As businesses deepen their digital transformation to embrace remote work and online operations during the COVID-19 pandemic, significant challenges arise regarding technology automation and security.

Network security company Infoblox Inc. provides what it calls the “next-level networking” experience by managing increasingly complex network demands across diverse physical, virtual and cloud infrastructure. It focuses on identifying and managing devices connected to networks — specifically Domain Name System, Dynamic Host Configuration Protocol, and IP address management (collectively called DDI).

“DNS is essentially this ubiquitous platform, which is already there, [and] it can already provide the sort of security services by default,” said Craig Sanderson (pictured), vice president of security products at Infoblox. “If you’re trying to secure all these heterogeneous IoT devices, one thing they have in common, they’re all going to get an IP address, so we’re going to use DNS.”

Sanderson spoke with John Furrier, host of theCUBE, SiliconANGLE Media’s livestreaming studio, during the Infoblox Next Level Network Experience event. They discussed the advantages of inserting security tools on DNS servers and how this system is different from other security solutions. (* Disclosure below.)

DNS ubiquity is critical

The Data Protection and Malware Mitigation Solution from Infoblox leverages infrastructure that businesses rely on every day, DNS, as the first line of defense to block data exfiltration, malware activity and more, according to Sanderson. The solution also automates response and provides “crime scene DNA” to the rest of the ecosystem for faster remediation.

“If I try to go to a malicious domain and I try to steal data over DNS, not only would we be able to block it, but we’d also be able to dynamically share that mitigation to all of the on-prem DNS servers, the DNS servers you run in your public or private cloud, and for all the other like remote users,” Sanderson explained.

Although the DNS was designed for networking and not security purposes, it is possible to redefine all its core assets, such as scalability, flexibility, adaptability and ubiquity, to make it the basis of a next generation of security architecture, according to Sanderson.

“You could take a DNS server from us and a DNS server from another company, and because it’s based on standards, it will work seamlessly together,” Sanderson stated. “In fact, the threat mitigation mechanism … is based on so-called response policy that’s been part of the DNS standard since 2010 and it works seamlessly across multiple vendors.”

This system is different from other security tools that do not have a common denominator like DNS and need to configure devices separately and sew them together manually. “It’s kind of like a jigsaw where you get all the pieces together that you think you need and then the burden is always on the customer or the organization to then piece these things together,” Sanderson explained.

The Infoblox solution helps avoid this problem, Sanderson added.

Infusing threat intelligence

To implement a DNS security system, it is not necessary to make changes to the network architecture. All it takes is to infuse security knowledge, whether it’s machine learning, analysis or threat intelligence, according to Sanderson. The threat intelligence will tell the DNS, for example, which malicious domains or IP addresses are to be blocked.

Looking at the DNS server, it is also possible to have visibility into the characteristics of cyber threats. “If you think about a typical user who clicks on a phishing link … who’s going to see the malicious requests first? Is it your firewall? No, your DNS server,” Sanderson said. “Because you made the request … you need to find out the IP address of it. So, if you want to understand what the bad guys are doing, your DNS servers have got a front-row seat.”

But if DNS is such a critical infrastructure, why don’t more companies worry about modernizing and updating it to manage security threats?

“One of those things is because DNS is a victim of its own success. The fact that is reliable, it is consistent, you don’t have lots of DNS outages typically. As a result of that, people tend to forget about how critical it is … in serving all of your applications and your users,” Sanderson concluded.

Watch the complete video interview below, and be sure to check out more of SiliconANGLE’s and theCUBE’s coverage of the Infoblox Next Level Network Experience event. (* Disclosure: TheCUBE is a paid media partner for the Infoblox Next Level Network Experience event. Neither Infoblox Inc., the sponsor for theCUBE’s event coverage, nor other sponsors have editorial control over content on theCUBE or SiliconANGLE.)

Photo: SiliconANGLE