DNS: A Security Differentiator for System Integrators

At BlueCat’s first annual System Integrator Summit, companies in the Federal system integrator and partner community met to learn more about the strong value of DNS security in government customers and contracts.

At BlueCat’s first annual System Integrator Summit, companies in the Federal system integrator and partner community met to learn more about the strong value of DNS security in government customers and contracts.

Cyber security is one of the few things that everyone in Washington can agree on; so a client-facing DNS security system offers an intriguing value proposition for integrators looking to differentiate their offering – an increasingly vexing problem as Federal IT contracts grow in size and scope.

Federal cyber security resources are usually concentrated on the network perimeter. For most forms of cyber defense, this approach makes sense. By preventing intrusions at the boundary, agencies can protect the valuable information that lies within. The EINSTEIN program, run by DHS as a basic security filter for all Federal networks, is a prime example of this tactic.

Yet when it comes to DNS, there is a better way. When placed on the network perimeter, DNS filters and firewalls have limited value. Since most internet traffic is resolved locally through caches on recursive servers, a perimeter-based DNS security system will only capture a fraction of malicious activity. That recursive layer also obscures the source of DNS traffic, making it difficult to link activity to a specific client.

Only client-facing DNS security systems capture 100 percent of query traffic and attribute it to its source. Since Snowden, Wikileaks, and other insiders, Federal security officials and forensic investigators are increasingly aware of the need to definitively link malicious activity to users. Client-facing DNS security systems provide this capability. For Federal system integrators, that is a key differentiator.

At the BlueCat summit, we heard from a former DOD Assistant Secretary, Rear Admiral Tom Atkin, about stronger policy for effective (and unique) forms of cyber security. With increased pressure to secure networks and data, system integrators face new operational requirements to offer innovative security solutions.

As a core network service, DNS is often overlooked as a potential security asset. In the search for new ways to bring cyber security solutions to Federal customers, system integrators should consider the role of DNS as a defender of networks.

 


Published in:


An avatar of the author

BlueCat provides core services and solutions that help our customers and their teams deliver change-ready networks. With BlueCat, organizations can build reliable, secure, and agile mission-critical networks that can support transformation initiatives such as cloud adoption and automation. BlueCat’s growing portfolio includes services and solutions for automated and unified DDI management, network security, multicloud management, and network observability and health.

Related content

Banner announcing BlueCat's acquisition of LiveAction, displaying both logos and the phrase "We're about to get bigger."

BlueCat acquires LiveAction to drive network modernization and optimization

BlueCat’s acquisition of LiveAction will allow customers to expand their view beyond DNS and dive deeper into the health of their network.

Read more

Simplify NIS2 compliance with DNS management

Learn whether the EU’s NIS2 requirements apply to your organization and about how DNS management and BlueCat can boost your path to compliance.

Read more

Detect anomalies and CVE risks with Infrastructure Assurance 8.4 

The Infrastructure Assurance 8.4 release features an anomaly detection engine for outliers and a CVE analysis engine to uncover device vulnerabilities.

Read more

Get fast, resilient, and flexible DDI management with Integrity 9.6

With Integrity 9.6, network admins can get support for new DNS record types, architect and configure multi-primary DNS, and automate IP assignments.

Read more

BlueCat has acquired LiveAction

It’s official! BlueCat has acquired LiveAction’s network observability and intelligence platform, which helps large enterprises optimize the performance, resiliency, and security of their networks.