BlueCat and Axonius Provide a New Level of Visibility into Network Devices and Activity

BlueCat and Axonius have teamed up to provide visibility into network devices which can only be detected through DNS traffic.

Visibility is the first step in any cybersecurity strategy.  Before you can lock down your network, you have to know what’s on it.

This is the basic concept behind the new integration of Axonius asset management software with DNS management tools from BlueCat.  Working together, these two platforms provide a new level of visibility into network devices, allowing IT managers and cybersecurity professionals to assess cyber risk, mitigate security gaps, and ensure compliance with security best practices.

Cybersecurity Asset Management From Axonius

Axonius is a cybersecurity asset management platform that gives customers three things:

  1. A credible, comprehensive asset inventory
  2. An understanding of security coverage gaps
  3. Automated security policy validation and enforcement

The Axonius product simply connects to the security and management systems that its customers already use and requires no additional agents. Customers simply choose the solutions they use, provide credentials, and the system starts collecting and correlating information about assets and users.

Integrating cybersecurity asset management and DNS

Here’s how the integration works:  Axonius already integrates with over 100 network tools to provide unprecedented visibility into the activity of “managed” devices – devices where a software agent is installed to run security checks, install patches, and manage performance.  BlueCat uses Domain Name System (DNS) data to feed Axonius information on “unmanaged” devices such as IoT sensors, mobile phones, and other connected hardware which may not otherwise appear on an asset inventory. This integration creates a comprehensive security and management solution, ensuring there are no asset blindspots in your organization.

There are several reasons why these unmanaged devices might not be recognized by other software.  Sometimes they have a transitory place on the network which makes consistent identification difficult.  Often, they lack the capacity to install and run on-device agents.  What they all have in common, however, is the need to communicate with the network.  That’s where DNS comes in.

With centralized management of DNS infrastructure through BlueCat, every device which interacts with the network – managed or unmanaged – can be identified.  Pushing this DNS information into the Axonius console is a security solution allowing IT administrators to harden the endpoint security of their organization by discovering and managing every device which connects to the network.

This helps cybersecurity administrators and Security Operations teams apply security policies to every device on the network – not just the devices they happen to manage directly.  Using DNS records from BlueCat to identify out-of-policy devices, Axonius allows administrators to run automated security controls on those devices.

The integration allows administrators to run an Axonius-based search against DNS data on a regular schedule, ensuring a consistent approach to device security which matches the cadence of the cybersecurity team.  The integration can also be deployed manually at any time, creating an instant device audit for the entire network.

Case Study:  Finding Unmanaged IoT Devices

Here’s one quick example of how this integration can enhance your security posture.  A customer recently tried it out, and discovered a previously unknown device on the network.  This was an unmanaged device that was transmitting data on the company’s servers, but was not registered as a corporate asset.  It turned out to be an IoT device – a smart plug which a network administrator (!) had started using without authorization.  The device was located and disconnected immediately.

DNS proved to be the critical component in the discovery process.  Since the device wasn’t operating with an assigned IP address or using the standard security agents commonly used in large enterprises, it operated under the radar of IT administrators.  The only “signature” it offered was its use of DNS to communicate with the network and utilize the company’s infrastructure to search for product updates.  Since these same channels could be used for malicious purposes, the decision was quickly made to pull the plug – literally.

Watch this demo to learn more about the power of the BlueCat and Axonius Integration Visibility solution for asset management.


Published in:


An avatar of the author

BlueCat provides core services and solutions that help our customers and their teams deliver change-ready networks. With BlueCat, organizations can build reliable, secure, and agile mission-critical networks that can support transformation initiatives such as cloud adoption and automation. BlueCat’s growing portfolio includes services and solutions for automated and unified DDI management, network security, multicloud management, and network observability and health.

Related content

Micetro 11.1 boosts DHCP management for Cisco Meraki SD-WAN

Learn how BlueCat Micetro 11.1 can help you overcome the limitations of Cisco Meraki SD-WAN devices to manage your distributed DHCP architecture.

Read more
Banner announcing BlueCat's acquisition of LiveAction, displaying both logos and the phrase "We're about to get bigger."

BlueCat acquires LiveAction to drive network modernization and optimization

BlueCat’s acquisition of LiveAction will allow customers to expand their view beyond DNS and dive deeper into the health of their network.

Read more

Simplify NIS2 compliance with DNS management

Learn whether the EU’s NIS2 requirements apply to your organization and about how DNS management and BlueCat can boost your path to compliance.

Read more

Detect anomalies and CVE risks with Infrastructure Assurance 8.4 

The Infrastructure Assurance 8.4 release features an anomaly detection engine for outliers and a CVE analysis engine to uncover device vulnerabilities.

Read more

Unlock the secrets to modernizing your IT network! Join our webinar on January 23 to learn how self-service DNS and DHCP can help you solve the cloud puzzle.