DNS Firewall | DDI (Secure DNS, DHCP, and IPAM) | Infoblox
Select Page

SAFEGUARD YOUR NETWORK FROM MALWARE

Detect and Mitigate Malware That Uses DNS to Communicate with Command and Control Servers (C&C) and Botnets

SAFEGUARD YOUR NETWORK FROM MALWARE

Detect and Mitigate Malware That Uses DNS to Communicate with Command and Control Servers (C&C) and Botnets

“If you’re responsible for safeguarding your network and you’re not using Infoblox DNS Firewall, you’re not doing your job.”

Matthew Frederickson, director of IT, Council Rock School District

Proactively Detect and Automatically Contain Malware That Targets DNS

These days, BYOD is the norm. Mobile devices from inside and outside your network are continuously crossing mixed physical and cloud infrastructure whose security may not always be under your control. As a result, your network is being constantly exposed to malware threats. And DNS is their main pathway. More than 90 percent of malware uses DNS to communicate with command and control servers, steal data, or redirect traffic to malicious sites. Existing security controls and perimeter defenses are not designed to prevent, isolate, and remediate DNS-based malware threats.

With Infoblox DNS Firewall you gain proactive network protection against fast-evolving, elusive malware threats that exploit DNS to communicate with command and control (C&C) servers and botnets.

With Infoblox DNS Firewall, your security teams can:

  • Automatically prevent compromised devices, connected to hybrid infrastructure, from attempting outbound connections with C&C sites via DNS
  • Automatically prevent data exfiltration via DNS using Infoblox Threat Insight
  • Accelerate remediation by automatically sharing actionable network intelligence and threat data in real time with your security ecosystem
  • Adapt to evolving threats with continuously updated and curated threat intelligence

Detect Malware Before It Causes Damage

With Infoblox DNS Firewall, you can continuously monitor malware threats in real time based on machine-readable threat intelligence. Working in conjunction with Infoblox DHCP fingerprinting, IPAM, and Identity Mapping, it helps you rapidly pinpoint compromised devices, isolating them and preventing DNS communications with malicious C&C servers and botnets.

Detect Malware Before It Causes Damage

Detect Malware Before It Causes Damage

Detect Malware Before It Causes Damage

With Infoblox DNS Firewall, you can continuously monitor malware threats in real time based on machine-readable threat intelligence. Working in conjunction with Infoblox DHCP fingerprinting, IPAM, and Identity Mapping, it helps you rapidly pinpoint compromised devices, isolating them and preventing DNS communications with malicious C&C servers and botnets.

Automatically Contain Malware

Automate Malware Containment

Automatically disrupt device communications with detrimental Internet destinations by using Infoblox Threat Intelligence Feed of regularly updated malicious destinations (hostnames, domains, IPs). Stop data exfiltration through DNS by using Infoblox Threat Insight, a unique streaming analytics based solution, to identify devices communicating with domains associated with data exfiltration and use a DNS Firewall Response Policy Zone (RPZ) blacklist to block any communication to them. Remediate devices rapidly by having DNS Firewall seamlessly share early indicators of compromise in real time with advanced threat detection, threat intelligence platforms, endpoint security, NAC, and SIEM technologies.

Automatically Adapt to Evolving Threats

Stay safe from malware, even as it continues to evolve. Infoblox DNS Firewall draws on the regularly updated and actionable Infoblox Threat Intelligence Feed to accurately detect the latest malevolent Internet destinations such as hostnames.

Continuously Adapt to Evolving Threats without Manual Intervention
Continuously Adapt to Evolving Threats without Manual Intervention

Automatically Adapt to Evolving Threats

Stay safe from malware, even as it continues to evolve. Infoblox DNS Firewall draws on the regularly updated and actionable Infoblox Threat Intelligence Feed to accurately detect the latest malevolent Internet destinations such as hostnames.

THE INFOBLOX DIFFERENCE

With Infoblox, you get the only DNS, IPAM, and DHCP (DDI) platform that offers malware protection without requiring endpoint agents. It uniquely enables automated threat response based on our actionable Threat Intelligence Feed and on out-of-the-box integration with cybersecurity ecosystem solutions from FireEye, Cisco, and Carbon Black.

THE INFOBLOX DIFFERENCE

With Infoblox, you get the only DNS, IPAM, and DHCP (DDI) platform that offers malware protection without requiring endpoint agents. It uniquely enables automated threat response based on our actionable Threat Intelligence Feed and on out-of-the-box integration with cybersecurity ecosystem solutions from FireEye, Cisco, and Carbon Black.

KEY FEATURES

DNS Response Policy Zones (RPZs)

Enable you to execute administrator-defined policy action to help disrupt malware communications and reduce exposure to data exfiltration

Threat Intelligence Feed

Updates RPZ policy with observed and verified malicious hostnames and keeps data up-to-date for timely protection

Infoblox Threat Insight

Updates DNS Firewall RPZ policy with domains associated with DNS-based data exfiltration attempts

Infoblox Security Portal

Cloud-based threat lookup tool provides clear and actionable data: threat severity level, confidence level, active/inactive threat, etc.

Infoblox Reporting and Analytics

Provides reporting and analytics on top RPZ hits, attempted device communications to malicious destinations, device details, and user, to help accelerate remediation efforts

KEY FEATURES

DNS Response Policy Zones (RPZs)

Enable you to execute administrator-defined policy action to help disrupt malware communications and reduce exposure to data exfiltration

Threat Intelligence Feed

Updates RPZ policy with observed and verified malicious hostnames and keeps data up-to-date for timely protection

Infoblox Threat Insight

Updates DNS Firewall RPZ policy with domains associated with DNS-based data exfiltration attempts

Infoblox Security Portal

Cloud-based threat lookup tool provides clear and actionable data: threat severity level, confidence level, active/inactive threat, etc.

Infoblox Reporting and Analytics

Provides reporting and analytics on top RPZ hits, attempted device communications to malicious destinations, device details, and user, to help accelerate remediation efforts

RELEVANT SOLUTIONS

Infrastructure Protection
Maintain availability even under attack

Data Protection and Malware Mitigation
Protect users and data

Threat Containment and Operations
Efficiency & Optimization of Security Operations

Get Your Free Report on Malware in Your Network

[contact-form-7 id="10507" title="Contact form 1"]