Visibility is the first step in any cybersecurity strategy. Before you can lock down your network, you have to know what’s on it.
This is the basic concept behind the new integration of Axonius asset management software with DNS management tools from BlueCat. Working together, these two platforms provide a new level of visibility into network devices, allowing IT managers and cybersecurity professionals to assess cyber risk, mitigate security gaps, and ensure compliance with security best practices.
Cybersecurity Asset Management From Axonius
Axonius is a cybersecurity asset management platform that gives customers three things:
- A credible, comprehensive asset inventory
- An understanding of security coverage gaps
- Automated security policy validation and enforcement
The Axonius product simply connects to the security and management systems that its customers already use and requires no additional agents. Customers simply choose the solutions they use, provide credentials, and the system starts collecting and correlating information about assets and users.
Integrating cybersecurity asset management and DNS
Here’s how the integration works: Axonius already integrates with over 100 network tools to provide unprecedented visibility into the activity of “managed” devices – devices where a software agent is installed to run security checks, install patches, and manage performance. BlueCat uses Domain Name System (DNS) data to feed Axonius information on “unmanaged” devices such as IoT sensors, mobile phones, and other connected hardware which may not otherwise appear on an asset inventory. This integration creates a comprehensive security and management solution, ensuring there are no asset blindspots in your organization.
There are several reasons why these unmanaged devices might not be recognized by other software. Sometimes they have a transitory place on the network which makes consistent identification difficult. Often, they lack the capacity to install and run on-device agents. What they all have in common, however, is the need to communicate with the network. That’s where DNS comes in.
With centralized management of DNS infrastructure through BlueCat, every device which interacts with the network – managed or unmanaged – can be identified. Pushing this DNS information into the Axonius console is a security solution allowing IT administrators to harden the endpoint security of their organization by discovering and managing every device which connects to the network.
This helps cybersecurity administrators and Security Operations teams apply security policies to every device on the network – not just the devices they happen to manage directly. Using DNS records from BlueCat to identify out-of-policy devices, Axonius allows administrators to run automated security controls on those devices.
The integration allows administrators to run an Axonius-based search against DNS data on a regular schedule, ensuring a consistent approach to device security which matches the cadence of the cybersecurity team. The integration can also be deployed manually at any time, creating an instant device audit for the entire network.
Case Study: Finding Unmanaged IoT Devices
Here’s one quick example of how this integration can enhance your security posture. A customer recently tried it out, and discovered a previously unknown device on the network. This was an unmanaged device that was transmitting data on the company’s servers, but was not registered as a corporate asset. It turned out to be an IoT device – a smart plug which a network administrator (!) had started using without authorization. The device was located and disconnected immediately.
DNS proved to be the critical component in the discovery process. Since the device wasn’t operating with an assigned IP address or using the standard security agents commonly used in large enterprises, it operated under the radar of IT administrators. The only “signature” it offered was its use of DNS to communicate with the network and utilize the company’s infrastructure to search for product updates. Since these same channels could be used for malicious purposes, the decision was quickly made to pull the plug – literally.
Watch this demo to learn more about the power of the BlueCat and Axonius Integration Visibility solution for asset management.
Critical conversations on critical infrastructure
Find out how your peers are managing their networks through profound change. Watch this series of live interactive discussions with IT pros & join the debate in Slack.
SUNBURST/Solorigate Situation Briefing
BlueCat leaders discuss how the malware attack via SolarWind’s Orion platform exploited DNS and how BlueCat Edge could have helped to detect it.
React faster at the wire with BlueCat and ExtraHop
With the BlueCat ExtraHop Plugin, automatically create missing PTR records, and detect and react to security threats before they reach DNS servers.
Yes, IT should see what developers do in the cloud
Errors and outages occur when admins lack visibility into DNS and IP allocation in the cloud. With Bluecat, central DDI visibility is within reach.
Cloud DNS: Benefits and obstacles for hybrid networks
Unsure about cloud DNS services and hybrid-cloud enterprises? Learn more with BlueCat, including why it isn’t so simple for managing networks.