New BlueCat Networks Appliance Models Integrate with Thales nShield Hardware Security Module (HSM)
Toronto, Canada – June 11, 2012– BlueCat Networks, the IPAM Intelligence™ company, today announced that its DNS, DHCP and IP Address Management appliances are now integrated with the award-winning Thales nShield Connect hardware security module (HSM) to deliver simple and secure DNSSEC key management for organizations that demand the highest levels of security.
“Security is one of the top concerns of every CIO,” said Brad Micklea, Vice President of Product Management, BlueCat Networks. “The Domain Name System is a critical public service that is on the front line, so attacks on DNS can severely impact business operations and undermine customer loyalty. By adding support for the Thales HSM to our existing DNSSEC solution, BlueCat Networks is once again demonstrating its commitment to providing the smartest, simplest and most secure solutions available for managing and securing enterprise networks. BlueCat Networks combines the ultra-high security of HSM-based DNSSEC with the simplicity of fully automatic key rollover for all key types, as well as flexible support for a broad range of encryption algorithms.”
DNSSEC uses strong public key cryptography to bring far greater security to any enterprise by protecting the DNS core network service from attacks like cache poisoning which can be leveraged for web site spoofing and phishing. In order to optimally secure your web site you must implement DNSSEC. However, there are two challenges to implementing DNSSEC that remain unaddressed:
|1.||Secure Key Storage: Standard DNS servers are not designed to be tamper or invasion proof, leaving keys potentially exposed to theft or misuse.|
|2.||Key Rollover: Implementation and management of off-box DNSSEC keys can be complex, costly and time consuming in part because if handled manually, security teams must spend a large portion of their time generating, administering and validating the many DNSSEC keys in use.|
The combined BlueCat Networks and Thales solution for HSM-enabled DNSSEC solves both aspects. Keys are generated and secured via the Thales nShield appliance that is FIPS 140-2 Level 3 and Common Criteria EAL4+ certified. However, unlike more manual solutions, BlueCat’s DNSSEC integration with Thales retains the simplicity of interaction that BlueCat’s existing DNSSEC solution was known for. BlueCat Networks reduces the inherent complexity of DNSSEC with centralized key management, single-click signing policies, fully automated key rollover and emergency manual key rollover. With BlueCat Networks, organizations can control DNSSEC signed zones from a central location, gain a comprehensive view of all DNSSEC-related data and demonstrate compliance during security audits.
“Recent highly publicized cyber attacks like Stuxnet are a clear reminder that digital signature keys that underpin services like DNS are vulnerable to theft or mis-use and must be protected,” said Cindy Provin, president of the Americas, Thales e-Security. “DNSSEC is already being widely adopted by government, financial services and healthcare organizations where the security of sensitive information is of paramount importance, but DNSSEC is only as good as the security of an organization’s cryptographic keys. The Thales nShield Connect HSM ensures that keys are generated and stored by an ultra-secure device that is both physically and electronically protected against tampering and invasion. When the Thales HSM is used in conjunction with BlueCat Networks’ smart, simple DDI solutions, organizations get the benefit of market-leading DDI and key security in an intuitive solution.”
Deployed at some of the most demanding and secure organizations in the world, BlueCat Networks’ DNS, DHCP and IP Address Management solutions provide an essential technology for helping organizations build smarter networks and manage IP-dependent services including cloud, virtualization and BYOD.
About BlueCat Networks
BlueCat Networks provides a smarter way to manage BYOD, mobile devices and cloud. With powerful IT self-service, automation and workflow delegation, BlueCat Networks software solutions give organizations the power to manage “everything IP” in their network including devices, users and IP activity from a single pane of glass. The result is a dynamic network that is more resilient, cost effective and easier to manage.
With tightly integrated IP core services, BlueCat Networks’ simple and scalable IP Address Management (IPAM) solutions have helped Global 2000 companies and government agencies reduce costs and solve today’s most critical IT challenges – from BYOD and mobility to data center virtualization and cloud computing. We also help organizations manage growth and change by easing the transition to new technologies such as IPv6 and DNSSEC. To learn more, visit: https://bluecatnetworks.com.
Adonis, Proteus, Triton, IPAM Intelligence and BlueCat Networks are trademarks of BlueCat Networks, Inc. and/or BlueCat Networks (USA) Inc. Other products mentioned herein may be trademarks and/or registered trademarks of their respective owners.
Everything you need to know about shadow IT
When users implement their own solutions behind the IT team’s back, that’s shadow IT. Learn about the risks and how to manage and reduce it with BlueCat.
How an agency IT chief innovated amid bureaucracy
Government IT innovation isn’t easy, but Chad Sheridan did it at the USDA by removing silos, earning top-level buy-in, and moving to a product mindset.
Lexmark CIO & CTO on recognizing the right use cases for AI
Lexmark CIO & CTO Vishal Gupta wades through the murk surrounding AI, explaining what tech organizations should know when deciding whether to adopt it.
NSA and CISA: Protective DNS key to network defense
U.S. cyber agencies now point to protective DNS as a defense strategy, confirming what BlueCat already knew: DNS is critical to detecting network threats.