Is your cyber “Great Wall” really just a Maginot Line?

Perimeter defenses seem to be the default for every security system. From the Great Wall of China to medieval castles to proposed “border walls”, we assume that the best defenses are those which separate “us” from “them”.

Cybersecurity is no different. Perimeter defenses continue to be the primary focus for most cybersecurity stacks. The standard assumption in all of this is that the wild, unruly internet can be separated from the fully trusted internal network.

Breach after breach has shown that this simply isn’t the case. If CISOs think they’re building a cyber Great Wall, they’re more likely to end up with the Maginot Line – a perimeter defense that looks impressive (and probably costs a lot of money), but one which is easily skirted by malicious actors.

The importance of internal network protections

Today’s cybersecurity environment requires equal (if not more) attention to what lies inside the network boundary. With phishing attacks becoming ever more sophisticated, it only takes one errant click for malware to spring up on an endpoint device. It’s important to have tools in place to monitor internal traffic and limit what devices can access, reducing the attack surface when a device is compromised.

The role of DNS

At BlueCat, we use DNS security to turn wall-based cyber defenses into more sophisticated, counter-insurgency style defenses. DNS security assumes that your network is either already breached or will be soon. Through constant monitoring and application of security policies to internal network traffic, BlueCat’s client-facing approach to DNS security helps to root out the malware which is already acting under the radar.

Lateral movement, beaconing, establishing command and control – malware almost always requires DNS to establish a foothold on the network. Malicious actors assume (correctly) that most cybersecurity administrators aren’t paying attention to DNS – they consider it “plumbing” or part of the network team’s responsibility. This is where a client-facing DNS security system pays dividends, identifying the low-level tactics of malware and insiders, intervening before they find what they’re looking for.

Redefining the network boundary

Perhaps it’s time to rethink where the cybersecurity perimeter really lies. The increasing use of DNS in malware shows that the best “perimeter” defense really lies inside the network. Being able to wall off compromised devices, question the validity of DNS queries from those devices, and apply security policies which restrict access to critical data – these create a more granular level perimeter where today’s most damaging breaches tend to occur.

Learn more about BlueCat’s DNS security systems here.

An avatar of the author

BlueCat provides core services and solutions that help our customers and their teams deliver change-ready networks. With BlueCat, organizations can build reliable, secure, and agile mission-critical networks that can support transformation initiatives such as cloud adoption and automation. BlueCat’s growing portfolio includes services and solutions for automated and unified DDI management, network security, multicloud management, and network observability and health.

Related content

Detect anomalies and CVE risks with Infrastructure Assurance 8.4 

The Infrastructure Assurance 8.4 release features an anomaly detection engine for outliers and a CVE analysis engine to uncover device vulnerabilities.

Read more

Get fast, resilient, and flexible DDI management with Integrity 9.6

With Integrity 9.6, network admins can get support for new DNS record types, architect and configure multi-primary DNS, and automate IP assignments.

Read more

Deepen your security insight with Infrastructure Assurance 8.3

BlueCat Infrastructure Assurance 8.3, with an enhanced analytics dashboard, including interactive widgets and top 10 alerts, is now available.

Read more

Security, automation, cloud integration keys to DDI solution success

Only 40% of enterprises believe they are fully successful with their DDI solution. Learn how to find greater success with new research from EMA and BlueCat.

Read more

Our commitment to Micetro customers and product investment

From CEO Stephen Devito, a word on BlueCat’s ongoing commitment to supporting Micetro customers and Micetro’s evolution as a network management tool.

Read more

Seven reasons to rethink firewall monitoring and boost automation 

With BlueCat Infrastructure Assurance, you can better protect your network with automated alerts and suggested remedies for hidden issues in your firewalls.

Read more