Advanced configuration of Edge service points to a resource group already containing other resources or instances. Ideal when an empty resource group cannot be used including when adding an Edge service point to an existing fleet.
Edge adds a much-needed layer of visibility, control and detection for corporate networks under siege from an explosion of malware attacks that exploit DNS.
According to industry research, 91% of malware uses the DNS protocol for command and control (C2), data exfiltration or to deliver malicious payloads. Edge gives network and IT teams unprecedented access to DNS query data with which they can establish smarter policies, optimize traffic and meet stringent compliance and logging requirements.
Edge reduces your attack surface.
For security architects and IT operations staff that need to limit access to sensitive data and lock down critical systems like cloud apps and services, Edge makes it easy to set policies and eliminate DNS as a threat vector against your Azure cloud environment. Ingest threat intelligence to block access to well-known bad domains.
Edge detects malicious behavior hidden in millions of DNS query and response activity.
Cybersecurity teams seeking to detect and stop data exfiltration like tunneling, beaconing to C2 servers, or evasive techniques like domain generating algorithms (DGA) use Edge's smart analytics developed by BlueCat's decades of DNS expertise to spot malicious behavior among all DNS queries across their network.
Edge reduces time to respond and remediate breaches.
For incident response teams faced with the challenge of uncovering the lateral spread of an infection and rooting out patient zero in a cyberattack, Edge makes it easy to pinpoint the origination and review the internal and external DNS activity surrounding an incident to reduce the time to resolution.
Edge enforces compliance easily and safely.
IT Ops and network admins can easily set policy within Edge to comply with corporate, security or regulatory requirements. Capture DNS data and use Edge to automatically log all DNS queries, originating IP and domain response. For network teams wary of extending access to critical DNS infrastructure, Edge provides the necessary access without risk of disruption.
Edge integrates with leading SIEMS
Integrate with SIEMs like QRadar, ArcSight, and Splunk with the new DNS Edge for Splunk App. Send DNS queries from Edge to correlate with other tool to substantiate findings with other security data and sources.