Tolly Report Overview

Sponsor:   Infoblox, Inc     View all reports from this sponsor

Title: Infoblox BloxOne Threat Defense vs. Cisco Umbrella DNS-Layer Security Evaluation

Publication date:   06 November 2020
Document number:    220141

Abstract:

DNS is used constantly by almost every IP-based device that needs to connect to other IP-based systems (e.g., computers, IoT devices and OT devices), and its presence is essential to the internet and IP networks in general. DNS translates queries for names of resources (like web sites or IoT/OT management servers) and returns IP address information that allows the connection to be established. The whole concept of DNS was to translate IP addresses to common names we can easily remember – like www.infoblox.com or www.tolly.com (each of which requires underlying IP addresses for computers to connect).

Because DNS originated as a relatively simple translation tool, it was considered benign, with DNS traffic typically allowed to pass through security solutions without additional inspection. Unfortunately, cyberattackers have developed new techniques to exploit DNS and use it to steal sensitive data from corporate networks as well as to infiltrate malware into the network.

Infoblox commissioned Tolly to evaluate the effectiveness of the Infoblox BloxOne® Threat Defense solution in key DNS-layer threat scenarios and compare those results against the Cisco Umbrella solution. Two scenarios were created to replicate real- world situations. The first scenario was to infect a point-of-sale (PoS) system with malware, and the second scenario was to attempt the exfiltration of data over DNS (which would typically occur after a system was infected). Additionally, engineers reviewed global and locale-specific threat intelligence options offered by each vendor, as well as ecosystem integration with third-party management solutions designed to streamline security operations and incident response. The Infoblox Threat Defense solution demonstrated greater effectiveness than Cisco Umbrella, as will be detailed shortly, and provided broader threat intelligence and ecosystem integration than the Cisco Umbrella offering.


Number of pages: 23      Publication price: $0.00

Register to download   or login

Click on image to download this report



Click Here to search the Tolly archives