Photo by Abbas Tehrani on Unsplash

Photo by Abbas Tehrani on Unsplash

Employing DNS in network security

Revealing Traces

Article from ADMIN 70/2022
By
A holistic approach to designing network architecture and cybersecurity uses DNS for cyber defense to detect attacks at an early stage and fend them off before major damage takes place.

The corporate network has long ceased to be a single perimeter with branch offices connected to the outside world by the Internet. In the growing network jungle, however, an overall perspective is often difficult to maintain, which is why dividing the network into individual silos to give it structure seems tempting at first glance. This approach would definitely be wrong, because thinking in silos causes problems. Most important is the often missing ability to communicate between isolated solutions because a wide variety of security tools are implemented in the silos – and usually more than one.

Next-generation firewalls, web gateways, email security, endpoint security – the security solutions in the individual sectors are often piled up on top of one another. The unintended consequence of this strategy is that communication between the individual systems is poor, and often even incorrect. For example, if interfaces are not configured correctly, the security tools can trigger false or duplicate alerts among themselves, overwhelming what are already overburdened security teams. However, the tool for achieving a unified, comprehensive view of your network already exists – the Domain Name System (DNS). After all, as the hub of communications on the Internet, DNS can be the heart of integrated network management and security.

More Is Not Always Better

In IT departments, when workflows are not fully covered by just one security tool, communication interfaces need to be kept as up-to-date as possible at all times, and employees need to be constantly trained in the use of the many tools. These resources could be put to better use elsewhere. This problem is even more pronounced in large enterprises, which can be geographically widespread and might be working on restructuring such as mobile use, a multicloud rollout, or software-as-a-service (SaaS) and software-defined (SD)-WAN

...
Use Express-Checkout link below to read the full article (PDF).

Buy this article as PDF

Express-Checkout as PDF
Price $2.95
(incl. VAT)

Buy ADMIN Magazine

SINGLE ISSUES
Print Issues
Digital Issues
 
SUBSCRIPTIONS
Print Subs
Digisubs
 
TABLET & SMARTPHONE APPS
Get it on Google Play

US / Canada

Get it on Google Play

UK / Australia

Related content

  • Lead Image © JPaget RFphotos, 123RF.com
    Diving into infrastructure security
    How to deal with threat intelligence on the corporate network when the existing security tools are not effective.
    more »
  • Turla Malware Variant Targets Linux
    more »
  • Lead Image © Rostislav Zatonskiy, 123RF.com
    Malware analysis in the sandbox
    In malware analysis, a sandbox can provide insight into the software and its run-time environment. While a sandbox can prevent the execution of malicious code with built-in detection mechanisms, malware developers can use countermeasures to take advantage of those same detection mechanisms.
    more »
  • Photo by Sander Sammy on Unsplash
    Reducing the Attack Surface in Windows
    The sum total of all possible points of attack can be defined as the attack surface, and you need to take every opportunity to minimize it to the extent possible. Windows has built-in rules that minimize the attack surface; they simply need to be enabled.
    more »
  • Lead Image © Natalia Lukiyanova, 123RF.com
    Preparing for cyberattacks
    The possibility of a ransomware attack means it is essential to prepare for cyberattacks by putting defense mechanisms and contingency plans in place.
    more »
comments powered by Disqus