Andrea Danti - Fotolia
Network control company Infoblox announced at the MPower Cybersecurity Summit in Las Vegas that it is to collaborate with security firm McAfee to improve customers’ network security by combining the power of web and domain name system (DNS) security to deliver unified protection.
The Infoblox and McAfee collaboration enables sharing of threat intelligence and security event information to deliver comprehensive protection and faster incident response.
Despite the 2016 attack on DNS provider Dyn reportedly resulting in 37% of organisations changing their DNS security strategy, DNS security is still an issue for many, with a recent survey finding that nine out of 10 organisations had suffered downtime as a result of a recent DNS attack.
Research also shows that 91% of malware uses DNS to carry out malicious campaigns, and the longer it takes to discover, the higher the cost of damage, and that the various security tools used by organisations typically work in silos.
According to Infoblox, traditional security tools do not address DNS security, thereby creating a security gap often exploited by malicious actors to inject and propagate malware inside the network and to exfiltrate valuable data out of the enterprise.
A recent Gartner report, entitled Competitive landscape: Secure web gateways, noted emerging trends, including secure web gateway (SWG) blocking and threat defence coupled with DNS services.
“By coupling DNS with SWG web proxying, SWG service providers can widen their basic threat prevention and filtering capabilities beyond just HTTP, HTTPS and FTP. Technology strategic planners should seek ways to leverage both DNS and proxy-based inspection methods to compete with this new emerging complementary capability to appropriately protect against advanced threats and improve SaaS [software as a service] performance,” the Gartner report said.
Read more about DNS security
Infoblox and McAfee have combined a best-in-class DNS security system with a leading secure web gateway solution to deliver comprehensive network security for web and non-web traffic.
The Infoblox ActiveTrust Cloud product is designed to provide comprehensive DNS security and flag potentially infected devices that can then be redirected to McAfee’s Web Gateway Cloud Service for deeper content inspection, including malware scanning and secure sockets layer (SSL) inspection.
Because most security systems tend to be siloed, lack of interoperability and inability to share threat intelligence across security solutions inhibits an organisation’s capability to respond effectively to ever-increasing attacks.
Infoblox and McAfee said their joint solution is aimed at addressing these challenges by automating data sharing between Infoblox DNS security and McAfee endpoint and web security offerings.
Infoblox is a member of the McAfee Security Innovation Alliance, which aims to accelerate the development of interoperable security products and simplify the integration of these products within complex customer environments, bringing better value and more protection to joint customers.
“By bringing together McAfee, a leader in cyber security, and Infoblox, the leader in DDI [DNS, DHCP and IP], we are breaking down the silos between security operations and network operations,” said Kanaiya Vasani, vice-president of business development at Infoblox.
“The integrated solution from Infoblox and McAfee provides visibility into DNS and web traffic, plugs the DNS security gap in organisations, automates data sharing, and enables automated workflows to quickly remediate threats,” he said.