Infoblox has announced upgrades to its range of network devices to try to better protect DNS servers from cache poisoning and other malicious attacks.
The IP address management vendor has upgraded its NIOS operating system with additional security features to monitor DNS protocol traffic sp that IT managers are alerted when an attack is in progress and provide methods to automatically mitigate an attack. To combat the recent vulnerabilities revealed about DNS, Infoblox NIOS Version 4.3r2 includes a DNS firewall feature that Infoblox says will protect servers from potentially malicious activities. NIOS runs on hardware appliances ranging in size and capacity, depending on the environment.
Infoblox claimed that with this release enterprise network managers could reconfigure internal servers to send recursive queries to the appliances equipped with the DNS firewall capability, to protect internal systems without causing a reduction in DNS services. Infoblox appliances sit in a data centre in front of DNS and DHCP servers in a high-availability pair.
The appliances are part of the company's grid technology, which enables enterprise network managers to perform one-to-many upgrades across multiple appliances.
"Despite the patches that have been released to protect against recent DNS vulnerabilities, those are short-term fixes. Recursive queries are the subject of attacks and you simply can't not have them and it is a challenge to keep up with patching multiple systems," said Brett Eldridge, vice president of product management at Infoblox. "By reconfiguring the servers to send those queries to protected appliances, the scope of where someone can attack you is reduced."
The company, which competes with the likes of BlueCat Networks, BT Diamond and MetaInfo, also added a feature that monitors signs, or fingerprints, of the attack. With this information, enterprise network managers can more quickly identify similar attacks in the future and take steps, such as limiting traffic to the IP address under attack, to mitigate the risk.
"You can't sit and watch your DNS servers all the time, but with this fingerprint feature, there is earlier indication that you are under attack and measures can be taken," Eldridge said. "These features make it easier to understand when you might be under attack."
NIOS Version 4.3r2 is available across five appliance platforms. Pricing starts at about US$2,500(£1,360) for the lower-end appliances. The operating system software upgrade is available free of charge to current customers with valid maintenance contracts.