The Cloud Contained
The ThreatStop DNS firewall protects cloud workloads and stops threats from hitting the premises network.
If you're migrating to the cloud or building a hybrid deployment, you'll want to consider how to enforce security policies across your premises and the cloud infrastructure. One potential solution comes from ThreatStop, a cloud-based network security provider that offers a Domain Name System (DNS) firewall for Microsoft Azure and other clouds.
The ThreatStop DNS Firewall protects cloud workloads against ransomware, phishing, and other attacks, and prevents networks from communicating with command and control. In addition, the firewall provides flexible outbound protection against threats using malicious IP addresses and domains, including wildcards, and provides granular control over next-step actions. For example, you can specify whether you want to block, log, or redirect to a walled garden based on DNS query data and resolution path.
The ThreatStop DNS Firewall offers the flexible programming and reporting that organizations need to mitigate security risks. With ThreatStop, you can customize and manage security policies by threat type, severity level, and user-defined block and whitelists. ThreatStop also includes real-time detailed reports on malicious activity blocked and machines affected.
I set up a test account to check out ThreatStop. Configuration was fast, easy, and painless, and the reporting useful.
ThreatStop pitches a number of key benefits of using the DNS firewall. They are:
- Companies can apply policy consistently across their infrastructures, yet also have the flexibility to address site-by-site unique and special requirements or exceptions through customization.
- This solution is easy to deploy and manage, so doesn't require a lot of an IT security specialist's time or effort.
- On average, companies using the DNS firewall see bandwidth reductions of between 20% and 30% by stopping threat traffic before it hits the premises. "Overall we estimate ThreatStop drops 5-25% of the traffic dropped coming into the network," reported Simwood, an international carrier, in a blog post.
- ThreatStop maintains a resource of known bad IP addresses and blocks traffic from these.
- Policy changes impact all or multiple sites in one instance, for speed and efficiency.
More than 900 companies reportedly already use ThreatStop to protect their networks, and I can understand why. The ThreatStop service enables a physical or virtual firewall to deflect inbound attacks, and enables both firewalls and DNS servers to prevent infected hosts from communicating with threat actors trying to extract or alter data.
This service is cloud-based, updates automatically, and works with leading firewalls and DNS servers. For more information, see the case study: "What Works in Threat Prevention: Detecting and Stopping Attacks More Accurately and Quickly with ThreatSTOP."Follow Matt Brunk on Twitter and Google+!
Matt Brunk on Google+