Freely subscribe to our NEWSLETTER

The security, reliability and manageability of core network services – including domain name resolution (DNS), IP address assignment (DHCP), IP address management (IPAM) and others – directly impact the availability and security of critical network applications, such as email, web services, Microsoft Active Directory, Voice over IP (VoIP) and wireless.

An exploit recently discovered by security researcher Dan Kaminsky that makes it relatively easy to execute a DNS “cache poisoning” attack underscores how critical DNS security is to the functioning of other Internet programs. Cache poisoning enables an attacker to redirect Web traffic – including ecommerce transactions and email – from legitimate sites to malicious sites controlled by hackers and criminals without any action by end users and usually without detection. Although a short-term fix has been implemented for the recently discovered exploit, experts agree that there are going to be other critical vulnerabilities discovered in DNS followed by new exploits and attacks. As such, the ability to quickly react and patch DNS is essential to maintaining a secure infrastructure in the future.

The Infoblox appliance-based solution provides immediate protection against the DNS exploit discovered by Kaminsky and also provides features that will be essential for detecting and thwarting future attacks. Infoblox’s newest NIOS release, version 4.3r2, includes several new security features that monitor DNS protocol traffic, provide reports and proactive alerts when an attack is in progress, and a means to automatically mitigate attacks.

The new features monitor multiple indicators of an attack in-progress, such as mis-matched UDP ports and DNS Query IDs, and send email and/or SNMP traps when the traffic pattern is consistent with an attack. This enables IT administrators to take preventive actions. For example, the new NIOS software also includes a command to throttle or completely deny connections from a specific DNS server, allowing the administrator to mitigate or stop an attack.

Infoblox’s hardened NIOS™ operating system and unique grid technology provide lasting protection against future attacks. Infoblox grid technology makes it possible to patch and upgrade dozens or hundreds of appliances with a single command, in a production network, without incurring DNS service downtime. This is essential to enabling fast response when new attacks are unleashed in the wild.

Organizations can protect their existing DNS infrastructure quickly and easily, without major changes, by installing a layer of hardened Infoblox appliances configured as forwarders between the Internet and their current, Internet-facing DNS servers. The hardened Infoblox systems with DNS monitoring, alerting, reporting, mitigation and one-button, no-downtime upgrades essentially provide a “DNS firewall” – the most flexible, dynamic protection available for dealing with the new DNS security arms race.

The newest version of Infoblox’s NIOS operating system also includes a number of key IP address management features that help simplify administration, especially for large, highly distributed organizations:

– Network discovery: Enables an administrator to obtain a detailed view of the devices actually connected to the network; reconciliation makes it easy to align the Infoblox IPAM database with the actual state of the network, providing a means to find lost assets and detect rogue devices.

– Role-based administration: Ensures that administrators are only given access to view and modify specific core network services attributes – down to the object level – consistent with their functional role, limiting and preventing errors and enabling delegated administration without compromising system security or availability along with full auditing for compliance.

– Overlapping networks: Allows customers to have multiple instances of the same network address space in a single grid with a common management interface; multiple networks can be viewed and managed simultaneously, without opening and closing different configuration sets.

Pricing and Availability:

The new Infoblox NIOS software version 4.3r2 is now available. Pricing for the solution on the Infoblox-250 appliance starts at $2,495 in the U.S. Software upgrades are available free of charge for all current customers with a valid maintenance contract.