Bolster defense-in-depth with BlueCat threat feeds

Network security products are only as good as the threat intelligence you feed into them. Here are BlueCat’s threat feed options.

To block malicious network activity, you only need two things.

First, you need a way to filter network traffic through security policies. Second, you need a threat feed to populate those security policies with up-to-date, meaningful intelligence.

Thankfully, network security teams are spoiled for choice on both fronts. There are tons of firewalls and filtering tools out there. Each has a unique way of intercepting malicious traffic on the network. Furthermore, there are also plenty of threat feeds. Each feed identifies malicious activity through different forms of intelligence gathering.

BlueCat believes that a DNS firewall is the most elegant, efficient, and consistent way to deploy security policies on a network.

Using a service point as the “first hop” in any network query allows you to apply security policies to both internal, “east-west” traffic as well as external “north-south” traffic. And you can do so without the use of on-device agents. Since they’re virtual machines, BlueCat’s service points can also be deployed anywhere and everywhere. They can catch traffic in the cloud and the network edge.

However, the mechanism for applying policies is only as good as the intelligence behind those policies. That’s why BlueCat offers a wide variety of threat feed options as well. From best-in-class threat intelligence powered by Crowdstrike to an integration with Cisco Umbrella to custom policies for your specific network, BlueCat has you covered.

Here are some of the options BlueCat offers to increase your defense against advanced threats. All of these are part of our DNS Edge security product.

BlueCat threat feed options

BlueCat threat protection

Threat Protection, BlueCat’s flagship threat feed, is powered by Crowdstrike. The cybersecurity company is the new standard in threat intelligence and a leader in Gartner’s latest Magic Quadrant for endpoint protection. Crowdstrike’s threat intelligence contains over two million high-fidelity domain indicators of compromise, including extensive context for every threat indicator. When you activate the Threat Protection feed in DNS Edge, you can apply different levels of Crowdstrike’s security intelligence to your DNS traffic.

The best part? When you get DNS Edge, Crowdstrike comes as part of the package. There’s no need to purchase a separate license. For more information, check out BlueCat’s Threat Protection datasheet.

Threat intelligence from Cisco Umbrella

Secondly, BlueCat partners with Cisco to offer an integration with its powerful Umbrella product (formerly known as OpenDNS). Through this Cisco Umbrella integration, DNS Edge users gain access to threat intelligence contained in Talos. This feed uses Cisco’s enormous user base to create one of the most comprehensive sources of threat intelligence on the planet.

Other third-party threat feeds

The combination of Crowdstrike and Talos offers comprehensive coverage of known malicious domains. On the other hand, maybe you’ve got another threat feed that you’ve had success with. Or one that contains vertical-specific intelligence. Users who want to supplement BlueCat’s existing threat feed offering can easily plug in any third-party product into DNS Edge using BlueCat’s open API.

Custom policies you create

Finally, with DNS Edge, you can create custom security policies to lock down specific areas of your network or control specific types of activity. For example, you can build a security policy to restrict IoT device access to certain servers only. You can keep employees from finding sensitive data outside their normal purview by blocking DNS queries to servers in other departments. You can block access to inappropriate sites. And you can protect against domain generation algorithms, DNS tunneling, and other malicious activity. It’s as easy as developing a domain list and rolling it out through BlueCat’s easy to use interface.

Custom policies created by BlueCat Professional Services

“I’d love to have all of those sophisticated custom policies,” you might be thinking. “But who has the time to build them?” When your security team is already maxed out on just keeping the lights on, BlueCat Professional Services is there to create the custom policies you need. Professional Services can map out a security policy plan that fits your business needs. And then they can implement it alongside your team. BlueCat’s Stevie award-winning customer service organization has the expertise and insights you need to create the most effective security policies for your business.

Learn more about network security with BlueCat.


An avatar of the author

BlueCat provides core services and solutions that help our customers and their teams deliver change-ready networks. With BlueCat, organizations can build reliable, secure, and agile mission-critical networks that can support transformation initiatives such as cloud adoption and automation. BlueCat’s growing portfolio includes services and solutions for automated and unified DDI management, network security, multicloud management, and network observability and health.

Related content

Simplify NIS2 compliance with DNS management

Learn whether the EU’s NIS2 requirements apply to your organization and about how DNS management and BlueCat can boost your path to compliance.

Read more

Detect anomalies and CVE risks with Infrastructure Assurance 8.4 

The Infrastructure Assurance 8.4 release features an anomaly detection engine for outliers and a CVE analysis engine to uncover device vulnerabilities.

Read more

Get fast, resilient, and flexible DDI management with Integrity 9.6

With Integrity 9.6, network admins can get support for new DNS record types, architect and configure multi-primary DNS, and automate IP assignments.

Read more

Deepen your security insight with Infrastructure Assurance 8.3

BlueCat Infrastructure Assurance 8.3, with an enhanced analytics dashboard, including interactive widgets and top 10 alerts, is now available.

Read more

BlueCat to acquire LiveAction

BlueCat adds LiveAction’s network observability and intelligence platform, which helps large enterprises optimize the performance, resiliency, and security of their networks.