Nbiz Infosol as an authorized distributor for Infoblox – Control your network to Secure DNS - More Security, Less Risk.
It’s critical that the technology you deploy for network control provides maximum protection and offers minimum attack surface.
Nbiz Infosol and Infoblox clearly differentiates from other vendors from a security perspective. From our highly secure hardware form factor, to our hardened OS, to the variety of security features in our applications—no other network control vendor focuses more on security than Infoblox.
Internal DNS Security - Protect Data and Critical Network Infrastructure from Targeted Attacks
Today’s targeted attacks pose threats to both data and infrastructure inside your enterprise. Infoblox Internal DNS Security stops advanced persistent threats (APTs) and malware from using DNS, prevents data exfiltration, and protects mission-critical DNS infrastructure from attacks.
Unlike alternative solutions, it combines Infoblox automated threat intelligence feed with enterprise-grade DNS to provide ongoing protection against new and evolving threats—leveraging the unique position of DNS in the network that makes it the optimal enforcement point for protection and response.
External DNS Security - Protect your external DNS from attacks
External DNS Security provides defense against the widest range of DNS-based cyber-attacks such as volumetric, exploits, and DNS hijacking attacks.
Unlike approaches that rely on infrastructure over-provisioning or simple response rate limiting, External DNS Security intelligently detects and mitigates DNS attacks while responding only to legitimate queries. Moreover, it uses Infoblox Threat Adapt™ technology to automatically update its defense against new and evolving threats as they emerge, without the need for patching.
DNS Firewall - Protection from APTs and malware communicating with C&Cs and botnets
Infoblox is leveraging our market-leading DNS technologies into the industry’s first true DNS security solution. The Infoblox DNS Firewall protects against advanced persistent threats (APTs) and malware by disrupting the ability of infected devices to communicate with command-and-control (C&C) sites and botnets, so that information is not exfiltrated.
DNS Firewall – FireEye Adapter - Proactive APT malware protection via early detection and rapid remediation
DNS Firewall integration with FireEye NX Series appliance using the FireEye Multi-Vector Virtual Execution (MVX) engine delivers a unique and powerful defense against Advanced Persistent Threats (APT) for business networks.
This solution combines the power of FireEye APT detection and Infoblox DNS level blocking and device fingerprinting -- to detect and disrupt APT malware communication and help pinpoint infected devices attempting to access malicious domains. This is the first and only solution in the marketplace that invokes powerful DNS level control upon FireEye APT detection events.
For more details Click Here
The Infoblox Solution
- Infoblox’s DNS security portfolio consists of Infoblox External DNS Security, which shields networks from cyberattacks; Internal DNS Security, which protects internal servers from attacks, APTs, malware, and data exfiltration, Infoblox DNS Firewall, which blocks APT and malware communication from within the network; and the DNS Firewall – FireEye Adapter, which leverages APT protection from Infoblox partner FireEye. Running on purpose-built DNS appliances, these solutions effectively protect both your external and internal DNS infrastructure.
- Unlike the products of other DNS vendors, our solution has intelligent detection and mitigation built in to automatically address DNS attacks and DNS queries to malicious destinations. In addition, it leverages continual, automatic updates to protect against new and evolving attacks and emerging malicious domains and networks. Infoblox is the first and only vendor to offer this level of security using DNS appliances.
Built-in Protection for Your DNS Infrastructure
- If your external Domain Name System (DNS) server goes down, your entire network is shut off from the Internet, so your business depends on having DNS servers that continue to respond to queries even when they are under attack. Neustar’s annual DDoS report for 2015 estimates an average financial damage of as high as $100,000 per hour of outage. Companies that experience extended service disruptions lose revenue, customers, and brand value.
- Unfortunately the DNS protocol—and the open-source software and commodity servers most organizations use to manage DNS services—have easily exploited vulnerabilities that defenses such as next-generation firewalls, secure web gateways, and incident detection and prevention systems do little to protect against. The only sure method of securing DNS servers is to build protection into the servers themselves.
As the leader in DNS, Infoblox has embraced this self-protecting server approach to deliver the most effective solution on the market for protecting your mission-critical DNS services from attack.
Fighting a Battle on Two Fronts
- Threats can come from the Internet or from within the firewalls, inside an organization’s network. Key DNS threat vectors are—attacks on the DNS infrastructure, APTs and malware that use DNS as a communication path and data exfiltration via DNS. To protect against the loss of trust, possible lawsuits, remediation costs, compliance penalties, and diminished revenue a successful attack can cause, you need to protect DNS servers from both outside-in and inside-out threats.
- To mitigate attacks on external authoritative servers, the servers themselves need to intelligently recognize various attack types and drop the attack traffic without disrupting legitimate queries.
- To detect DNS attacks that affect internal recursive servers inside the network and cause significant disruption like cache and resource exhaustion and outbound bandwidth congestion, the recursive servers must be able to identify and drop these attacks as well as block traffic to misbehaving domains and servers that are usually set up as part of these attacks.
- To avoid the theft of customer data and business assets, your servers need to automatically block endpoints/devices within the network from communicating to malicious domains via DNS.
- To detect data exfiltration via a DNS tunnel or over the DNS queries themselves, the servers need intelligence to detect DNS tunneling occurrences and detect any misuse of DNS queries.
Reduce Risk and Improve IT Efficiency by Automating Network Configuration and Change Management
Today, up to 80% of network problems are caused by change—mistakes made when manually changing devices, setting poor configurations that cause problems later and using inconsistent standards. New initiatives, such as virtualization, cloud computing and IPv6, are only adding to the challenge.
While new virtual servers can be spun up and down in a matter of minutes, the network infrastructure supporting these dynamic environments typically requires days and weeks to change—properly.
Integrated DNS, DHCP and IP Address Management (DDI), with Massive Scalability and Automation
The explosion of IP addresses and the rapid transitions to IPv6, virtualization and cloud computing — not to mention the onslaught of new networking and personal devices (such as smart phones and tablets) — have put extreme pressure on IT to deliver network services that are automated, scalable and always on.
Tracking IP addresses by spreadsheets and/or relying on vulnerable server-based DNS/DHCP services are not realistic options anymore. The solution to these problems is a combination of integrated, highly scalable, fault tolerant, 24x7-available DNS, DHCP and IP Address Management.
Powerful Historical Reporting, Trending and Tracking for DNS, DHCP and IP Address Management
As networks grow increasingly complex and critical, organizations often experience problems implementing the different needs of network services in real time. Corollary difficulties arise with historical reporting and tracking needs for trending, usage planning, security and regulatory requirements.
Trinzic Reporting leverages Infoblox’s leading platform for real-time views and management of DNS, DHCP and IP Address Management (IPAM) to provide long-term reporting, trending and tracking. Integrated with our Grid™ technology, Trinzic Reporting enhances real-time management of networks and network services through an extensive, customizable and historical reporting engine.
Infoblox - Whitepapers on Securing DNS to Thwart Advanced Targeted Attacks and Reduce Data Breaches
Infoblox - Whitepapers on A Cybercriminal's Guide to Exploiting DNS for Fun and Profit
Infoblox - Whitepapers on Automating Network Provisioning for Private Cloud
Gartner Report: Market Guide for DNS, DHCP, and IP Address Management (DDI)