SAN FRANCISCO—October 7, 2014—Cloudmark, Inc., the most trusted leader in security, protecting traffic, data and infrastructure from network threats, today announced the Security Platform for DNS, which delivers comprehensive, carrier-grade protection for the Domain Name System (DNS). With Cloudmark, service providers and enterprises can now quickly identify and block DNS threats, protecting against significant damage to their business and network.
DNS is a critical component of the Internet’s structure – keeping track of domain names and translating them into Internet Protocol (IP) addresses. For example, the domain name cloudmark.com translates in to 126.96.36.199. Cybercriminals are exploiting DNS’ open architecture to launch attacks on organizations with the goal of disrupting their infrastructure. For example, as of the first half of 2014, 42 percent of all distributed denial of service (DDoS) incidents were DNS Flood Attacks.*
With the rise of DNS-related threats, organizations need to strengthen their network and infrastructure defenses. DNS attacks can negatively impact operations and siphon off valuable resources, such as proprietary information. Cybercriminals are also able to launch DDoS events leveraging publicly accessible open DNS servers, overwhelming DNS infrastructure of service providers and enterprises and creating outages, thus resulting in total or partial loss of Internet service for an organization’s subscribers and/or employees.
DNS attacks are typically not blocked by standard security measures and can result in lost productivity, increased resource consumption and costs, and customer and subscriber churn. Cloudmark found recently at one customer that up to 40 percent of DNS traffic was malicious, which nearly doubled the DNS infrastructure capacity required. Cloudmark Security Platform protects that infrastructure from the malicious traffic by blocking threats in real-time.
“Criminals are actively seeking to launch attacks by exploiting weak DNS security defenses. By targeting DNS, they are able to wreak havoc on service providers with DDoS attacks, hijack subscriber devices, and hide malware communications,” said Patrick Donegan, senior analyst, Heavy Reading. “Service providers and enterprises need to take steps to proactively address their DNS security posture to ensure their entire infrastructure is properly protected.”
Cloudmark Security Platform for DNS is a software solution that safeguards DNS infrastructure and traffic from ever-evolving network threats. With Cloudmark Security Platform for DNS, service providers and enterprises gain deep insights into how DNS elements are being used and misused. As a result, organizations can prevent unnecessary capacity increases due to malicious attacks, as well as protect against threats that could result in Internet outages, malware infections, security control bypass and sensitive or private data exfiltration.
Cloudmark Security Platform for DNS runs on an efficient architecture that ensures accuracy, scalability and value. It can be implemented as a comprehensive, standalone security solution or as an enhancement to existing security hardware and appliances. It performs real-time application layer behavior and content analysis to predict threats.
In addition, Cloudmark Security Platform for DNS provides:
- DDoS Attack Protection—Prevents DDoS attacks and the associated Internet outages, mitigation and customer care issues
- DNS Exfiltration Protection—Actively detects when DNS is being used to exfiltrate data by advanced persistent threats or malicious actors
- DNS Tunneling Prevention—Prevents DNS tunnels from being used to bypass network access or security controls, create reverse tunnels allowing infiltration, or bypass Wi-Fi billing
- DNS Hijacking—Detects attempts to reroute DNS traffic to malicious domains or phishing sites
- Immediate Threat Intelligence—The Cloudmark Security Platform receives real-time updates from the Cloudmark Global Threat Network, collecting and correlating threat data across world-wide deployments
- Enhanced Network Performance—Assures that protocol anomalies or malicious actors do not impact performance or allow unauthorized access
- Built-in Reporting—Provides alerting on detected threats and easily integrates with third-party reporting tools, including HP ArcSight and Splunk
“In today’s security environment, organizations must go beyond traditional preventative measures to protect against botnets, malware, viruses and attacks. It’s crucial to have a layered defense that addresses vulnerabilities throughout a company’s infrastructure,” said Neil Cook, CTO, Cloudmark. “By addressing DNS threats, organizations can prevent costly damage to their network and their brand. We are committed to working with companies to ensure they can combat threats across their entire network.”
For more information about Cloudmark Security Platform for DNS, please visit: http://www.cloudmark.com/en/s/solutions/dns
To view a new video summarizing key benefits of Cloudmark Security Platform for DNS, please visit: https://www.youtube.com/watch?v=Ltwmozah4ds