Top Security Report #4 – Tunneling Traffic by Category

Share On Facebook
Share On Twitter
Share On Linkedin

This blog discusses the report #4 in a series of seven top security reports that can help you defend against bad actors.

Here are the previous parts: part 1, part 2part 3part 4 

Tunneling Traffic by Category

This report is another security report that addresses data protection and malware mitigation.  It lists DNS tunneling activities by specific categories and the percentage of events by DNS tunneling in a given timeframe.  It’s used frequently by network and security admins because it provides visibility into the top categories of DNS tunneling activities to prioritize risk mitigation efforts, and it helps defend against DNS tunneling-based malware insertion, data exfiltration, and anonymous IP traffic tunneling attempts.  While some applications are designed to use DNS tunneling (e.g., Spotify, some anti-virus apps), a common use case occurs when security admins are looking deeper for the type of exfiltration activity in their environments to distinguish between malicious & legitimate requests.

Top Report #4: Tunneling Traffic by Category
Service Area Data Protection & Malware Mitigation
Purpose Lists DNS tunneling activities by specific categories & the percentage of events by DNS tunneling in a given timeframe
Primary User Network & Security Admins
Importance Provides visibility into the top categories of DNS tunneling activities to prioritize risk mitigation efforts and counters DNS tunneling-based malware insertion, data exfiltration & anonymous IP traffic tunneling attempts
Use Case Security admins need to look deeper into exfiltration activity in their environments to distinguish between malicious & legitimate requests
Available Out-of-the-box & requires Advanced DNS Protection (ADP)

Report access is available through the security dashboard and requires ADP.  It allows the admin to filter for timeframe, top Number of tunneling instances, members and views through a pie chart, data table or both.  Analytics in this report helps teams guard against tunneling to infiltrate malware onto the network, exfiltrate data from the network and other unwanted tunneling activities.

Top Security Report 4 - Tunneling Traffic by Category Report

Here are the seven (7) security reports that can give you an edge over the bad actors.

Learn more:

  • Join the Infoblox Reporting & Analytics Technical Demo Series to continue the discussion in the free webinar on 7/17, 2018, 9A PDT, 12P EDT, 5P BST. Register
  • As an existing Infoblox DDI customer, you can deploy a virtual Infoblox Reporting & Analytics appliance free of charge — no strings attached. Download and try the Reporting & Analytics Free Tier today.

Labels:

Bob Rose

Sr. Product Marketing Manager, Solutions Marketing & DDI Value-Added Services at Infoblox

Bob has over 25 years of mid-to-senior level experience in B2B and B2C product marketing, product, project, program and partner management. This includes 14 years in technology (DDI, RPA, fintech, wireless and mobile apps, GIS and biometrics), 9 years in financial services, 3 years in healthcare and 2 years in manufacturing. He did his post-graduate work in Project Management and Quality and holds a Marketing Management BBA from Pacific Lutheran University in Tacoma, WA. He spends his personal time engaged in adult and youth ministries, coaching and watching soccer (go Liverpool FC & Sounders FC), sailing, camping, and listening to a variety of Christian, jazz and instrumental music.

View All Posts
×