We recently partnered with the Canadian Internet Registration Authority (CIRA) with the shared goal of continually improving the security services we offer you.
The first outcome of teaming with CIRA is already a reality: advanced monitoring and protection for your network’s Domain Name System (DNS). With CIRA’s extensive DNS footprint and proven DNS firewall service, we can provide a better defence for your network through stronger security and increased visibility.
What is Domain Name System (DNS)?
DNS is the directory service for the devices in a modern computer network, mapping names like www.google.com to addresses like 172.217.164.228.
DNS is almost like the phonebook for people’s computers—it enables us to reach “places” on both the corporate networks and the Internet. Similar to the phonebook, users assume the addresses they get back from the DNS directory will be correct.
When you consider that DNS is fundamental for the Internet to work as we know it today, ensuring its security should be high on your list. Just as legitimate websites advertise their address and services using DNS, cyber criminals also use DNS to try and gain control of a victim’s information and IT systems.
Why is DNS security important?
Abuse of the DNS system allows criminals to insert themselves between clients and services. This can be as easy as tricking users to request the wrong domain name, for instance, by clicking on www.googlesearch.com (not a real website).
Just by clicking a link, an attacker can now control the interaction with the unsuspecting user or system by redirecting to malicious addresses. For example, instead of Bob’s Jewelers, you're sent to Rob’s Jewelers—a less honest company that sells fake goods to essentially steal your money.
DNS web threats are growing in sophistication and volume, from phishing websites that attempt to steal personal and financial information by luring users into downloading files or clicking links, to stealing critical data by locking down entire networks using ransomware.
How do you stop DNS attacks?
Similar to a traditional firewall blocking or allowing network traffic in and out of your system, a DNS firewall decides which domain names you should trust and blocks those you shouldn't.
Using an advanced DNS firewall, all queries from your network are selectively filtered using advanced threat intelligence analysis to determine which requests are trustworthy. A properly implemented DNS firewall will block users and systems on your network from accessing known malicious sites and services, significantly reducing your risk.
Equally important, your threat intelligence must evolve. In today’s changing threat landscape, a strong firewall and antivirus software are often not enough. Continuous monitoring and analysis must be part of your security defence.
What is DNS monitoring?
Businesses need an easier way to monitor their DNS and understand the activity and behaviour happening on their networks. This is why we've integrated CIRA’s firewall capabilities with our holistic cyber security solution, Covalence.
As a result of this integration, Covalence users gain an extra layer of advanced DNS protection and control through sophisticated monitoring and analysis to block malicious sites and build a more secure network.
Why is DNS monitoring important?
DNS monitoring allows you to:
- Determine if your DNS firewall is being evaded
- Rate and control the websites users visit to prevent access to malicious sites
- Receive insights with context about the blocked sites and malicious activity to better understand the risk and level of threats to your network
- Determine if there is other activity, prior to a malicious site being blocked, that requires analysis
- Gain recommendations to improve the security of your network
Our integrated Covalence DNS solution is backed by proactive intelligence derived from 200 million+ Internet queries made globally every day, combined with data science and threat analysis to continuously update and improve the service. Your network benefits within minutes from threat discoveries made across the Internet.
Want to learn more? Reach out to our team today.
