Infoblox Unveils Simplified Security Platform to Detect and Stop Threats in Today’s Borderless Networks
July 2019 by Pierre Kouliche
BloxOne Threat Defense is the industry’s first hybrid DNS security solution enabling enterprises to strengthen and optimize their cybersecurity posture from the foundation up
Infoblox Inc. announced BloxOne™ Threat Defense, the industry’s first hybrid security offering that leverages DNS as the first line of defense to detect and block today’s sophisticated cyberthreats. With a scalable hybrid architecture, BloxOne Threat Defense secures enterprises’ existing networks as well as digital transformations like cloud, IoT and SD-WAN deployments. It makes an organization’s threat analysts more productive and reduces the total cost of enterprise threat defense. The BloxOne Threat Defense solution combines the best of Infoblox’s on-prem (ActiveTrust) and cloud-based (ActiveTrust Cloud) security solutions into a unique integrated hybrid offering that provides enterprises scale, flexibility, and reliability. This enhanced solution reduces incident response time by providing actionable intelligence to the organization’s security stack, including SOAR (Security Orchestration Automation and Response), and by automating action using extensive ecosystem integrations.
Despite organizations utilizing multiple security tools in their stack, only a minimal number of alerts (about 4%) are investigated because they are short staffed. According to the Ponemon Institute, data breaches can take enterprises an average of 196 days to identify, resulting in a loss of $3.6 million per year and impacting brand reputation. Everyday CISOs are challenged to do more with less, simplify their security architecture, improve compliance and ensure protection for their data.
Enterprises require a scalable, simple, and foundational security solution that can catch threats in today’s dynamic networks. DNS, critical to the fabric of the Internet and any IP based communication, is also the least common denominator that can serve as the perfect foundation for security because it is ubiquitous in networks, is needed for connectivity and can scale to the size of the Internet. BloxOne Threat Defense presents a hybrid deployment that ensures enterprise networks will be protected at anytime, anywhere, leveraging the infrastructure organizations already own - DNS.
Organizations such as Bank Audi s.a.e. need to able to monitor mobile and roaming users connecting to their networks. “Our hybrid DNS security solution from Infoblox allows our team to easily monitor recursive DNS traffic for on-prem or remote users through a single pane of glass,” said Moustafa Marzouk, head of IT infrastructure and support at Bank Audi s.a.e. “This allows us to automatically detect and respond to threats in real-time. Now our team can easily integrate with our existing security tools, manage the network from one platform, and scale for future growth and innovation.”
BloxOne Threat Defense uses highly accurate threat intelligence and machine learning based analytics to detect modern malware, ransomware, phishing, exploit kits, DNS-based data exfiltration, Domain Generation Algorithms, DNS Messenger, fast-flux attacks and more. In addition, the hybrid approach allows organizations to use the cloud to detect more threats, while providing deep visibility and full integration with the on-premises ecosystem. It also provides resiliency and redundancy.
With BloxOne Threat Defense, Infoblox has further optimized its enterprise security offering, helping customers reduce the total cost of threat defense by:
● Offloading strained perimeter defenses: Reducing the amount of malicious traffic sent to Next Gen Firewalls, IPS and Web Proxy solutions by utilizing already-available DNS servers as the first line of defense
● Reducing incident response time by up to two-thirds*: Automate responses when malicious behavior is detected, block cyberthreats and provide data for the rest of the ecosystem to investigate and remediate.
● Power SOAR/SIEM platforms and Prioritize response: Leverage DNS, DHCP and IPAM data in SOAR/SIEM platforms to understand criticality of threats and to prioritize responses accordingly
● Make threat analysts three times more productive: Empower security analysts to make quick and accurate decisions while reducing human error with automated threat investigation, insights into related threats, and bad actor and geographical information