and activity on the network.
Extend your enterprise security architecture
Network and security teams can no longer work independent of one another. Enterprise security is strengthened with visibility into global network activity, and the ability to act on suspect behavior and threats. BlueCat delivers critical insight into network activity through its unique ability to audit and track every user and device, and consolidate this information in a central management system. Adding this information to their arsenal, security teams are better equipped to manage and respond to threats and events.
Clear mitigation strategies for vulnerability management
BlueCat understands the critical nature of IPAM, DNS and DHCP services and the impact of a security risk to these services. As part of BlueCat's initiative to provide customers with up-to-date information related to security, we publicly track all known security issues that affect our products, delivering key information outlining the impact of each issue and how to mitigate against the attack.
Secure dynamic update control, authentication and delegation
BlueCat provides advanced update policies for Active Directory and authenticated, secure dynamic updates to DNS zones using the GSS-TSIG protocol. Our update policies allow administrators to restrict dynamic DNS updates and to also match a client update to a policy, explicitly specifying which types of DNS resource records the policy allows to be updated. Further, BlueCat enables granular permissions for management delegation of DNS, DHCP, and IPAM configuration data. Delegation can be allowed down to individual objects or can be granted on whole classes of objects – at any level in the IP or DNS hierarchies. We support multiple-authenticator configuration for access to the administrative web interface and API by users and groups from Kerberos, LDAP (Active Directory, OpenLDAP, etc.), Radius, and TACACS+ directory sources.
Network connection security across the enterprise
Secure all connected applications and devices through DNS to provide a new layer of defense against mobile malware and other threats to your network. BlueCat leverages the pervasiveness of DNS to stop malicious activities before they can reach business-critical applications or data. BlueCat Threat Protection
combines user-defined policies with cloud-delivered threat lists to provide an additional layer of security for defense in depth strategies.