Cisco announced on Tuesday that OpenDNS was updating its cloud-delivered network security and threat intelligence solutions, as part of the company’s strategy to provide Security Everywhere across the extended network. Acquired in August, OpenDNS handles nearly 80 billion daily DNS requests and uses its unique view of the Internet to extend security for an increasingly mobile and off-network workforce.
Umbrella, OpenDNS’s cloud-delivered network security solution, already provides advanced threat protection for any device, anywhere, anytime. Umbrella encrypts DNS requests from endpoints and ensures the laptops and mobile devices employees use are not contacting malicious domains. But not all attacks rely solely on domains to communicate and deliver malware over the Internet. That’s why, with this latest announcement, the security service now protects direct IP connections.
For years, malware authors have relied on large numbers of cheap domain names to serve their attacks, because registrars can easily block or take down domains that are determined to be malicious. A small percentage of targeted attacks, however, use hardcoded IP addresses to initiate communication from within a company’s network, which bypasses the DNS security layer. IP enforcement will be key in this small percentage of attacks, providing protection for endpoints even when they are not on a company’s network or connect to a VPN.
A recent example of direct-IP attacks include the Trojan “Upatre,” which uses direct IP connections to initiate further malware installs. In recent attacks, it delivered the Dyre trojan, which steals banking login credentials from infected computers. This type of attack might be prevented if an employee is on a company network behind a firewall, but many security solutions only work on certain ports and only when an employee is working on premise. In contrast, OpenDNS’s IP layer enforcement provides protection over any port and from any location through the use of the OpenDNS Roaming Client, an endpoint client that acts as a DNS request forwarder.
The IP layer enforcement feature is available to OpenDNS Insights, Platform and MSP customers. To learn more about Umbrella and how it protects mobile users and remote offices, click here or check out the video below.