Infoblox

The Infoblox Solution 

• Infoblox’s DNS security portfolio consists of Infoblox External DNS Security, which shields networks from cyberattacks; Internal DNS Security, which protects internal servers from attacks, APTs, malware, and data exfiltration, Infoblox DNS Firewall, which blocks APT and malware communication from within the network; and the DNS Firewall – FireEye Adapter, which leverages APT protection from Infoblox partner FireEye. Running on purpose-built DNS appliances, these solutions effectively protect both your external and internal DNS infrastructure. 
• Unlike the products of other DNS vendors, our solution has intelligent detection and mitigation built in to automatically address DNS attacks and DNS queries to malicious destinations. In addition, it leverages continual, automatic updates to protect against new and evolving attacks and emerging malicious domains and networks. Infoblox is the first and only vendor to offer this level of security using DNS appliances.

Built-in Protection for Your DNS Infrastructure 

• If your external Domain Name System (DNS) server goes down, your entire network is shut off from the Internet, so your business depends on having DNS servers that continue to respond to queries even when they are under attack. Neustar’s annual DDoS report for 2015 estimates an average financial damage of as high as $100,000 per hour of outage. Companies that experience extended service disruptions lose revenue, customers, and brand value. 
• Unfortunately the DNS protocol—and the open-source software and commodity servers most organizations use to manage DNS services—have easily exploited vulnerabilities that defenses such as next-generation firewalls, secure web gateways, and incident detection and prevention systems do little to protect against. The only sure method of securing DNS servers is to build protection into the servers themselves. 

As the leader in DNS, Infoblox has embraced this self-protecting server approach to deliver the most effective solution on the market for protecting your mission-critical DNS services from attack.

Fighting a Battle on Two Fronts 

• Threats can come from the Internet or from within the firewalls, inside an organization’s network. Key DNS threat vectors are—attacks on the DNS infrastructure, APTs and malware that use DNS as a communication path and data exfiltration via DNS. To protect against the loss of trust, possible lawsuits, remediation costs, compliance penalties, and diminished revenue a successful attack can cause, you need to protect DNS servers from both outside-in and inside-out threats.
• To mitigate attacks on external authoritative servers, the servers themselves need to intelligently recognize various attack types and drop the attack traffic without disrupting legitimate queries. 
• To detect DNS attacks that affect internal recursive servers inside the network and cause significant disruption like cache and resource exhaustion and outbound bandwidth congestion, the recursive servers must be able to identify and drop these attacks as well as block traffic to misbehaving domains and servers that are usually set up as part of these attacks. 
• To avoid the theft of customer data and business assets, your servers need to automatically block endpoints/devices within the network from communicating to malicious domains via DNS. 
• To detect data exfiltration via a DNS tunnel or over the DNS queries themselves, the servers need intelligence to detect DNS tunneling occurrences and detect any misuse of DNS queries.