DNS Security Solutions

The domain name system (DNS) is fundamental to the proper operation of nearly every IP network application, from web browsing, email, to multi-media applications and more. DNS provides the lookup and translation services from name to IP addresses that are used by computers to communicate. An attack that renders the DNS service unavailable or which manipulates the integrity of the data contained within DNS can effectively bring a network down.

DNS has proven extremely effective and scalable in practice and most people take DNS for granted given this and its proven reliability. However, its essential function and decentralized architecture serve to attract attackers seeking to exploit the architecture and its rich data store for sinister activities. BT Diamond IP offers a defense in depth approach to reduce exposure and mitigate impacts including DNS security extensions (DNSSEC), denial of service mitigation, access control lists, DNS firewall, inbound and outbound rate limiting and more.


DNS Security Resources

White Papers

  • DNS Security Strategies

    Learn about the many ways DNS can be attacked or used as an attack vehicle and how you can defend your DNS. This white paper begins with a basic overview of DNS then presents potential vulnerabilities, followed by mitigation strategies that can be deployed to reduce exposure to various attack types.

  • Protect Against Malware with DNS Firewalls

    Securing your network requires disciplined systems, processes and intelligence. Most security strategies rightly focus on data flows into and out of an organization in an attempt to prevent illicit intrusion and infiltration. However, you may not be protecting your network optimally if you are not considering attacks originating from within your network. For example, an attacker may attempt to install malware on devices within your network to enlist such devices as subject to the control of the attacker. Learn how a DNS firewall can protect your network and to help identify and block such infected devices.

  • Securing Domain Name Resolution with DNSSEC

    DNS security extensions, DNSSEC, provide a means to authenticate the origin of resolution data within DNS and to verify the integrity of that data. DNSSEC provides a means to detect packet interception, message ID guessing, and cache poisoning attacks. This white paper provides a high level overview of how DNSSEC works and the basic administrative requirements for configuring and managing DNSSEC configurations.

Datasheets

  • Diamond IP Security Battlecard

    A concise yet thorough summary of network and computing attack vectors that can infiltrate your DNS, disrupt your network or propagate malware along with corresponding mitigation approaches.

  • Diamond IP Security Solutions

    A quick read on key Diamond IP DNS security solutions to help you protect your users and your network.

  • Diamond IP DNS Firewall

    Our DNS Firewall products and services can help you detect and mitigate malware within your network to minimize information loss and malware propagation.

  • Sapphire DNSSEC Applicances

    Our DNSSEC line of appliances allows you to personalize your DNSSEC policies which are enacted for automated zone signing, key rollover and parent-child delegation.

Videos

  • Malware Mayhem Mitigation

    Malware abuse has surged to become more than just a nuisance for network security engineers. As independent IT security company AV-Test Institute attests, 250,000 new malicious programs are cataloged every day. Malware comes in numerous different forms and has been used to attack numerous different device types from IoT devices, to power system devices, to mobile phones and of course good old laptops and computers. This webinar discusses strategies for reducing your vulnerability to malware and steps you can take to detect and mitigate it, with an emphasis on DNS firewall technology.

  • Is your Network Security Missing Something?

    The domain name system (DNS) is used for every Internet Protocol (IP) connection to web servers, email servers and so on, providing the vital linkage between the user-entered “www” name and its IP address your computer needs to connect. Yet securing DNS is often overlooked. This webinar arms you with details of various forms of DNS attacks and approaches you may employ to mitigate risks to your DNS and your network as a whole.

  • Do Not Skip (DNS) Security

    With Internet Registries serving 90-plus percent of the world’s population having now depleted available IPv4 address space, new address space requests will all but require IPv6 allocation. Even if you have sufficient IPv4 address space, other Internet users are using IPv6 and you will need to support both protocols to connect with them and the whole Internet. BT recently conducted an industry survey regarding attitudes and plans around IPv6 deployment and we share in this webinar some of those results today so you may gain a sense of where industry peers stand on IPv6 deployment.

  • DNS Security Strategies

    DNS has proven extremely effective and scalable in practice and most people take DNS for granted given this and its proven reliability. However, its essential function and decentralized architecture serve to attract attackers seeking to exploit the architecture and its rich data store for sinister activities. Learn about potential vulnerabilities and associated security strategies you can employ to improve your overall network security.

DNS Security Book by BT authors

  • DNS Security Management

    An advanced Domain Name System (DNS) security resource that explores the operation of DNS, its vulnerabilities, basic security approaches, and mitigation strategies DNS Security Management offers an overall role-based security approach and discusses the various threats to the Domain Name Systems (DNS).


Contact Us

BT Diamond IP
415 Eagleview Blvd., Suite 112
Exton, PA 19341
USA
swsupport@diamondipam.com

Support: +1 610 321 9085 (Monday - Friday 9am - 8pm EST)