Protecting Against DNS Malware
DNS-based malware is particularly dangerous because it is often used to steal critical company and customer data.
EfficientIP's DNS Firewall is a comprehensive DNS security solution that proactively prevents new attacks and protects SOLIDserver™ DNS appliances and/or Linux-based DNS infrastructures by detecting and blocking malware activity, identifying infected devices and preventing data exfiltration, phishing and internal DoS attacks.
DNS Firewall is part of EfficientIP’s unique 360° security solution to protect against volumetric, exploit and stealth attacks for both public and private DNS infrastructures
Ensure Proactive and Efficient Protection Against DNS-Based Malware
The best way to protect your network infrastructure against malware is to eliminate the risk of device corruption. SOLIDserver™ DNS Firewall prevents connected devices from becoming infected with malware by enabling recursive DNS servers to block queries from clients that want to access domains and/or IPs known to be malicious.
Define DNS Response Policies
Recursive DNS server response policy (DNS RPZ) is based upon domain data feeds created manually by the IT administration team and/or provided by an external service. SOLIDserver™ DNS Firewall offers a granular approach to RPZ zone management. Instead of blocking an entire domain, exceptions for subdomains are created, and then for each individual subdomain response policies are defined. For example, redirection to a corporate warning page could be created. SOLIDserver™ DNS Firewall offers easy-to-deploy and reliable malware protection that can be personalized to meet specific and granular requirements.
Contain Malware Spreading and Identify Infected Devices
Based on DNS query analysis, SOLIDserver™ DNS Firewall detects and isolates clients infected with malware, blocking all communication with external websites and then disrupting malware activity. SOLIDserver™ DNS Firewall identifies the IP of the client responsible for the query. When combined with NetChange network discovery, it localizes where the IP is connected on the network enabling a quick device cleansing.
Protect Against DNS-Based Malware Across the Entire DNS Infrastructure
SOLIDserver™ DNS Firewall provides a scalable, low cost and effective mechanism for blocking malware and phishing on a corporate network where no existing layer 7 filtering mechanism is deployed. DNS Firewall policies can be automatically globally replicated across the entire DNS architecture, on selected servers, sites orSmartArchitectures™, assuring overall consistency, decreased cost and improved global security.