The British are coming again to North America, but instead of invading with troops or bands they’re bringing a DNS threat detection appliance.
Nominet, which manages the .uk domain in the United Kingdom, announced today it has opened an office in Washington, D.C. to sell its Nominet NTX threat monitoring platform for large organizations in North America.
It is also looking for channel partners in Canada and the U.S.
With a well-stocked balance sheet the company figured it was a good time to cross the Atlantic, company CEO Russell Haworth said in an interview. He also said that few companies scrutinize their DNS traffic rigorously enough to catch potential threats.
“There is obviously a blind spot when it comes to malware,” he said“It’s still found lurking on networks undetected, with CISOs and staffers not being aware of its presence, and by the time it’s exposed the damage has been done. That’s why Nominet NTX offers such critical security at the DNS level—it not only finds problems, but it blocks them proactively, and gives security teams vital intelligence to take further action.”
Nominet NTX is sold as an on-premise software that runs on Linux or as a software-as-a-service. Strictly aimed at enterprises — with a price “north of US$1 million a year” for one version — it is designed to scoop up and analyze large amounts of network data.
After compressing DNS traffic the software is capable of deep packet inspection of 5 billion DSN (domain name service) queries and blocking millions of suspicious packets a month.
“We think there’s a real opportunity to leverage the product into both enterprises, ISPs and government departments.”
“DNS is an attack surface,” Haworth noted. Organizations that have significant DNS traffic need that infrastructure protected.
The company sells two versions: NTX Secure, for organizations that want to manage their own DNS traffic; and NTX Protect, which would run around US$50,000 a month depending on options.
The threat intelligence from analysis can be forwarded through APIs to a security information and event management (SIEM) suite.
While Nominet sells direct it is also looking for channel partners, which Haworth said will account for “the lion’s share” of sales. Preferred partners will have an enterprise or government focused business.
As for its interest in Canada, he said “it’s a market we’re keen to get in a reasonably sizeable way. The key will be to get good resellers and distributors. It’s on the roadmap. It would be an overstretch to say we’ll have boots on the ground within the next year, but the idea is to get real traction [to begin] in the U.S.”
“The market is noisy, with lots of competitors,” Haworth admitted. But NTX is different because of the way it ingests and analyzes DNS files.
DNS attacks have been increasing, with reports from Cisco Systems, FireEye and Crowdstrike warning of new campaigns siphoning huge volumes of email passwords and other sensitive data by temporarily capturing network traffic.