Infoblox BloxOne Threat Defense vs. Cisco UmbrellaDNS-Layer Security Evaluation
Sponsor: Infoblox, Inc
All Reports Sponsored by this Vendor
Document Number: 222100
Publication Date: 1/11/2022
Page Count: 48
Abstract
Cyberthieves are constantly developing new methods to breach corporate networks, deploying various tactics that infiltrate
typical cyberdefenses and create a “backdoor” in order to steal confidential data or deploy malicious tools such as
ransomware.
For decades now firewalls and other security services have been in place to protect the direct interactions between corporate
computers and external internet servers. As those security services protect against common attack techniques, hackers turned
to other methods to evade detection, specifically for our discussion, the malicious use of Domain Name System (DNS) protocols.
DNS is used constantly by almost every IP-based device that needs to connect to other IP-based systems (e.g., computers, IoT
devices and OT devices), and its presence is essential to the internet and IP networks in general. DNS translates queries for names
of resources (like web sites or IoT/OT management servers) and returns IP address information that allows the connection to be
established. The whole concept of DNS was to translate IP addresses to common names we can easily remember.
Because DNS originated as a relatively simple translation tool, it was considered benign, with DNS traffic typically allowed to pass
through security solutions without additional inspection. Unfortunately, cyberattackers have developed new techniques to
exploit DNS and use it to steal sensitive data from corporate networks as well as to infiltrate malware into the network.
Infoblox commissioned Tolly to evaluate the effectiveness of the Infoblox BloxOne® Threat Defense solution in key DNS-layer
threat scenarios and compare those results against the Cisco Umbrella solution. Building on the Tolly report published in 2020,
this report re-checks those scenarios and adds new scenarios. The Infoblox Threat Defense solution demonstrated greater
effectiveness than Cisco Umbrella, as will be detailed shortly, and provided broader threat intelligence and ecosystem
integration than the Cisco Umbrella offering.