Maintaining compliance, whether to government sanctions or to other best practices standards, is a challenge to any business with an internet presence. Enforcement covers all aspects of internet-facing infrastructure, including firewalls, DNS servers, and cloud applications. Watch the video below as the ThreatSTOP provides some compliance options available today.
ThreatSTOP's IP defense delivers Threat Intelligence to your TCP/IP enforcement devices to intercept IP sources and destinations. The same pool of Threat Intelligence used to create DNS Defense policies is used to create policies that continuously update access control lists with the latest infrastructure matching the risks you want to interdict.
Threat Intelligence resulting in domains/IP addresses that match risk categories are delivered to your DNS Servers enabling them to interdict and report on connections to selected categories. This data is received from 850+ authoritative Threat Intelligence feeds in addition to ThreatSTOP private research and curated and correlated by the ThreatSTOP security team using machine learning augmented by manual curation. It can be tailored through a selection of the risk category and handling a match in accordance with your security policy.
Our ThreatSTOP AWS WAF rules provide comprehensive protection for your AWS infrastructure against various malicious connections such as bots, scanners, malware, and unauthorized entities. You can easily access these rules as prepackaged Managed Rules from the AWS marketplace or choose to fully customize them with reporting functions available on the ThreatSTOP platform. With our WAF rules, you can efficiently safeguard your AWS infrastructure against attacks, optimize bandwidth, CPU, and memory usage, and ensure regulatory compliance.
Organizations must take cybersecurity seriously. However, many businesses do not have the time, knowledge, equipment, or staff to carry out accurate compliance options. This is where ThreatSTOP comes in. ThreatSTOP will help your company by protecting DNS, working with AWS WAF, and defending your network at all times. ThreatSTOP can even customize security to fit your unique needs. Are you ready to stop the threats? Call ThreatSTOP!
Learn More:
What DNS Security Does A Typical Enterprise Need?
Video Transcript
0:05 Intro
0:13 IP defense
1:32 DNS security
3:14 DNS defense cloud
3:47 IP & DNS together
4:05 AWS WAF
0:05 Intro
So let's take a look at enforcement options and the different ways you can implement this.
0:13 IP defense
One is IP defense. These are basically firewalls and routers that are capable of acting as firewalls that are filtering based on the IP address. A typical thing that you discover here is that a device, perhaps a laptop that's been brought into your company, is infected and it's beaconing; It’s acting, it's been taken over by somebody, and it's asking for instructions from its new owner. You could detect that beaconing, and you can save time to go clean up the machine.
We have customers that read their beginning report every morning and go around and collect laptops and re-image them. You get to decide how you want to do that enforcement, but we'll inform you about it. One thing that's important to realize here is that inbound attacks are foiled this way but also these beaconing attacks that are outbound traffickers, it's equally important to detect if you want to keep your network safe. You block inbound attacks and outbound attacks that are unsafe; it doesn't matter what protocol you're using. There's a character gen protocol that you may have never heard of, but it's used for DDOS.
1:32 DNS security
DNS security is getting increasingly important because of content distribution networks where the same set of IP addresses are used to distribute thousands of different websites. If you go to some of the big CDN providers, you'll probably find that there's some content to offend you regardless of your politics or your level of security. Pirate content, ransomware, etc., you want to block it, and you don't want to block all the different content that's coming there because a bunch of it is stuff that you want. So you can't do it by IP address. Doing it by domain name allows for safe lookups while blocking the harmful ones. Again, blocks ransomware early in the kill chain, and catches it by DNS name, regardless of the details of the web address.
One of the things that you can do here is that instead of just blocking it all, or if you're just trying this out for the first time, you can just see what's going on in your network without blocking anything, and you can also redirect. So if you want, when somebody is trying to go to a harmful site, you can have it pop up a web page saying hey, are you sure you want to go there or don't go there, it's bad. Those are all things that we can allow you to do.
3:14 DNS defense cloud
You might say well, I want to try this out, but I don't want to affect my current DNS setting or different people who run my DNS. If I want to try this out, do I have to get them on board, and the answer is no. If you want, we can spin up a DNS set of servers in the cloud in about five minutes. You could try it out, see what you can see, and see whether or not you think the protection that's created is useful.
3:47 IP & DNS together
The most effective way to use this is to have a combination of DNS filtering and IP that will block almost all of the simple threats that you're likely to see out there.
4:05 AWS WAF
Suppose you have a website running on Amazon web services. They have a facility called WAF, or web application firewall, where you can just slap a firewall in front of your website hosted in AWS, and then you can just decide to send the policies to it. So if you go on the web marketplace, the AWS marketplace, you'll find your ability to try out these ITAR, etc., rules very simply. They're always up to date; they're out there.
If you need something more flexible, you can talk to us, and we can see whether we can customize it to your need. Again, this is all implemented pretty much automatically once you order it. No, must, no fuss.