Light Reading

Infoblox Adds DDoS Defense to DNS Server

Light Reading
News Wire Feed
Light Reading
12/9/2013
50%
50%
Repost This

SANTA CLARA, Calif. -- Infoblox Inc. (BLOX), the automated network control company, today introduced the Infoblox Advanced DNS Protection solution, the first Domain Name System (DNS) appliance with integrated defenses against Distributed Denial of Service (DDoS) attacks, cache poisoning, malformed queries, tunneling and other DNS security threats.

By building defense directly into a fortified DNS server, the Infoblox solution can deliver protection that is stronger, more intelligent and more comprehensive than what is possible today with separate external security solutions.

DNS is the address book for every destination on the Internet, translating domain names such as “infoblox.com” into IP addresses such as 54.235.223.101. Businesses, government agencies and other organizations can’t function without fast and accurate DNS service for both incoming and outgoing traffic. Because DNS must be open to everyone on the Internet, DNS servers are a tempting target for cyber-criminals, “hacktivists” and other malicious groups. Traditional approaches to network security don’t emphasize protection of this critical infrastructure, which may leave DNS vulnerable to internal and external attacks.

DDoS attacks, which seek to knock sites offline with a flood of malicious traffic, have been an especially fast-growing threat. “DDoS challenges have spiked for enterprises in 2013,” noted Lawrence Orans of the research firm Gartner in a recent report.* “Gartner estimates that its DDoS inquiry level quadrupled from September 2012 through September 2013. An increase of higher-volume and application-based DDoS attacks on corporate networks will force Chief Information Security Officers (CISOs) and security teams to find new, proactive solutions for reducing downtime.”

The security features of Infoblox Advanced DNS Protection provide multiple levels of defense, including:

  • Unique threat detection and mitigation. Infoblox Advanced DNS Protection intelligently analyzes incoming DNS queries and is able to distinguish between legitimate traffic from real users and malicious traffic generated by a DNS DDoS attack. Armed with this information, the Infoblox appliance then drops the DDoS traffic and only responds to the legitimate queries. This can keep a business online and functioning during a DDoS attack, unlike conventional response rate limiting which slows down all traffic by simply placing a cap on DNS query responses.

  • Centralized visibility. Enterprises and service providers can spot anomalous DNS traffic across all Infoblox Advanced DNS Protection appliances on their networks through a single console, allowing for early detection that makes it possible to organize a more effective defense. This is beneficial because DDoS attacks often target multiple DNS servers, start slowly and aren’t detected until they reach a catastrophic level.

  • Ongoing protection against evolving threats. An automatic update service regularly sends new rules to the Infoblox Advanced DNS Protection appliance, enabling it to protect against evolving threats as they are identified – much faster than the weeks that can elapse while waiting for traditional security patches and updates.

    Infoblox Advanced DNS Protection defends against a wide range of DNS threats, including cache poisoning, which inserts rogue IP addresses into a DNS cache; malformed DNS queries, which can crash a DNS server; and tunneling, which can be used to smuggle out stolen data.

    “Security is better when it’s built in, not bolted on,” said Steve Nye, executive vice president of product strategy and corporate development at Infoblox. “By intelligently integrating security directly into a DNS appliance, Infoblox Advanced DNS Protection delivers a depth of defense against DNS attacks that is far more robust and insightful than relying on a jumble of separate devices and services.”

    Telecommunications and Internet service providers can be especially vulnerable to DNS threats, because an attack on their DNS infrastructure could disrupt connectivity for all their customers, leading to potential loss of revenue and reputation. Infoblox Advanced DNS Protection offers a range of appliances, including high-capacity models purpose-built for carrier-grade performance, making it possible to spot DNS DDoS attacks and other threats before service is significantly compromised. Service providers often have greater needs than other businesses to receive timely updates against new threats and to continually adjust their security posture – both made easier with Infoblox Advanced DNS Protection.

    Pricing and Availability
    The Infoblox Advanced DNS Protection solution – consisting of the Infoblox Advanced Appliance and the Infoblox Advanced DNS Protection Service – is expected to be available in January 2014. Pricing information is available immediately from Infoblox sales representatives and channel partners.

    Infoblox Inc.

