Explosion of Connected Devices Exposes Holes in IT Security
TORONTO – May 28, 2014 – Recent well-publicized attacks have demonstrated that both traditional mobile devices and non-traditional devices such as Point of Sale (POS) systems are increasingly being targeted by malware, botnets and other attacks.
The article announces BlueCat Threat Protection, a DNS/DHCP server capability that creates a DNS firewall to stop malware, botnets and other malicious activity before they reach business-critical applications or data. It addresses the real-world problem of increasing attacks on both traditional devices (desktops, laptops, smartphones) and non-traditional devices (POS, VoIP, security cameras, RFID) by leveraging DNS as a universal control point and delivering up-to-the-minute cloud threat data centrally via BlueCat Address Manager IPAM. Key outcomes include blocking known malicious sites at DNS, configurable policies (blacklist, black-hole, redirect, whitelist), integration with SIEMs like IBM QRadar and HP ArcSight, and quick deployment on existing DNS infrastructure or as a stand-alone solution.
How does BlueCat Threat Protection use DNS to stop attacks across different device types?
BlueCat Threat Protection leverages the Domain Name System as a universal control point because all devices use DNS to access applications and sites. By creating a DNS firewall, it prevents devices—both traditional (desktops, laptops, smartphones, tablets) and non-traditional (VoIP, Point-of-Sale systems, security cameras, RFID)—from resolving or accessing known malicious hosts. The solution receives rapid, cloud-delivered threat data (the BlueCat Security Feed) and applies centrally managed policies via BlueCat Address Manager IPAM to block, black-hole, redirect or whitelist DNS requests, thereby stopping malicious activity before it reaches business-critical applications or data.
What threat data and policy actions does BlueCat Threat Protection provide to administrators?
The solution consumes up-to-the-minute hosted threat intelligence (the BlueCat Security Feed) about known sources of malware, botnets, exploits, viruses and spam, delivering rapid cloud updates to customer DNS infrastructure. Administrators can configure policies that determine how threat requests are handled: they can blacklist requests, black-hole them (drop silently), redirect them, or whitelist safe destinations. These centrally controlled policies are orchestrated through BlueCat Address Manager IPAM, enabling consistent enforcement across the DNS estate without requiring additional appliances to be purchased or maintained.
How does BlueCat Threat Protection integrate with existing security infrastructure and deployments?
BlueCat Threat Protection can be added quickly to existing BlueCat DNS servers or purchased as a stand-alone solution to augment an organization’s current DNS infrastructure. It integrates with leading Security Information and Event Management (SIEM) platforms—specifically IBM QRadar and HP ArcSight—using pre-built connectors to provide immediate notification of security risks. Central orchestration via BlueCat Address Manager IPAM allows deployment and policy management across the enterprise, enabling a layered defense-in-depth approach that complements traditional security components rather than replacing them.
BlueCat Threat Protection adds an additional layer of security for all devices across all applications to defend against malware, botnets and other attacks
TORONTO – May 28, 2014 – Recent well-publicized attacks have demonstrated that both traditional mobile devices and non-traditional devices such as Point of Sale (POS) systems are increasingly being targeted by malware, botnets and other attacks. To combat these growing threats that are pervasive to all devices, BlueCat, a leading provider of IP Address Management solutions, has released BlueCat Threat Protection for DNS/DHCP Server. BlueCat Threat Protection stops malicious activities in DNS before they can reach business-critical applications or data. The solution creates a ‘DNS firewall’ that blocks devices from ever accessing a known malicious site or host by providing rapid, cloud-delivered threat data updates to customers’ DNS infrastructure.
For more information on BlueCat Threat Protection or to request a demo please visit:
https://bluecatnetworks.com/products/bluecat-threat-protection/
Leveraging DNS to Secure the Business
The growth in the number and type of new devices connecting to the network has exposed holes in typical enterprise security. Security solutions tend to focus on particular devices or protocols and cannot provide a broad-based solution that covers all devices and applications. All devices use the Domain Name System (DNS) to connect to applications and sites. BlueCat Threat Protection provides an additional layer of defense against malicious Internet content and infected devices.
“The explosion of network-connected devices is exposing businesses to new security threats and risks,” says Andrew Wertkin, CTO, BlueCat. “Not only do our customers need to secure traditional devices such as a desktops, laptops, smartphones and tablets, but also non-traditional devices including VoIP, Point-of-Sale systems, security cameras and RFID. The Domain Name System is a critical component of any defense in depth security strategy. BlueCat has delivered a DNS Firewall that is connected to up-to-the-minute cloud-delivered threat data and centrally controlled and orchestrated by our BlueCat Address Manager IPAM solution. Threat Protection provides additional value to our customers without having to purchase or maintain additional appliances.”
Lawrence Orans and Jeremy D’Hoinne of Gartner write that, “The traditional defense in depth components are still necessary, but are no longer sufficient in protecting against advanced targeted attacks and advanced malware.” 1
BlueCat Threat Protection Empowers Enterprises to:
- Secure the business by stopping malicious activities in DNS before they can reach business-critical applications or data.
- Leverage core network services to add a new layer of security across all connected devices, both traditional and non-traditional.
- Take action based on up-to-the-minute data about known sources of malicious content including malware, botnets, exploits, viruses and spam delivered by the hosted BlueCat Security Feed.
- Configure policies to allow threat requests to be blacklisted, black-holed, redirected or whitelisted.
BlueCat Threat Protection can be quickly and easily added to existing BlueCat customers’ DNS servers or can be purchased as a stand-alone solution to quickly and easily augment the DNS infrastructure companies already have in place. The solution can also be integrated with leading SIEM solutions including IBM QRadar and HP ArcSight via pre-built connectors for immediate notification of a security risk.
About BlueCat
BlueCat IP Address Management, DNS and DHCP solutions provide the foundation to build elastic networks that scale to match the ever-changing and unique demands on your infrastructure. We enable the reliability of your core network services and securely connect the people, physical devices, virtual machines and applications that drive your business. Enterprises and government agencies worldwide trust BlueCat to solve real business and IT challenges – from device on-boarding for BYOD to network consolidation and modernization to managing and automating virtualization, cloud and the Internet of Things.
Media Contact:
Courtney Senior
PR and Community Manager, BlueCat
T: 1. 416.646.8400 ext. 308
1 Lawerence Orans and Jeremy D’Hoinne, “Five Styles of Advanced Threat Defense,” Gartner, August 20, 2013.