Dr Cherif Sleiman_Photo

Harnessing DNS for next-level security at the speed of digital

Next-level networking is a phrase that is especially relevant during this era of digital transformations.

Infoblox’s Senior VP International Business, Cherif Sleiman, described it as a new networking category that defines the secure, intelligent and resilient infrastructure that networks need to be today.

“It’s the networks that organisations today need to build, to promote and serve their digital footprint.”

Today, organisations are utilising technology concepts like multi-cloud, SaaS, Internet of Things, SD-WAN, and more to carry out their digital transformation initiatives.

At the same time, they need to ensure that business operations are not halted or disrupted in any way.

Cherif pointed out, “With that, these networks that are built to serve and consume some of these concepts are very different from the networks we have built the past two decades.”

So, next- level networking is about the intelligent and security aspects that are involved, and Infoblox is the market leader, as well as one of the top innovators in that space, Cherif said.

DNS, the DNA

DNS or domain name server technology, is the critical foundation for Infoblox’s solutions in DDI.

DDI or integrated DNS, DHCP (dynamic host configuration protocol) and IP address management services, is the company’s heritage, according to Cherif, who also explained that what they do is beyond protocol serving of DNS.

“It’s also about how you harness DNS in different ways, and the analytics engine capability that we have.

 “For example, DNS provides a lot of context; it tells you about the who, when, why, and what, of a network transaction.

“This in turn, provides a lot of context about the organisation’s users, its SLAs, and who’s doing what. But more importantly, DNS can also be used as the first line of defense.”

Armed with experience and understanding of DNS, all the contextual information it collects as well as the analytics capability they have acquired, Infoblox believes it is in a good position to secure the digital enterprise.

BloxOne Threat Defense

Infoblox BloxOne Threat Defense is the security architecture for the digital enterprise, that addresses new working trends brought about by digital trends.

Because of how an organisation’s data traffic used to flow, its data centres are equipped with a variety of security solutions – firewalls, intrusion detection and prevention, data loss prevention, next-gen firewalls, URL filters, end point protection, network access controls, and many more.

Cherif observed that other cybersecurity players have placed these security layers in the data centre and in the cloud, hoping to wash all the traffic from bad things.

“But Infoblox is a lot more specific, because it is securing applications and users right at the inception; when users initiate a networking transaction,” he said.

A changing world

According to Cherif, all these different security layers in the data centre are what he calls the accidental security architecture, because it has been built over time based upon a need at a certain point in time.

“So, pretty much your entire footprint in terms of branches and campuses; their traffic came back to this data centre where your data and applications were, and this traffic had to go through all these layers.”

He posed the hypothetical question: For data and apps and users to remain secure, don’t users then need to be in a specific place, on a specific network, at a specific time, using a specific machine?

The current reality is turning out to be totally different from the above described ideal scenario to remain secure.

One significant reason is digital transformation and the digital enterprise are using concepts like SaaS and cloud computing.

The security perimeter created by all those layers of security solutions, is suddenly disappearing, because more and more data and applications aren’t located in the data centre, but in the public domain.

“Even apps are being consumed by providers that are not even hosted in your organisation’s own domain,” Cherif said.

Even scarier for IT departments is that users are purposefully doing work and being productive outside of the organisational perimeter.

But who is securing them?

Adapting to the digital way of work

Cherif explained, “There is a lot of maturity in the market that organisations are no longer hugging their data and applications tightly to themselves, or putting in all kinds of governance that is counter-intuitive to the speed that a digital enterprise requires.”

There is more cognisance across different industries that what remains of an organisation, is its brand, not the office building that workers go to, to work.

And this awareness is to the extent that the brand can stretch even to the furthest extreme of where its worker can be sitting in a coffee shop plugged into a broadband connection, and being fully productive.

Cherif pointed out, “So, the security architecture that is needed is very different than what the industry has dictated in the past few decades.”

He believed that BloxOne Threat Defense can be that crucial first line of defense, and even empower the entire cybersecurity ecosystem to respond to threats at the speed of digital.