Infoblox is leveraging our market-leading DNS technologies into the industry’s first true DNS security solution. The Infoblox DNS Firewall protects against advanced persistent threats (APTs) and malware by disrupting the ability of infected devices to communicate with command-and-control (C&C) sites and botnets, so that information is not exfiltrated.
Ready to learn more? We are happy to help you.
DNS Firewall is a purpose-built software application based on Response Policy Zone (RPZ) for use on Infoblox DNS servers. It interprets DNS responses, leverages threat intelligence on known malicious destinations, and instantly takes action based on RPZ policy, effectively preventing devices from becoming infected due to APTs and malware.
Through the power of the Infoblox Grid™, DNS Firewall continually shares information on DNS attempts to communicate with malicious destinations, and on responses from them, with an Infoblox Trinzic Reporting Server. Based on integration with Infoblox DHCP, which enables device fingerprinting, the Reporting Server provides information on devices that were blocked from communicating with malicious destinations, including device IP address, device MAC address, device type, and device host name. Reports can be created with a view of the top threats, top bad domain connection attempts, infected devices, and more to help your IT security team prioritize and quickly take action.
DNS Firewall helps make sure that threat intelligence stays current with the evolving threat landscape through an automated, malware-feed-based threat-update service. Data is refreshed every two hours (or more often for a significant threat) to reflect newly discovered malicious domains and IP addresses.