Cyber Security Institute

§ Current Worries

Top 3 Worries

  • Regulations
  • Old Firewall Configurations
  • Security Awareness

§ Listening

For the best information

  • The underground
  • Audible
  • Executive Excellence
  • Music (to keep me sane)

§ Watching

For early warnings

  • 150 Security Websites
  • AP Newsfeeds
  • Vendors

Tuesday, September 30, 2008

Infoblox Unveils “DNS Firewall” to Address DNS Vulnerability Concerns

Infoblox has enhanced its full line of core network services (CNS) appliances that provides DNS security capabilities such as alerting, reporting, and attack mitigation.  These capabilities and automated software update capabilities of Infoblox grid technology can help enterprises thwart current and future DNS vulnerability exploits.

This is a pervasive problem that requires a holistic approach, starting with a ‘best practices’ DNS architecture and including processes and systems to quickly patch production DNS systems when new vulnerabilities and exploits are released… We are committed to providing solutions that not only address today’s threats but that also provide a lasting ability to provide protection as new attacks emerge.”

The Infoblox appliance-based solution provides protection against the DNS exploit and also provides features that will be essential for detecting and thwarting future attacks.  Infoblox’s newest NIOS release, version 4.3r2, includes security features that monitor DNS protocol traffic, provide reports and proactive alerts when an attack is in progress, and a means to automatically mitigate attacks.  Infoblox grid technology patch and upgrade appliances with a single command, in a production network, without incurring DNS service downtime.

Infoblox’s NIOS operating system enable administrators to obtain a detailed view of the devices actually connected to the network; reconciliation makes it easy to align the Infoblox IPAM database with the actual state of the network, providing a means to find lost assets and detect rogue devices.  Further, it allows customers to have multiple instances of the same network address space in a single grid with a common management interface; multiple networks can be viewed and managed simultaneously, without opening and closing different configuration sets.

Posted on 09/30