Wie interne Missstände Ihr Netzwerk gefährden
In einem aktuellen Bericht von IDG wurde festgestellt, dass 86 % der Unternehmen aufgrund mangelnder Zusammenarbeit zwischen diesen beiden Abteilungen unter den Folgen gelitten haben, darunter vermehrte Sicherheitsverletzungen und Datenverluste.
Dieses Video thematisiert die Kluft zwischen Netzwerk- und Sicherheitsteams hinsichtlich des Zugriffs auf DNS-Informationen und erläutert, wie Sicherheitsteams Transparenz benötigen, um Anomalien zu erkennen, während Netzwerkteams sich dagegen wehren, die Änderungskontrolle abzugeben, um Beeinträchtigungen der Verfügbarkeit zu vermeiden. Es skizziert das reale Problem operativer Reibungspunkte, die die Erkennung von Bedrohungen verzögern und das Risiko erhöhen können – insbesondere in DNS-/DHCP-Umgebungen von Unternehmen, in denen Änderungen die Verfügbarkeit von Diensten beeinträchtigen können. Das Video stellt Ansätze vor, um diese Kluft zu überbrücken – indem Sicherheitsteams die benötigte DNS-Transparenz erhalten, ohne dass die Kontrolle über Netzwerkänderungen abgegeben werden muss –, damit Unternehmen die Erkennung verbessern und die Netzwerkstabilität aufrechterhalten können.
Why do security teams want access to DNS information, and what risks arise if they are denied?
Security teams want access to DNS data so they can search logs for anomalies and patterns that indicate compromise, data exfiltration, or malware communications. Without that visibility, threat detection is delayed or less effective because analysts cannot correlate DNS behavior with other indicators. Denying access increases operational risk by creating blind spots, allowing threats to persist longer and reducing the organization’s ability to respond quickly while also forcing insecure workarounds such as ad hoc data requests or shadow copies of DNS records.
Why are network teams reluctant to give security teams direct change access to DNS, and what operational impact does that concern reflect?
Network teams resist giving security personnel change control because DNS and DHCP configurations directly affect network uptime and service availability; unauthorized or mistaken changes can cause outages. This reluctance reflects the operational priority of maintaining stable production networks and minimizing change-related incidents. The consequence is a governance tension: protecting uptime leads network teams to tightly control configuration, which can impede security investigations and slow incident response when rapid DNS-based remediation or hunting would be beneficial.
What solution does the video suggest to resolve the divide between network and security teams?
The video suggests creating a process and tooling that provide security teams with the DNS visibility they need without giving them the ability to make live network changes. This approach maintains network stability by preserving network team control over production configurations while enabling security analysts to search DNS data for anomalies and patterns. Implementing such a separation of visibility and change authority reduces operational friction, improves detection capabilities, and prevents risky workarounds that could otherwise harm uptime.
Network teams and security teams don’t always see eye to eye. Security teams want access to DNS information so they can search for anomalies and patterns. Network teams don’t want the security team making changes which would impact network uptime. In this video, we run through the negative impact this divide has on networks, and what you can do about it.
