05.06.2019 Domain Name System (DNS) Security

by Andrew Milne

Domain Name System (DNS) Security

Find out why you should be monitoring your DNS

We recently partnered with the Canadian Internet Registration Authority (CIRA) with the shared goal of continually improving the security services we offer you.

The first outcome of teaming with CIRA is already a reality: advanced monitoring and protection for your network’s Domain Name System (DNS).  With CIRA’s extensive DNS footprint and proven DNS firewall service, we can provide a better defense for your network through stronger security and increased visibility.

Why is DNS security so critical for your business?

When you consider that DNS is fundamental for the Internet to work as we know it today, ensuring its security should be high on your list.  

Let’s look at what is happening at the DNS level of networks.

DNS is the directory service for the devices in a modern computer network, mapping names like www.google.com to addresses like  DNS can be thought of as the phonebook for people’s computers and enables us to reach “places” on both the corporate networks and the Internet. Similar to the phonebook, users assume the addresses they get back from the DNS directory will be correct.

Now imagine if a fraudster could direct unsuspecting people to any arbitrary place at any time. For example, instead of Bob’s Jewelers, people are sent to Rob’s, who is not as honest and wants to sell them fake goods and steal their money. Just as legitimate websites advertise their address and services using DNS, cyber criminals also use DNS to try and gain control of a victim’s information and IT systems.

That’s right. DNS can be used to compromise your network.   

Abuse of the DNS system allows criminals to insert themselves between clients and services. This can be as easy as tricking users to request the wrong domain name, for instance, by clicking on www.googlesearch.com (not a real website). Just by clicking a link, an attacker can now influence and control the interaction with the unsuspecting user or system by directing to malicious addresses.

DNS web threats are growing in sophistication and volume, from phishing websites that attempt to steal personal and financial information by luring users into downloading files or clicking links, to stealing critical data by locking down entire networks using ransomware.

How do you stop DNS web threats to your systems?

Similar to a traditional firewall blocking or allowing network traffic in and out of your system, a DNS firewall decides which domain names you should trust, and it blocks the rest.

Using an advanced DNS firewall, all queries from your network are selectively filtered using advanced threat intelligence analysis to determine which requests are trustworthy.  A properly implemented DNS firewall will block users and systems on your network from accessing known malicious sites and services, significantly reducing your security risk.

Equally important, your threat intelligence must also keep pace. In today’s changing threat landscape, a strong firewall and antivirus software are often not enough. Continuous monitoring and analysis must be part of your security defence.  

What is DNS monitoring and why is it needed?

Field Effect believes businesses need an easier way to monitor their DNS and understand the activity and behavior happening on their networks.  Two years ago, we started integrating capabilities of CIRA’s firewall service with our Covalence threat detection, incident monitoring, and compliance product.  The result? Today, we are the first company to offer this integration quickly and seamlessly through our Covalence DNS solution.

By integrating CIRA’s D-Zone DNS Firewall with our cyber defence platform, Covalence, our clients gain an extra layer of advanced DNS protection and control through sophisticated monitoring and analysis to block malicious sites and build a more secure network.

Using our integrated Covalence DNS solution, you can:

  • Determine if your DNS firewall is being evaded
  • Rate and control the websites your users visit to prevent access to malicious sites
  • Receive insights with context about the blocked sites and malicious activity to better understand the risk and level of threats to your network
  • Determine if there is other activity, prior to a malicious site being blocked, that requires analysis
  • Gain recommendations to improve the security of your network

Advanced DNS Firewall + Monitoring and Threat Analysis = Secure Networks

Our integrated Covalence DNS solution is backed by proactive intelligence derived from 200 million+ Internet queries made globally every day, combined with data science and threat analysis to continuously update and improve the service.  Your network benefits within minutes from threat discoveries made across the Internet.

Reach out to us at h[email protected] and find out more about the unique advantages that Field Effect Covalence and CIRA’s DNS firewall can provide your business today.  


Request Demo

Fill out the form and we will send you details about our demo.