What Would an Umbrella Approach to Security Look Like for Your Enterprise?
Part 2: A Secure DNS

Ron Temske, Vice President, Security Solutions, Logicalis US

In Part 1 of my article, I discussed what seems like an insurmountable obstacle. While we require DNS to resolve IP addresses, this also allows it to be leveraged for a variety of malware and attacks. It’s estimated that 97 percent of all attacks involve DNS in some capacity, so the ability for DNS to play a role in security is extensive.

Download and read the entire article: What Would an Umbrella Approach to Security Look Like for Your Enterprise?

That’s the premise behind Cisco Umbrella, formerly OpenDNS, which replaces the default DNS servers accessed by your enterprise (typically provided by a corporate server or your ISP) with a secure DNS backed by an entire intelligence community.

By using threat intelligence and cloud scale analytics, and leveraging how the DNS protocol operates, the Cisco approach succeeds in protecting users from being exposed to attacks and malware – no matter where the user or the malware is located.

[Infographic: Click for full view]

Taking an Umbrella Approach to Security (small)

Here are just a few of the ways this umbrella approach to DNS can protect your enterprise environment:

  • Keeps a continuously updated record of malicious sites, so if you click on that link for www.1inkedin.com, the DNS prevents you from being sent to the site.
  • Keeps a continuously validated database of site addresses which prevents a DNS cache poisoning attack from succeeding.
  • Provides filtering ability for undesirable content (for example blocking all requests for adult content).
  • Blocks the “call home” request from many forms of malware, effectively minimizing the impact of that malware.
  • Works whether a device is on the corporate network or even while on guest networks when using AnyConnect or roaming client.
  • Provides an extensive reporting dashboard that can provide a view into details such as SaaS consumption. For instance, you could view not only that Salesforce.com is being used, but who on your network is using it.
  • Provides an Investigate Console to protect users and enable IT staff to understand the threat landscape with details such as phishing site vs adult content site.
  • Integrates Cisco Umbrella/OpenDNS with Cisco AMP ThreatGrid and other technology partners such as Check Point to enable other solutions’ threat intelligence into the platform.

There are few solutions that can provide this level of impact to security with as rapid a time to value. I am frequently asked about how to better protect home networks, so I am happy to note that a basic version, Cisco Umbrella Personal is free for personal use. You can view details at https://www.opendns.com/home-internet-security/

 

Leave a comment

Your email address will not be published. Required fields are marked *

Shares