    (0)  | 
    Comment  | 
    Print  | 
  • Newest First  |  Oldest First  |  Threaded View
    Flash Poll
    LRTV Documentaries
    Cable Eyes Big Technology Shifts

    4|16|14   |   03:02   |   (4) comments


    US cable engineers are facing a lot of heavy lifting in the coming years, notes Light Reading Cable/Video Practice Leader Alan Breznick.
    LRTV Custom TV
    Maximizing Customer Experience & Assuring Service Delivery in an IP World

    4|15|14   |   4:57   |   (0) comments


    Steven Shalita, VP of Marketing, NetScout Systems, Inc., discusses the challenges cable/MSO operators face in assuring the delivery of new IP-based services. Key points include the value of proactively managing performance, and using rich analytics and operational intelligence to better understand service and usage trends, make smarter business decisions and ...
    LRTV Documentaries
    Bye-Bye DVD: Consumers Embrace Digital Video

    4|10|14   |   04:17   |   (6) comments


    Veteran video analyst Colin Dixon, founder and principal analyst of nScreenMedia, says research shows 56% are using digital video already.
    LRTV Documentaries
    Video: TW Cable Puts Multicast Gateways to the Test

    4|8|14   |   04:13   |   (1) comment


    Tom Gonder, a chief architect at Time Warner Cable, explains how its trial of multicast gateways is impacting IP-based video plans.
    LRTV Custom TV
    Managing & Monetizing Big Data in Operator Environments

    4|7|14   |     |   (1) comment


    At Mobile World Congress, Gigamon's Director of Service Provider Solutions, Andy Huckridge, and Heavy Reading Analyst Sarah Wallace discuss the 'big data' issues facing carriers and operators today.
    LRTV Huawei Video Resource Center
    Data Center Energy – Build Your Data Center in a Modular Way

    4|7|14   |   2:13   |   (0) comments


    Dr. Fang Liangzhou, VP Network Energy Product Line, shared his thoughts about the challenges for data centers during CeBIT 2014.
    LRTV Huawei Video Resource Center
    Agile Network Solution – An Overview of Huawei's Agile Network Solution

    4|7|14   |   2:31   |   (0) comments


    Ajay Gupta, Director of Product Marketing, Networking Product Line, gives an overview of the Agile Network Solutions during CeBIT 2014.
    LRTV Huawei Video Resource Center
    Huawei’s eLTE Voice Trunking, Video and Data Applied for Railways

    4|7|14   |   1:38   |   (0) comments


    Gottfried Winter is the Sales Director at Funkwerk, a German specialist in GSM-r terminals and a long-time partner of Huawei. At CeBIT 2014, Winter talks to Light Reading about this partnership and the integration of enhanced voice trunking, video and data functions.
    LRTV Huawei Video Resource Center
    LeaseWeb Speaks Highly of Huawei's Datacenter Products

    4|7|14   |   1:37   |   (0) comments


    Rene Olde Olthof, Operations Director LeaseWeb, talks about the next data center transformation during CeBIT 2014.
    LRTV Documentaries
    Comcast: Reshaping the Cable Network Architecture

    4|3|14   |   07:11   |   (8) comments


    Shamim Akhtar, Comcast's architect and senior director of network strategy, explains why the cable company is moving to a more distributed network architecture.
    LRTV Custom TV
    VMware CEO Pat Gelsinger at Mobile World Congress

    4|1|14   |   3:41   |   (0) comments


    VMware CEO Pat Gelsinger speaks to Heavy Reading about the value of virtualization spanning from the data center to service provider networks to mobile devices.
    LRTV Huawei Video Resource Center
    Analysts' Impressions of Huawei SoftCOM at ONS 2014

    4|1|14   |   1:11   |   (0) comments


    After visiting the Huawei booth at ONS, Lee Doyle of Doyle Research gives his appraisal of Huawei's SoftCOM solution.
    Hot Topics
    BlackBerry's Chen: We're Not Dumping Devices
    Dan Jones, Mobile Editor, 4/10/2014
    Cisco, Juniper Treating Gear Against Potential Heartbleed
    Dan O'Shea, Managing Editor, 4/11/2014
    Cisco & VMware Are Apple & Google of SDN
    Mitch Wagner, West Coast Bureau Chief, Light Reading, 4/14/2014
    T-Mobile Petitions Operators to Kill Overages
    Sarah Reedy, Senior Editor, 4/14/2014
    Mobile Apps Susceptible to Heartbleed, Too
    Sarah Reedy, Senior Editor, 4/14/2014
    Like Us on Facebook
    Twitter Feed