Saturday, May 28, 2022

Canadian vendor ups DNS protection

IT attacks come in waves, with hackers picking up on trends like fashionistas spotting the latest clothes styles.

The latest is going after point of sales devices. Inevitably attackers will find another vulnerability, but for the time being that’s one of the weakest vectors. IT security vendors are jumping to plug the holes.

The latest is Toronto’s BlueCat Networks, which makes IP address management solutions. On Wednesday it released Threat Protection for DNS/DHCP Server, which the company creates a ‘DNS firewall’ that stops malicious activities in domain name servers before they can reach business-critical applications or data.

The software, which protects any device with a DNS address, can be added to existing BlueCat customers’ DNS servers or can be purchased as a stand-alone solution. It can also be integrated with security information and event management solutions including IBM QRadar and HP ArcSight via pre-built connectors.

BlueCat said in a release that Threat Protection leverages core network services to add a new layer of security across all connected devices. It can take action based on up-to-the-minute data about known sources of malicious content through the hosted BlueCat Security Feed.  IT mangers can configure policies to allow threat requests to be blacklisted, black-holed, redirected or whitelisted.

Using DNS Zone Transfer, the DNS server will download security feed data to store locally on the server as a Response Policy Zone, BlueCat says. Updates are then downloaded periodically according to the refresh time of the BlueCat DNS Server Response Policy Zone. When a device attempts to connect to a malicious site, the DNS query occurs before the application request. This query signals the intent to connect and can expose unexpected or unwanted behaviors. Threat Protection can flag the query and log the event. Base on policies set by administrators, the traffic can be held or released.

“The Domain Name System is a critical component of any defense in-depth security strategy,” BlueCat chief technology officer Andrew Werkin said in a statement.  “Threat Protection provides additional value to our customers without having to purchase or maintain additional appliances.”

Would you recommend this article?

Share

Thanks for taking the time to let us know what you think of this article!
We'd love to hear your opinion about this or any other story you read in our publication. Click this link to send me a note →

Jim Love, Chief Content Officer, IT World Canada
Howard Solomon
Howard Solomon
Currently a freelance writer, I'm the former editor of ITWorldCanada.com and Computing Canada. An IT journalist since 1997, I've written for several of ITWC's sister publications including ITBusiness.ca and Computer Dealer News. Before that I was a staff reporter at the Calgary Herald and the Brampton (Ont.) Daily Times. I can be reached at hsolomon [@] soloreporter.com

Related Tech News

Our experienced team of journalists and bloggers bring you engaging in-depth interviews, videos and content targeted to IT professionals and line-of-business executives.