Get to know the advanced features of DNSSense closely and protect your organisation from the threats of the cyber world!
Why Should We Use DNS Level Protection?
Since the DNS Layer is at the bottom of the application layer. So, malicious traffic can be blocked at the DNS level before it starts. In addition, DNS is used by all protocols like HTTP, HTTPS, SMTP, and IoT. DNS traffic provides information about the application layer and your entire network.
Moreover, some malicious traffic can only be detected and prevented by DNS level protection. For example, 80% of malware domains currently do not have an IP address. Malware requests that do not have an IP address can only be detected in the DNS log. Or DNS tunnelling can only be prevented by DNS level protection.
Why is DNS visibility important?
With DNS level protection, you can prevent the attacks but cannot detect the actual machine that generates the malicious traffic. Client IP addresses vary, so they are not suitable for retroactive verification. They should be enriched with constant information about computers and users. DNS visibility lets you detect the device and user that generates related DNS queries. These actual device and user information is very important for SOC teams.
What Is The “Security Gap” Feature?
The “Security Gap” feature reports malicious traffic that the existing security devices (UTM Firewall, Proxy, DNS Firewall, etc.) cannot detect.
Security Gap simulates connecting to the malicious domain to test the security in the network by 3 different ways, Which are;
1- Test with DNS query from existing DNS server
2- Test with Http/Https request via the proxy server
3- Tests to reach a malicious domain with direct connection HTTP/HTTPS through Gateway.
DNSEye VM appliance in your network sends a malicious connection request to DNSSense's cloud-based malicious simulation service, with a specific metadata.
Security Gap = Blocked, malicious traffic is blocked;
When DNSSense's simulation service does not get the metadata, which means the malicious connection is blocked by the security, it is reported as the attack is blocked along with the information about which device (Proxy or UTM) successfully blocked the malicious traffic.
You Claim that You Categorize Better Than Other Companies. How Can You Prove This?
We use Cyber X-Ray, our own 100% artificial intelligence-based domain categorization platform. We monitor and store the entire internet historically and relationally up to five years back. We are so confident in this matter that we have added a feature called "Security Gap" to our "DNSEye" product. The "Security Gap" feature gives you a report that shows the malicious traffic your security devices miss. Thanks to this feature, you can easily see our added value to your company. In addition, we provide domain categorization services to the three firewall manufacturers in the world.
Can DNSSense Detect Phishing Domains?
Yes. Thanks to its native AI classification platform, DNSSense detects and blocks the domains used in phishing attacks in a short time.
What Is Your Licencing Model?
The products are sold with a one or three years ethical license. The number of licenses is the number of devices has access to the internet.
Can I Buy the Products Separately, or Are They All Purchased at Once?
“DNSEye”, “DNSDome”, and “Cyber X-Ray” are different products and can be purchased separately or together.