Infoblox upgrade thwarts DNS attacks

Upgrades designed to better protect DNS servers from cache poisoning and other attacks.

Infoblox Monday announced upgrades across its line of core network services appliances that are designed to better protect DNS servers from cache poisoning and other malicious attacks.

The IP address management vendor upgraded its NIOS operating system with security features that monitor DNS protocol traffic to alert IT managers when an attack is in progress and provide methods to automatically mitigate an attack. To combat the recent vulnerabilities revealed about DNS, Infoblox NIOS Version 4.3r2 includes a DNS firewall feature that Infoblox says will protect servers from potentially malicious activities. NIOS runs on hardware appliances ranging in size and capacity, depending on the environment.

With this release, enterprise network managers can reconfigure internal servers to send recursive queries to the appliances equipped with the DNS firewall capability, which will protect internal systems without causing a reduction in DNS services. Infoblox appliances sit in a data center in front of DNS and DHCP servers in a high-availability pair. The appliances are part of the company's grid technology, which enables enterprise network managers to perform one-to-many upgrades across multiple appliances.

"Despite the patches that have been released to protect against recent DNS vulnerabilities, those are short-term fixes. Recursive queries are the subject of attacks and you simply can't not have them and it is a challenge to keep up with patching multiple systems," says Brett Eldridge, vice president of product management at Infoblox. "By reconfiguring the servers to send those queries to protected appliances, the scope of where someone can attack you is reduced."

The company, which competes with the likes of BlueCat Networks, BT Diamond and MetaInfo, also added a feature that monitors signs, or fingerprints, of the attack. (Compare IP address management products.) With this information, enterprise network managers can more quickly identify similar attacks in the future and take steps, such as limiting traffic to the IP address under attack, to mitigate the risk.

"You can't sit and watch your DNS servers all the time, but with this fingerprint feature, there is earlier indication that you are under attack and measures can be taken," Eldridge says. "These features make it easier to understand when you might be under attack."

NIOS Version 4.3r2 is available across five appliance platforms. Pricing starts at about US$2,500 for the lower-end appliances. The operating system software upgrade is available free of charge to current customers with valid maintenance contracts.

Tags network securityNetwork managementDNSinfoblox

Keep up with the latest tech news, reviews and previews by subscribing to the Good Gear Guide newsletter.

Denise Dubie

Network World

Comments

Comments are now closed.

Most Popular Reviews

Follow Us

Best Deals on GoodGearGuide

Shopping.com

Latest News Articles

Resources

GGG Evaluation Team

Kathy Cassidy

STYLISTIC Q702

First impression on unpacking the Q702 test unit was the solid feel and clean, minimalist styling.

Anthony Grifoni

STYLISTIC Q572

For work use, Microsoft Word and Excel programs pre-installed on the device are adequate for preparing short documents.

Steph Mundell

LIFEBOOK UH574

The Fujitsu LifeBook UH574 allowed for great mobility without being obnoxiously heavy or clunky. Its twelve hours of battery life did not disappoint.

Andrew Mitsi

STYLISTIC Q702

The screen was particularly good. It is bright and visible from most angles, however heat is an issue, particularly around the Windows button on the front, and on the back where the battery housing is located.

Simon Harriott

STYLISTIC Q702

My first impression after unboxing the Q702 is that it is a nice looking unit. Styling is somewhat minimalist but very effective. The tablet part, once detached, has a nice weight, and no buttons or switches are located in awkward or intrusive positions.

Latest Jobs

Don’t have an account? Sign up here

Don't have an account? Sign up now

Forgot password?