Defense against domain-based threats
Our SecureDNS service is an important weapon against modern cybercrime. SecureDNS identifies communications with malicious domains and redirects the user to a safe landing page or sends the bad traffic to a sinkhole.
Leveraging advanced threat intelligence generated by RA Labs, SecureDNS provides an always-on defense against criminals who use DNS as a platform to launch their attacks.
Mechanized mitigation Automated blocking of phishing, malware and botnets — before they start
Easy to set up and use Zero-maintenance, with no appliance or endpoint software to install
- Intelligent Disruption at the DNS layer keeps you a step ahead of new cyber threats
A safe landing page
Users are redirected from malicious internet destinations to a safe landing page. Your administrator can see which workstation is being redirected, providing insight to potential high-risk user behavior
Broad protection from many threats
SecureDNS offers a low-cost, high-value solution to drastically minimize your exposure and mitigate DNS tunneling attacks, malware infection, and a variety of other DNS-based risks, including:
Malware callback events By blocking malware from communicating with command and control, SecureDNS prevents attacks from advancing to the next stage.
FastFlux Through a dynamic, intelligence-driven feed of malicious domains and their associated IP addresses, SecureDNS provides a mechanized defense to combat mechanized adversaries, including botnets that use FastFlux to rapidly rotate IP addresses and domain names.
- Data exfiltration SecureDNS kills advanced persistent threats that use a malicious domain in the exfiltration of corporate or employee data.
Accurate, flexible geo-blocking
Block specific TLDs With SecureDNS, you can easily block top-level domains (TLDs) like .cn (China) or .ru (Russia). Blocking TLDs provides more accurate geo-blocking with fewer false positives than attempting to block by country-based IPs alone.
- TLD control You can control sessions with foreign domains, but still allow IP-based connections to any distributed infrastructure.