Visibility is the first step in any cybersecurity strategy. Before you can lock down your network, you have to know what’s on it.
This is the basic concept behind the new integration of Axonius asset management software with DNS management tools from BlueCat. Working together, these two platforms provide a new level of visibility into network devices, allowing IT managers and cybersecurity professionals to assess cyber risk, mitigate security gaps, and ensure compliance with security best practices.
Cybersecurity Asset Management From Axonius
Axonius is a cybersecurity asset management platform that gives customers three things:
- A credible, comprehensive asset inventory
- An understanding of security coverage gaps
- Automated security policy validation and enforcement
The Axonius product simply connects to the security and management systems that its customers already use and requires no additional agents. Customers simply choose the solutions they use, provide credentials, and the system starts collecting and correlating information about assets and users.
Integrating cybersecurity asset management and DNS
Here’s how the integration works: Axonius already integrates with over 100 network tools to provide unprecedented visibility into the activity of “managed” devices – devices where a software agent is installed to run security checks, install patches, and manage performance. BlueCat uses Domain Name System (DNS) data to feed Axonius information on “unmanaged” devices such as IoT sensors, mobile phones, and other connected hardware which may not otherwise appear on an asset inventory. This integration creates a comprehensive security and management solution, ensuring there are no asset blindspots in your organization.
There are several reasons why these unmanaged devices might not be recognized by other software. Sometimes they have a transitory place on the network which makes consistent identification difficult. Often, they lack the capacity to install and run on-device agents. What they all have in common, however, is the need to communicate with the network. That’s where DNS comes in.
With centralized management of DNS infrastructure through BlueCat, every device which interacts with the network – managed or unmanaged – can be identified. Pushing this DNS information into the Axonius console is a security solution allowing IT administrators to harden the endpoint security of their organization by discovering and managing every device which connects to the network.
This helps cybersecurity administrators and Security Operations teams apply security policies to every device on the network – not just the devices they happen to manage directly. Using DNS records from BlueCat to identify out-of-policy devices, Axonius allows administrators to run automated security controls on those devices.
The integration allows administrators to run an Axonius-based search against DNS data on a regular schedule, ensuring a consistent approach to device security which matches the cadence of the cybersecurity team. The integration can also be deployed manually at any time, creating an instant device audit for the entire network.
Case Study: Finding Unmanaged IoT Devices
Here’s one quick example of how this integration can enhance your security posture. A customer recently tried it out, and discovered a previously unknown device on the network. This was an unmanaged device that was transmitting data on the company’s servers, but was not registered as a corporate asset. It turned out to be an IoT device – a smart plug which a network administrator (!) had started using without authorization. The device was located and disconnected immediately.
DNS proved to be the critical component in the discovery process. Since the device wasn’t operating with an assigned IP address or using the standard security agents commonly used in large enterprises, it operated under the radar of IT administrators. The only “signature” it offered was its use of DNS to communicate with the network and utilize the company’s infrastructure to search for product updates. Since these same channels could be used for malicious purposes, the decision was quickly made to pull the plug – literally.
Watch this demo to learn more about the power of the BlueCat and Axonius Integration Visibility solution for asset management.
Flailing in the cloud?
Seven in 10 enterprises struggle to realize the full value of their cloud investments. New research by Enterprise Management Associates explains why and how to change that.
DNS sinkhole: A tool to help thwart cyberattacks
A DNS sinkhole supplies a false domain name in response to a DNS query, preventing connections to malicious or unwanted domains. Learn more with BlueCat.
Four major DNS attack types and how to mitigate them
In a DNS attack, DNS is compromised or used as a vector. Learn about the different attack types and how to prevent, detect, and mitigate them with BlueCat.
Our analysis: Gartner’s DNS security best practices
BlueCat has long known what Gartner now says: Your network needs DNS security. Learn how DNS data logs, threat feeds, and setting policies can help.
Now customize all response codes in DNS Edge
The ability to customize all DNS response codes for BlueCat DNS Edge namespaces conditional forwarding provides even more network resilience. Learn more.