BlueCat is proud to introduce enhancements to BlueCat DNS Edge™ (Edge). The September 2018 release of Edge introduces easier navigation, new policy control to reduce attack surface, and Anycast support.
Easier Navigation with UI Enhancements
Domain Name System (DNS) records can generate a lot of log data. With Edge you now can more easily identify and take action on anomalies. The Edge September 2018 release makes it easy to investigate a spike of DNS activity with interactive capabilities added to the homepage dashboard. Simply highlight peaks of interest and Edge will auto-populate a search command to expose just those queries for further review.
Operators can take DNS queries under the microscope with this panel and easy lookup tool. You can investigate and Identify related policy details or components that are now hyperlinked. These panel views are organized as tabs in the view panel on a selected DNS request. Simply right-click on a hyperlink to open a new session on that component in a separate browser tab.
With quick access to related policies and other information, the details panel becomes a lookup tool. An operator can quickly view details and make immediate updates.
Reduce attack surface with Policy Control: Protect against DNS attacks on protected data
To protect data, it requires layering security controls and needs to include the DNS protocol. Edge limits access to data like intellectual property, finance or personal records, and patient data. Only a set of privileged source IP addresses can access such sensitive data.
The Edge September 2018 release makes it possible to block all access except for defined sources on your network. You can reduce your digital attack surface and bolster your organization’s overall security posture. Largely by preventing DNS access to data, operating systems, or services you care most about.
Reviewing DNS logs within Edge of blocked attempts indicates potentially malicious activity from bad actors or compromised systems. Edge can be used to investigate surrounding DNS activity from external threat systems.
Edge, as part of your DNS infrastructure, now natively supports Anycast for Border Gateway Protocol (BGP) and Open Shortest Path First (OSPF) protocols. Organizations using Anycast are afforded optimized response latency and improved service availability. Thereby boosting user experience; now supported with the Edge September 2018 release.
With Edge, Anycast customers gain real-time visibility of DNS activity and policy control. Allowing customers to limit access and protect against DNS-based attack vectors. Edge provides visibility of both internal and external DNS requests, correlating originating IP address, query and response.
NSA and CISA: Protective DNS key to network defense
U.S. cyber agencies now point to protective DNS as a defense strategy, confirming what BlueCat already knew: DNS is critical to detecting network threats.
SUNBURST/Solorigate Situation Briefing
BlueCat leaders discuss how the malware attack via SolarWind’s Orion platform exploited DNS and how BlueCat Edge could have helped to detect it.
January 21, 2021: Learn more about how the SUNBURST/Solorigate malware exploited DNS to execute its attack.
Customer situation brief on SUNBURST/Solorigate
Learn more about the attack via the SolarWinds Orion platform and how BlueCat products use DNS to help protect customers against compromises like it.