Community Blog

480288900-660x454.jpg

Top Security Report #4 - Tunneling Traffic by Category

This blog discusses the report #4 in a series of seven top security reports that can help you defend against bad actors.

 

Here are the previous parts: part 1, part 2, part 3, part 4 

 

Tunneling Traffic by Category

This report is another security report that addresses data protection and malware mitigation.  It lists DNS tunneling activities by specific categories and the percentage of events by DNS tunneling in a given timeframe.  It’s used frequently by network and security admins because it provides visibility into the top categories of DNS tunneling activities to prioritize risk mitigation efforts, and it helps defend against DNS tunneling-based malware insertion, data exfiltration, and anonymous IP traffic tunneling attempts.  While some applications are designed to use DNS tunneling (e.g., Spotify, some anti-virus apps), a common use case occurs when security admins are looking deeper for the type of exfiltration activity in their environments to distinguish between malicious & legitimate requests.

 

Top Report #4: Tunneling Traffic by Category

Service Area

Data Protection & Malware Mitigation

Purpose

Lists DNS tunneling activities by specific categories & the percentage of events by DNS tunneling in a given timeframe

Primary User

Network & Security Admins

Importance

Provides visibility into the top categories of DNS tunneling activities to prioritize risk mitigation efforts and counters DNS tunneling-based malware insertion, data exfiltration & anonymous IP traffic tunneling attempts

Use Case

Security admins need to look deeper into exfiltration activity in their environments to distinguish between malicious & legitimate requests

Available

Out-of-the-box & requires Advanced DNS Protection (ADP)

 

Report access is available through the security dashboard and requires ADP.  It allows the admin to filter for timeframe, top Number of tunneling instances, members and views through a pie chart, data table or both.  Analytics in this report helps teams guard against tunneling to infiltrate malware onto the network, exfiltrate data from the network and other unwanted tunneling activities.

 

security report 4.png

 

Here are the seven (7) security reports that can give you an edge over the bad actors.

Learn more:

  • Join the Infoblox Reporting & Analytics Technical Demo Series to continue the discussion in the free webinar on 7/17, 2018, 9A PDT, 12P EDT, 5P BST. Register
  • As an existing Infoblox DDI customer, you can deploy a virtual Infoblox Reporting & Analytics appliance free of charge — no strings attached. Download and try the Reporting & Analytics Free Tier today.

Showing results for 
Search instead for 
Do you mean