Packet core

Infoblox Makes DNS a Line of Defense

Infoblox raised its profile in the communications network security domain Monday with the unveiling of a DNS server that comes with integrated security tools designed to fend off distributed denial-of-service (DDoS) attacks, cache poisoning, and other potential painful-sounding attacks. (See Infoblox Adds DDoS Defense to DNS Server.)

The vendor claims this is the first DNS server to have fully integrated security features, which not only detect attacks but enable operators to counter the attacks with flexible settings that can be adjusted depending on the type of threat. The system, called Advanced DNS Protection, also has a centralized management system and a threat update feature. It becomes commercially available in early 2014.

Infoblox Inc. 's director of service provider marketing, Peter Luff, says the company will be pitching this at network engineering and operations teams that need greater levels of protection for their DNS capabilities and at senior executives, for whom network availability and customer experience is critical.

But he also notes that Infoblox isn't trying to become a broad-based network security player along the lines of Arbor Networks -- this development is focused strictly on adding extra defense capabilities to the DNS systems that every network needs. That means, then, that Infoblox is hoping to gain an advantage over its main rival, Nominum Inc.

The timing of the announcement comes only days after the network security platform vendor's vice president of technology, Dr. Srinivas Mantripragada, told attendees at the Mobile Network Security Strategies conference in New York City last week that attacks against DNS infrastructure are on the rise and are becoming more sophisticated. (See DNS Attacks on the Rise and the Light Reading team's Mobile Network Security Strategies coverage.)

And that's important as DNS servers, which play a vital role in delivering Internet traffic, become ever more important to communications service providers, particularly mobile broadband operators.

Now that role could become even greater, notes Heavy Reading senior analyst Patrick Donegan.

"More and more DNS resources are being consumed both by users consuming applications and by a proliferation of network elements communicating with one another," notes the Heavy Reading analyst. "That not only threatens the stability of the DNS infrastructure but creates opportunities to leverage the DNS infrastructure against malicious attacks. We're seeing increasing development efforts by vendors, not just to harden the performance of the DNS relative to traditional metrics, but to also leverage the DNS for new security applications."

— Ray Le Maistre, Editor-in-Chief, Light Reading

Sign In