The Domain Name System (DNS) is critical network infrastructure; without DNS, the Internet couldn’t function. This universal need for DNS hasn’t escaped the notice of cybercriminals. Indeed, today DNS attacks are one of the fastest-growing threat vectors. This has prompted Infoblox Inc. (NYSE:BLOX), the leader in enterprise-grade to announce enhancements to the Infoblox Advanced DNS Protection solution. These enhancements automatically protect against the widest range of DNS attacks of any product available for enterprise and service provider networks. With Infoblox, organisations can build a secure DNS foundation.
The enhancements include protection against DNS hijacking and rapidly evolving NXDOMAIN-based attacks. These are in addition to the solution’s existing integrated defence against DNS-based DDoS attacks, cache poisoning, malformed queries, tunnelling, and other DNS security threats.
DNS is the address book for every destination on the Internet, translating domain names such as “infoblox.com” into IP addresses such as 18.104.22.168. Without fast and accurate DNS, networks can’t function. However, DNS is difficult to protect because in order for the system to function, DNS servers must be open to everyone on the Internet. Cybercriminals have become aware of this vulnerability and are exploiting DNS to launch distributed denial of service (DDoS) attacks and other malicious threats that aim to either bring down targeted networks or inject malware.
Infoblox Advanced DNS Protection, introduced in December 2013, is the first DNS appliance with integrated security. It delivers protection that is stronger, more intelligent, and more comprehensive than separate external security solutions. The key new features expanding this protection are:
· DNS hijacking. Cybercriminals and hacktivists often redirect Internet traffic from legitimate web sites to spoofed destinations, aiming to steal customer data or spread controversial political views. A new DNS integrity feature in Infoblox Advanced DNS Protection ensures DNS queries are going to legitimate domains rather than malicious ones by checking DNS parent/registrar records for name server changes. This feature is also available in all standard Infoblox DNS appliances running NIOS version 6.11 or above.
· NXDOMAIN attacks. NXDOMAIN-based attacks are a newly emerging threat in which hackers flood a targeted network with numerous requests to resolve non-existent domains. Because it takes longer to confirm that a domain doesn’t exist and send a response than to provide the IP address for an existing domain, NXDOMAIN attacks can significantly slow down and even crash DNS servers. Infoblox Advanced DNS Protection now has multi-layer rules to detect NXDOMAIN attacks and block requests from sites that send out a large number of requests for non-existent domains.
· Infoblox Threat Adapt technology. This unique capability, only available from Infoblox, enables the DNS appliance to automatically morph its protection profiles as DNS configurations change, eliminating error-prone manual processes. Administrators will then know that, as they turn on various services, protection for those services will be automatically invoked. Infoblox customers can also report DNS attacks and, after analysis, Infoblox will give protection for any previously unidentified threats to other authorised Infoblox users.
· Resiliency and high availability. Infoblox Advanced DNS Protection appliances can now be deployed in highly available pairs without the need for any additional software. In the unlikely event one appliance fails, the second appliance automatically takes over and continues to deliver DNS services.
“Infoblox Advanced DNS Protection has been a big hit with our customers,” said Arya Barirani, vice president of product marketing at Infoblox. “We’ve had several organizations call us while under a DNS attack, and thanks to our easy setup and configuration, we were able to implement Infoblox Advanced DNS Protection to quickly restore normal operations.
“The Infoblox approach of intelligently detecting and mitigating DNS threats is unique and becomes even more powerful with the enhancements we’re announcing,” Barirani continued. “DNS solutions that indiscriminately respond to every query and rely only on computing horsepower to withstand attacks fall short in protecting against today’s more complex threats.”
Pricing and Availability
The Infoblox Advanced DNS Protection solution—consisting of the Infoblox Advanced Appliance and the Infoblox Advanced DNS Protection Service—is available now. Pricing is available from Infoblox sales representatives and channel partners. For more information, please visit http://www.infoblox.com/products/infrastructure-security/advanced-dns-protection.
Infoblox (NYSE:BLOX) delivers network control solutions, the fundamental technology that connects end users, devices, and networks. These solutions enable approximately 7,500 enterprises and service providers to transform, secure, and scale complex networks. Infoblox helps take the burden of complex network control out of human hands, reduce costs, and increase security, accuracy, and uptime. Infoblox is headquartered in Santa Clara, California, and has operations in over 25 countries.