DNS Guardian uses a unique approach that separates the two DNS functions (cache and recursive) in order to dramatically strengthen and improve the security framework. Each function is protected separately allowing an uninterrupted service to be provided, even when one function is targeted by an attack.
“Our primary objective is to offer the best solution to our customers through on-going innovation,” said David Williamson, CEO at EfficientIP. “With more and more companies relying on a continuous online presence to operate effectively, DNS server security is essential. We have taken a completely new approach to not only block traffic but also to be sure that legitimate traffic will always be answered. We believe it is the right way to mitigate DNS attacks.”
IT professionals have historically installed security solutions in an effort to block illegitimate traffic during an attack. However, until now they have not been able to accurately differentiate legitimate from non-legitimate traffic. As a result, legitimate traffic is also blocked, and this approach is also ineffective against insidious attacks. DNS Guardian is the only solution that currently offers real-time analysis of the DNS cache-recursive transactions. This enables users to detect specific DNS attack signatures, (such as DNS tunnelling, Phantom or Sloth domain attacks) protect the service by applying the appropriate counter-measures and remediate the attack by identifying its source.
The Rescue Mode counter-measure, based on DNS Guardian’s intelligence, mitigates volumetric or slow and insidious attacks on recursive and cache functions. This unique innovation ensures 100 per cent availability of the cache service, even under the most insidious DoS attack on the recursive function.
DNS Guardian also includes features to optimise network bandwidth and latency. The DNS cache functions share their information across appliances and are synchronised in real-time to reduce bandwidth usage. The cache is saved to operate at a 100 per cent level of performance after a server restart, therefore not requiring to be populated again by customer requests.