DNS Based Security Protection
Protection of end user devices and data are one of the most important topics that IT departments deal with on a regular basis. There are a huge number of applications available to analyze, detect, and protect endpoints from many security threats that are growing by the minute. Protection of endpoints needs to occur in a variety of areas, but one that is typically common to both the endpoint, and the exploits that try to attack them, is the Domain Name System (DNS). DNS is the mapping that occurs between a memorable term, such as www.yourwebsite.com, to an IP address, a numeric label assigned to each device connected to a network.
Using a product that monitors and controls DNS on an organization’s networks and endpoints provides a simple, yet effective, manner of protecting users from malicious requests. These types of DNS protections work well in conjunction with security awareness training and more advanced security products.
One example of a DNS based security product is Cisco’s Umbrella service. This service has a roaming client that is installed on a user’s device, protecting the user while roaming off the corporate networks. All requests for DNS traffic – which is how the majority of most connection requests begin – first pass through the corporate policy base to allow or deny a connection. These policies track connections and requests, and will automatically deny suspect requests based on rules setup and managed by the administrative staff. Users and applications won’t even notice this is happening.
Users are protected in this simple manner and IT staff can be alerted to issues and run reports to see what is happening on their networks and endpoints. Security is a large integrated system and having a DNS based protection layer improves the odds of mitigating an attack before it’s able to execute its payload. Review all the steps your company is taking to safeguard against attacks and make sure a DNS based security protection is in place.
This blog was written by our Director of Platform Solutions, Kevin Gorski.