DNS Firewall – DNS Based Security

Additional Info

CompanyORYXLABS
Websitehttps://oryxlabs.ae/
Company size (employees)50 to 99
Headquarters RegionMiddle East
Type of solutionCloud/SaaS

Overview

DNS FIREWALL takes a state-of-the-art approach to help your organization defend against DNS- based attacks.

Cost-effective and easy to operate, our solution monitors all outgoing DNS traffic from an organization’s on-premise and remotely operated computers, tablets, smart sensors and equipment – ensuring those endpoint devices do not access dangerous website.

Implemented from a single software platform with no new hardware requirements, DNS FIREWALL uses machine learning, artificial intelligence and advanced algorithms to assess, in near-real time, the destination of all outbound DNS traffic.

If a device attempts to access a website we’ve identified as malicious or any other website displaying suspicious characteristics, the access is blocked.

As a result, the flagged website is prevented from executing or installing phishing attacks, ransomware, spyware, crypto mining malware, and exploit kits, or connecting to command and control servers.

The solution also constantly monitors all devices for possible compromise, containing and isolating those devices from the internet and the rest of the organization’s network.

Ability to visualize all DNS requests logs across an organization in near real-time in a single location.

In addition, executive dashboards and detailed reports allow security professionals to uncover valuable insights from DNS traffic.

Key Capabilities / Features

- High Availability and Low Latency
Globally distributed DNS network, ensuring 100% uptime. Low latency (less than 15 ms), ensuring optimized DNS resolution performance.
- Effective DNS protection for Roaming Clients
Roaming clients to protect devices (Windows, Mac OS X, iOS, Android) even when they are outside the corporate network. Quarantine infected roaming clients to prevent spread of infection.
- UAE Sovereign
The only sovereign-owned UAE entity providing DNS-focused cyber solutions, a critical consideration, given the solution’s visibility into all customer DNS requests.
- Scalable
Designed to scale, our product is built to grow seamlessly alongside your organization and its needs.
- Accurate malware detection and content classification
Best-in-class malware detection and content categorization, ensuring minimal operational overheads dealing with false positives (< 0.5% false positive rate)
- Simplified Deployment and Monitoring Mode.
Deploy in under 10 minutes across an entire organization. Manage your enterprise DNS traffic in real time.
- Customization
Flexible enough to enable different product customizations to meet unique organizational or operational requirements and requests.
- Simplified Integration with SIEM
Correlate DNS request data with other critical events in the organization to uncover valuable insights.


How we are different

1. Accurate DNS Threat Protection: DNS Firewall provides accurate protection against malicious domains in real-time by blocking requests that could lead to phishing attacks, botnet communication, ransomware, or other cyber threats before they reach a network. Using machine learning algorithms to detect threats focused on the DNS layer, DNS Firewall can detect DGA and malicious DNS Tunneling domains with a high level of accuracy. Based on internal benchmark on our client DNS requests, the false positive rate stood at a mere 0.5%.


2. Global Visibility and Reporting: DNS Firewall provides comprehensive reporting and visibility into all the DNS requests in an enterprise. The real-time visibility of all DNS requests in a single location provides valuable insights on trends in DNS request patterns, insights on emerging threats and risky networks/devices ensuring a strong first layer of defense for any network.


3. Simple and effective: Setting-up and deploying DNS Firewall on large networks and endpoints is seamless with no change to network topology. Once deployed, DNS protection policies can be configured in monitoring mode to observe blocked DNS traffic before enabling blocking mode. This enables a smooth rollout in critical networks