Login Sign-up

The Tolly Group - 3rd-party IT Testing, Validation, & Analysis

Infoblox BloxOne Threat Defense vs. Cisco Umbrella

Infoblox BloxOne Threat Defense vs. Cisco UmbrellaDNS-Layer Security Evaluation

Sponsor: Infoblox, Inc

All Reports Sponsored by this Vendor

Document Number: 222100

Publication Date: 1/11/2022

Page Count: 48

Abstract

Cyberthieves are constantly developing new methods to breach corporate networks, deploying various tactics that infiltrate typical cyberdefenses and create a “backdoor” in order to steal confidential data or deploy malicious tools such as ransomware.

For decades now firewalls and other security services have been in place to protect the direct interactions between corporate computers and external internet servers. As those security services protect against common attack techniques, hackers turned to other methods to evade detection, specifically for our discussion, the malicious use of Domain Name System (DNS) protocols.

DNS is used constantly by almost every IP-based device that needs to connect to other IP-based systems (e.g., computers, IoT devices and OT devices), and its presence is essential to the internet and IP networks in general. DNS translates queries for names of resources (like web sites or IoT/OT management servers) and returns IP address information that allows the connection to be established. The whole concept of DNS was to translate IP addresses to common names we can easily remember.

Because DNS originated as a relatively simple translation tool, it was considered benign, with DNS traffic typically allowed to pass through security solutions without additional inspection. Unfortunately, cyberattackers have developed new techniques to exploit DNS and use it to steal sensitive data from corporate networks as well as to infiltrate malware into the network.

Infoblox commissioned Tolly to evaluate the effectiveness of the Infoblox BloxOne® Threat Defense solution in key DNS-layer threat scenarios and compare those results against the Cisco Umbrella solution. Building on the Tolly report published in 2020, this report re-checks those scenarios and adds new scenarios. The Infoblox Threat Defense solution demonstrated greater effectiveness than Cisco Umbrella, as will be detailed shortly, and provided broader threat intelligence and ecosystem integration than the Cisco Umbrella offering.

Login Sign-up
An unhandled error has occurred. Reload 🗙