Service overview
The Domain Name System (DNS
Domain name system
However, DNS traffic is almost never tracked. Commonly used security solutions such as firewalls, IDPS
Intrusion detection and prevention system
Network traffic analysis
Adversaries often take advantage of this blind spot to steal data, manage malware, and direct users to phishing websites.
Our solution helps IT and security teams control enterprise DNS traffic while ensuring its transparency
20+
widespread attack tools use the DNS protocol (Cobalt Strike, Brute Ratel C4, etc.)
79%
of companies do not monitor their DNS traffic
Capabilities
Cover the blind spot
The solution provides full visibility of your DNS traffic, including DNS over TLS and DNS over HTTPS, and blocks traffic-related threats
Role: application firewall to control DNS queries
Ensure employee safety online
Secure DNS prevents your staff from opening phishing links, accessing malware resources, and breaching corporate security policies
Role: DNS filter
Reduce the SOC workload
DNS events for analysis are reduced by 99.96% with only blocked threats sent to the SIEM
Role: DNS gateway with cleansed data for monitoring
Improve digital stability
Query caching and geobalancing via BGP Anycast eliminates DNS availability issues
Role: recursive resolver with built-in balancing
A DNS server that accepts domain queries from user applications. If the required information is cached, the resolver returns the domain’s IP address to the application. If the information is not cached, the resolver retrieves it from the global DNS nameserver network
How it works
- The Secure DNS recursive resolver receives a query from your infrastructure
- The recursive resolver analyzes whether the query is legitimate
- If the query is legitimate, the user is redirected to the requested resource. Otherwise, the query is flagged as malicious and blocked
Advantages
Detection of advanced attacks
The solution identifies threats that are not visible to other network security solutions: cache poisoning, DNS tunneling, etc.
A method of concealing data and commands from monitoring systems when transmitting data through a DNS protocol
Use of cyber intelligence
Information from the Threat Intelligence portal helps to intercept malicious queries before they even reach the adversary’s infrastructure
Advanced analytics
Detailed DNS traffic data helps companies of all sizes address IT and cybersecurity tasks
Various deployment options
You can choose the option best suited for your needs: cloud, on-prem, or hybrid
Quick connection
The cloud option can be connected in several minutes, the hybrid option takes as little as one day
You might also need
EDR
Advanced endpoint threat detection and response
Secure SD‑WAN
Secure network transformation platform
CESP
Comprehensive expert managed email security
WAF
Expert managed web application firewall
