ExtraHop
Enhanced visibility and resolution of errors and threats to help maintain resource uptime.
What is it?
The BlueCat ExtraHop Plugin resolves missing records and remediates cyber threats, using machine AI to maintain system integrity. It does this by reading DNS data directly from the wire and select databases, without the need for expensive logging. When an error or threat is detected, the ExtraHop Plugin triggers automation tasks to create records or stop attacks with policies before it gets to the DNS server using BlueCat Gateway or Edge.
The challenge
To ensure that users can successfully and safely access critical services and apps, network teams need tools to accelerate the detection and remediation of errors and threats. Without a way to create missing records or stop attacks before reaching DNS servers, enterprises face costly breaches and slower time-to-revenue. This can result in users getting access errors to services like email due to missing PTR records, or sensitive data exfiltration occurring through DNS tunneling.
Features:
- Automatically creates the reverse records
- Allows you to view reverse records by date that were healed in Address Manager
- Auto-creates Edge metadata: Domain List called (RevealX Blocked Threats), Site Group called (RevealX Sites), and Policy called (RevealX Threats Blocked)
- Enables auto enforce, adding threats to domain list
Get access to all Adaptive Plugins with the BlueCat Gateway Support Program.