Akamai Technologies, Inc. has introduced Enterprise Threat Protector. The new solution is designed to provide customers quick-to-deploy and easy-to-manage cloud-based protection against the impact of complex targeted threats such as malware, ransomware, phishing and DNS based data exfiltration. According to the Ponemon Institute, the average cost of a cyber-attack on a company is $9.5 million, and despite the myriad security solutions currently in use to thwart attacks, malicious actors continue to exploit weaknesses and gaps, resulting in a variety of negative consequences for today’s enterprises.
Recursive DNS, a critical but often overlooked part of enterprise infrastructure, can be one of these gaps. Even though a majority of software and clients rely on DNS to communicate with one another, DNS does not have built-in intelligence to determine if a domain being requested by a user is safe or malicious.
Akamai’s Enterprise Threat Protector is designed specifically to address the “intelligence gap” in DNS infrastructure. Using threat data gathered through Akamai’s Cloud Security Intelligence capabilities, Enterprise Threat Protector layers critical intelligence onto a company’s recursive DNS requests, preventing users from accessing malicious domains and lowering risk for businesses of all sizes. The value of Enterprise Threat Protector comes from the solution’s ability to better determine the “intent” of a DNS request from the enterprise. For example, should a malicious email bypass security and an employee inadvertently clicks the included link, Enterprise Threat Protector recognizes that the target domain is associated with known or suspected malicious activity and actively blocks the request.
In addition to the solution’s capability to identify and block access to those domains known to host sites that are used to deliver malware and ransomware, and/or known to be associated with phishing attacks, Enterprise Threat Protector can also disrupt communications between devices within an enterprise that have already been infected with malware and the bad actors’ command and control (C2) servers. C2 is a common, Internet-based mechanism to control malware once it has infected systems. Further, the solution can identify DNS data exfiltration attacks where the DNS protocol is leveraged as a way to send sensitive data outside of the enterprise. And because DNS is such an effective control and enforcement point for enterprise security teams, Enterprise Threat Protector can also be used to prevent access to web content that falls outside an enterprise’s acceptable use policy.
Akamai’s new Enterprise Threat Protector is designed specifically to:
• Significantly improve security defenses and close DNS security gaps by proactively blocking DNS requests to malware drop-sites, ransomware sites, malware command and control sites and DNS data exfiltration and phishing domains based on unique and up-to-date threat intelligence.
• Instantly add scalable protection without complexity or hardware by utilizing a fully cloud based solution that can be configured and deployed in minutes with no disruption for users.
• Improve security while reducing management time by managing security from anywhere and deploying policies in seconds to protect all locations.
• Help customers easily improve compliance and enforcement of Acceptable Use Policies by blocking access to objectionable or inappropriate domains.
• Improve DNS resilience through Akamai’s carrier-grade, global intelligent platform.