Enhance DNS control with BlueCat Edge SPv4

Since its inception, BlueCat Edge has revolutionized DNS visibility and control at the network edge.

With unprecedented access to DNS query and response data, network teams can establish smarter network policies, optimize traffic, and meet stringent compliance and logging requirements.

Now, a new version of Edge, called Service Points 4, or SPv4, significantly enhances Edge’s capabilities. It offers a multi-service architecture that supports simultaneous deployment of add-on modules, customizable to your enterprise’s needs.

This post will first touch on the core offerings of BlueCat Edge. Then, it will explore Edge’s new multi-service, single platform architecture with SPv4 and the four add-on services currently available. Finally, it will look at the broader benefits of this architecture approach and how you can get started with SPv4 at your organization.

Service Points: The foundation of advanced DNS visibility and control

As the first hop of any DNS query, Edge uses client-facing Service Points to intelligently direct DNS traffic, tame conditional forwarding rules, block malicious DNS queries, and help monitor and collect DNS query and response data for diagnostics and investigations.

Network teams can improve performance with optimized DNS resolution paths, prevent downtime by centralizing resolution, simplify migrations from legacy systems using Intelligent Forwarding, deploy on physical or virtual appliances or in the cloud, and log complete contextual information.

Edge has also supported add-on services like security intelligence feeds or branch office management. But versions 3.x and earlier were built on a single-service architecture. Edge performed its core capabilities with the ability to support only a single add-on, which limited what network teams could do.

Four add-on services now available with SPv4

BlueCat’s reengineered Edge deployment is divided into two components:

1. 1. The upgraded Service Point platform; and
   2. The services that you choose deploy onto it

With SPv4, you can use the Edge management console to deploy add-on modules. And with SPv4’s multi-service architecture, you can employ those modules simultaneously.

The BlueCat Edge base offering provides core features as a DNS resolver. But additional modules—available for security, networking, cloud, and Branch DDI—have transformed Edge into a multi-service, single-platform solution that provides unprecedented visibility and control of DNS traffic to optimize and secure your network.

Now, the multi-platform flexibility of SPv4 allows network teams to, for example, deploy one Service Point for DNS and security while using another for cloud resolution. With little effort, your DNS service delivery plans can be highly strategic and regionalized.

Below are more details about the four add-on service modules currently available.

Security and identity

With the security and identity add-on, you get:

• Machine learning to better protect your network and detect DNS anomalies, such as domain generation algorithms (DGAs)
• The ability to obtain user identity information from Active Directory for both internal and external DNS queries, including the identity of potential attack sources, and view it in the Edge UI (external DNS identity information is aided by integration with Cisco Umbrella)
• Enhanced policy enforcement and management to block, redirect, or monitor DNS requests based on client devices and resources accessed
• Advanced analytics and forensics of DNS traffic to allow for faster remediation
• 14 days of DNS log data, stored in the cloud, to detect suspicious patterns and activity and support breach investigations, with longer periods available for additional cost
• Integration with your existing Security Information and Event Management tool

Networking

With the networking add-on, you get:

• Unlimited DNS namespaces
• The ability to retry namespaces in the event of downstream resolver failures
• Seven days of DNS log data, stored in the cloud, with longer periods available for additional cost

Cloud

With the cloud add-on, called Cloud Resolver, you get:

• Our cloud-native DNS resolver, which can provide immediate resolution to and across any cloud and on-premises network
• Discovery of all DNS zones in the cloud and creation of one BlueCat Edge namespace for any endpoint in the cloud to resolve against
• Compatibility with major cloud service providers, ensuring that endpoints can resolve across AWS, Azure, and Google Cloud Platform

Branch DDI

With the Branch DDI add-on, you get:

• Our solution for multiple brick-and-mortar branch locations that can deploy secure and compliant local DNS on existing branch network infrastructure, extending resiliency
• Local internet breakout
• A cloud-based console for IP address management, including granular endpoint and geo-analysis of all onsite traffic
• 30 days of DNS log data, stored in the cloud, with longer periods available for additional cost
• Deployment to branch hardware, including the Cisco ENCS 5000 Series
• Coming in a future release: The ability to deploy secure and compliance local DHCP on existing branch network infrastructure, in addition to DNS

In addition, Edge’s multi-service, single-platform design can support additional service modules that may be released in the future.

The benefits of a multi-service platform

Orchestrating various modules using a multi-service platform architecture offers several benefits to enterprises.

1. Scalability and flexibility: You can avoid over- or under-provisioning by making regional adjustments to DNS services to improve efficiency. Swapping out individual services improves response times for changing user and endpoint requirements and decreases the time needed to re-architect and re-deploy.
2. Cost savings: You can deploy DNS services independently or concurrently with other services. This can reduce costs and accelerate deployments. Test individual DNS services separately and then combine them, all without having to manually manage deployment and communication between them.
3. Resilience: You can use native DNS platform load balancing to handle multiple services and potential failures based on demand. Automatically direct traffic to healthy services and isolate unhealthy ones.
4. Security: You can foster a zero-trust DNS environment that enhances network security and bolsters the trustworthiness of your network. Keep malicious domains at bay with domain control lists and real-time threat updates. Enforce policies with Intelligent Forwarding and traffic steering. Ward off DNS tunneling, find your most compromised network endpoints, and detect DGA attacks.

Ultimately, investing in a multi-service platform such as Edge allows network teams to focus on driving optimization. In turn, your entire enterprise can innovate faster in an era of rapid change.

Ready for BlueCat Edge with SPv4?

If you’re ready for BlueCat Edge with SPv4, refer to the table below to learn what your next steps should be.