Detect and mitigate malware that uses DNS to communicate with Command and Control servers (C&C) and botnets.
Proactively detect and automatically contain malware that targets DNS
These days, BYOD is the norm. Mobile devices from inside and outside your network are continuously crossing mixed physical and cloud infrastructure whose security may not always be under your control. As a result, your network is being constantly exposed to malware threats. And DNS is their main pathway. More than 90 percent of malware uses DNS to communicate with command and control servers, steal data, or redirect traffic to malicious sites. Existing security controls and perimeter defences are not designed to prevent, isolate, and remediate DNS-based malware threats.
With Infoblox DNS Firewall you gain proactive network protection against fast-evolving, elusive malware threats that exploit DNS to communicate with Command and Control (C&C) servers and botnets.
Detect malware before it causes damage
With Infoblox DNS Firewall, you can continuously monitor malware threats in real-time based on machine-readable threat intelligence. Working in conjunction with Infoblox DHCP fingerprinting, IPAM, and Identity Mapping, it helps you rapidly pinpoint compromised devices, isolating them and preventing DNS communications with malicious C&C servers and botnets.
Automate malware containment
Automatically disrupt device communications with detrimental Internet destinations by using Infoblox Threat Intelligence Feed of regularly updated malicious destinations (hostnames, domains, IPs). Stop data exfiltration through DNS by using Infoblox Threat Insight, a unique streaming analytics-based solution, to identify devices communicating with domains associated with data exfiltration and use a DNS Firewall Response Policy Zone (RPZ) blacklist to block any communication to them. Remediate devices rapidly by having DNS Firewall seamlessly share early indicators of compromise in real-time with advanced threat detection, threat intelligence platforms, endpoint security, NAC, and SIEM technologies.
Automatically adapt to evolving threats
Stay safe from malware, even as it continues to evolve. Infoblox DNS Firewall draws on the regularly updated and actionable Infoblox Threat Intelligence Feed to accurately detect the latest malevolent Internet destinations such as hostnames.
- DNS Response Policy Zones (RPZs)
- Enable you to execute administrator-defined policy action to help disrupt malware communications and reduce exposure to data exfiltration
- Threat intelligence feed
- Updates RPZ policy with observed and verified malicious hostnames and keeps data up-to-date for timely protection
- Infoblox threat insight
- Updates DNS Firewall RPZ policy with domains associated with DNS-based data exfiltration attempts
- Infoblox security portal
- Cloud-based threat lookup tool provides clear and actionable data: threat severity level, confidence level, active/inactive threat, etc.
- Infoblox reporting and analytics
- Provides reporting and analytics on top RPZ hits, attempted device communications to malicious destinations, device details, and user, to help accelerate remediation efforts.
Get in touch with us todayReady to talk?
Are you looking for pricing details, technical information, support or a custom quote? Our team of experts is ready to assist you.
NAC Mist AI
Juniper Networks enhances user experience with cloud-based NAC and Mist AI-ChatGPT integration
Discover Juniper Networks' cloud-based NAC solution driven by Mist AI and the integration of ChatGPT, enhancing user support and AI-driven networking strategy.
NAC Mist AI
NAC is back and better than ever!
Juniper has expanded its Mist AI-driven enterprise portfolio, with Juniper Mist Access Assurance. It's a cloud-based NAC service that enables enterprises to easily enforce a Zero Trust security model without the challenges associated with on-premises NAC.
Jeff Aaron from Juniper Networks
Microsoft 365 Vectra
Securing Microsoft M365 and Azure Active Directory
Vectra Detect for Office 365 and Azure AD solutions dramatically improve visibility into M365 and Azure AD to detect attackers and act before it becomes a major security incident.