DNS Security in Six Star Wars Memes

BlueCat

June 22, 2018

Bib Fortuna tells Luke “I will take you to Jabba now”

DNS is a chump.  It knows deep down that it shouldn’t connect you with that malicious website.  It wants to tell you that the link you’re clicking actually resolves to Siberia, not Peoria.  But DNS just can’t help it.  It follows orders.  It’s “weak minded” and goes exactly where you tell it to go.

 

Unfortunately, naïve resolution of DNS queries often leads to severe cybersecurity vulnerabilities.  Cybercriminals know how to exploit DNS to achieve their ends – 91% of all cyberattacks use DNS.  With the power of automation, domain generation algorithms make the realm of DNS-based cyber criminality that much more powerful.  DNS tunneling, while often used for legitimate purposes, is just as often used for the dark side.

Admiral Akbar says “It’s a trap!”

 

Lando says “This deal keeps getting worse all the time”

Most network administrators don’t see DNS as a potential security weakness – it’s just sitting there, resolving queries in the background.  Yet un-monitored, un-secured DNS can bring an entire network down.  Boundary-level DNS security is a good start, but even that cedes internal DNS queries to malicious actors, allowing them to locate and exfiltrate critical records in ways that boundary-level DNS protections will never identify.  Only a DNS-based security system which touches the entire network will prevent and/or contain security breaches.

DNS-based security brings intelligence to what would otherwise be a naïve system.  Instead of resolving to any domain, DNS-based security asks common sense questions before pushing the query through.  Is this request legitimate?  Is this request going to a blacklisted domain?  Should this single-use IoT device be allowed to connect to critical HR information?  Does the finance server need a connection to SCADA systems?

If the answer to any of these questions triggers an alert or is anomalous in any way, DNS-based security has the power to apply policies which monitor or simply block the query. 

Jabba says “Your Jedi mind tricks won’t work on me, boy”

 

Vader says “That name no longer has any meaning for me”

Applying intelligence to DNS queries not only voids the naïve resolution problem, it makes DNS an active participant in cybersecurity.  Since every client and server uses DNS to communicate, applying intelligence to that communication protocol is a big step toward securing the entire network.  Malicious actors rely on the fact that most network administrators take DNS for granted, using it to expand their footprint undetected.  Secured DNS prevents this from happening, cutting off vital exploitation vectors in real time.

 

BlueCat is pioneering new approaches to DNS-based security.  Our sole focus on DNS means that we know a thing or two about how this vital asset can be used to lock down the network.  We think that our DNS Edge product is pretty special, since it applies all of the intelligence of DNS-based security at the client level.  We invite you to learn more about DNS Edge here.

Vader says “We would be honored…if you would join us”

 


Published in:


An avatar of the author

BlueCat is the Adaptive DNS company. The company’s mission is to help organizations deliver reliable and secure network access from any location and any network environment. To do this, BlueCat re-imagined DNS. The result – Adaptive DNS – is a dynamic, open, secure, scalable, and automated DDI management platform that supports the most challenging digital transformation initiatives, like adoption of hybrid cloud and rapid application development.

Related content

Detect anomalies and CVE risks with Infrastructure Assurance 8.4 

The Infrastructure Assurance 8.4 release features an anomaly detection engine for outliers and a CVE analysis engine to uncover device vulnerabilities.

Read more

Get fast, resilient, and flexible DDI management with Integrity 9.6

With Integrity 9.6, network admins can get support for new DNS record types, architect and configure multi-primary DNS, and automate IP assignments.

Read more

Deepen your security insight with Infrastructure Assurance 8.3

BlueCat Infrastructure Assurance 8.3, with an enhanced analytics dashboard, including interactive widgets and top 10 alerts, is now available.

Read more

Security, automation, cloud integration keys to DDI solution success

Only 40% of enterprises believe they are fully successful with their DDI solution. Learn how to find greater success with new research from EMA and BlueCat.

Read more

Our commitment to Micetro customers and product investment

From CEO Stephen Devito, a word on BlueCat’s ongoing commitment to supporting Micetro customers and Micetro’s evolution as a network management tool.

Read more

Seven reasons to rethink firewall monitoring and boost automation 

With BlueCat Infrastructure Assurance, you can better protect your network with automated alerts and suggested remedies for hidden issues in your firewalls.

Read more