Infoblox has won the IT Central Station 2021 Peer Award for peer reviews of our DNS product capabilities. IT Central Station determines Peer Awards by assessing reviews written by real users. The IT Central Station validation process for these reviews uses multiple authentication phases to ensure that the reviews are 100% authentic. This validation includes a review of LinkedIn profiles, community, and additional human oversight as required.
Anatomy of The Infoblox Win
The IT Central Station’s 2021 Peer Awards are based on an annual average of IT Central Station’s ranking algorithm. The total ranking of a product is based on a weighted aggregate score. The score is calculated by assessing points assigned to reviews, views, and comparisons. The product with the highest count in each ranking factor gets a maximum of 18 points. Likewise, if a product has 80% of the number of reviews compared to the product with the most reviews, the product’s points for reviews would be 18 * 80%. Reviews that are more than 24 months old and those written by resellers are completely excluded from the ranking algorithm. All products with 50+ points are designated as a Leader in their category.
Needless to say, as the dust settled, Infoblox DNS security emerged victoriously. You can learn more about the Peer Awards Criteria here.
DNS is Central to the Cyberattack Kill Chain
DNS is an absolutely critical part of the attacker kill chain. Much of the time, cyber attackers penetrate your networks with malware, which, in turn, reach back to command and control locations. DNS is frequently used for malware infiltration and data exfiltration because it is ubiquitous in networks and is a perfect backdoor. DNS security remains the earliest opportunity for detecting and blocking this malicious activity early in the attack cycle.
Cyberattackers may have stolen credentials in some instances but are accessing networks and applications from IP addresses never used by properly authenticated users. Most of these malicious domains can be best detected by DNS security machine learning algorithms because these addresses may have been created only hours before they are used as part of an attack on your institution. Security technologies such as next-gen firewalls, IPS, and gateways generally do not have visibility into DNS for detecting malicious communications and are unable to prevent specific DNS attacks such as leveraging DNS for data exfiltration. Only comprehensive DNS security can detect the subtleties of newly created malicious addresses and domains.
DNS Security Steps Up
Given increased visibility and understanding of DNS-based breaches, it is no surprise that DNS security has also stepped up in prioritization across the enterprise security stack. As your organization reviews and assesses your security controls and goes through a tool rationalization process, they find that the DNS protection they have is generally inadequate or nonexistent.
DNS security will identify communications to dangerous and malicious hostnames, domains, IP addresses, and more. DNS security should also use behavioral analytics and machine learning on real-time DNS queries. Machine learning enables you to detect and stop domain generation algorithms (DGA), zero-day DNS tunneling, data exfiltration, Lookalike domains, Fast Flux attacks, and more.
In terms of visibility, DNS security leverages DDI data (DNS, DHCP, and IPAM-IP Address Management) which contains invaluable information about device activity, type of device, location in the network, who it is assigned to, lease history, and more. This enables defenders and your SOC team to utilize this data to reduce attack investigation time and more rapidly identify and mitigate threats.
DNS security’s natural evolution should provide for the real-time integration of IPAM data with your SIEM and SOAR infrastructure platforms. This will, in turn, provide additional reductions in the time for threat detection and the faster execution of automation incident response. These time savings can be the difference between a disastrous breach and a security event that is resolved on a routine basis.
BloxOne Threat Defense Improves DNS Security Posture
BloxOne Threat Defense uses the power of behavior analytics combined with high-quality threat intelligence to detect and block phishing, exploits, ransomware, and other malware. Infoblox DNS servers also have Advanced DNS Protection installed that provides in-built protection against the widest range of DNS DDoS attack vectors.
Learn more about how our award-winning DNS security can prevent data exfiltration here:
Learn more about our award-winning DNS security here: