SaaS-based ActiveTrust Cloud helps halt data theft, DDoS attacks and detect malware, including ransomware.

Lorna Garey

January 25, 2017

3 Min Read
Computer Viruses

Lorna Garey**Editor’s Note: Click here for our recently compiled list of new products and services.**

Infoblox announced on Wednesday a SaaS offering to help its partners detect and respond quickly to DNS-based attacks on customer networks, mobile employees and branch offices.

The company says the new ActiveTrust Cloud assists in identifying compromised devices on or off the network with a <.001% false-positive rate, preventing data exfiltration through DNS channels, and automatically blocking communications with command-and-control servers to keep attackers from redirecting traffic to malicious sites or spreading malware.

About 90 percent of Infoblox’s business comes through its channel.{ad}

The Internet domain name service translates a typed URL into an IP address. Weaknesses in DNS, long a concern for security experts, came into broad focus thanks to recent record-setting distributed denial-of-service attacks like the one that took down DNS host Dyn in October — and, by extension, crashed sites including Twitter, Netflix, Spotify and Amazon. Hundreds of less prominent customers were affected as well.

And it’s not just DDoS attacks. In August, Infoblox released a Security Assessment Report covering the second quarter of 2016 that showed a sharp increase in other types of malicious activity related to DNS, including introducing ransomware.

DDoS attacks are just one of the 7 Looming Cybersecurity Risks partners need to watch for in 2017. Get our free report now, brought to you by Verizon. Download here!

Security expert Michael Cobb says the service is an interesting offering and should be attractive to customers whose network and security teams are overstretched or lack DNS expertise. Cobb recommends that partners offering managed services have a well-rehearsed emergency plan in place to respond to DNS-related attacks. Such a plan requires specialists with knowledge of proper DNS configuration and common attack vectors; Cobb says Infoblox’s threat intelligence feed will help these teams keep ahead of the latest attack techniques and campaigns.

That feed is a selling point as it incorporates data from thousands of sources, including other security vendors.

ActiveTrust Cloud is delivered in a pay-as-you-go model with no hardware requirements and includes the ability to …


… customize policies and apply behavioral analytics to spot malicious activity.

“Today’s workforce is increasingly mobile, and the number of employees working from remote locations is rising,” said Scott Fulton, executive vice president of products at Infoblox, in a statement. “Remote and branch offices often don’t have the resources to manage security infrastructure on premise[s] and end up compromising on their security posture. Infoblox can now offer protection for these remote users and branch office users with our easy-to-use SaaS service without the need to deploy infrastructure.”

ActiveTrust Cloud is available now; annual subscriptions start at $16,000. Partners can evaluate the service with a free, full-featured 30-day trial.

“DNS records, along with digital certificates and keys, are the foundations on which an organization’s online present – and in many cases their entire business – is built,” says Cobb. “Yet rarely are they given the robust protection such critical assets require. DNS-based attacks have plagued many major enterprises; the attackers often leveraging poor security practices. DNS security is getting harder as IT infrastructures continue to spread across so many devices and locations.”

Follow editor in chief @LornaGarey on Twitter.

Read more about:


About the Author(s)

Free Newsletters for the Channel
Register for Your Free Newsletter Now

You May Also Like