ACADEMIA
Fortinet Broadens Enterprise Security Reach With New Domain Name System (DNS) Caching Appliances "Powered by Nominum"
- Written by: Webmaster
- Category: ACADEMIA
Fortinet announced the introduction of two new DNS caching appliances designed for the SMB, Enterprise, Federal, Financial Services and Educational markets. The FortiDNS-400C and FortiDNS-1000C, the first of a planned product family of security-focused DNS, DHCP and IPAM solutions, enable organizations to prevent malicious attacks against their DNS infrastructure.
The FortiDNS-400C and FortiDNS-1000C are the result of a technology partnership with Nominum, the worldwide leader in intelligent DNS and DHCP business solutions that support over 500 million broadband and mobile users worldwide. Powered by Nominum, the FortiDNS appliances introduce significant security benefits to help protect an organization's DNS, the method of translating URLs to individual device IP addresses. Without a fully secure Domain Name Server (DNS) infrastructure, there can be catastrophic consequences that include hijacking of legitimate users and an inability to send email, find Websites or access the Internet. For example, criminals seeking to steal the login credentials of online banking customers could hijack the DNS of an ISP and redirect customers to a fraudulent site.
"If compromised, DNS can open an organization up to attack and subversion via the redirection of users to malicious content," says Dr. Paul Mockapetris, Chairman and Chief Scientist of Nominum and inventor of the Domain Name System (DNS). "It is one of the most critical but often overlooked components of Internet use. That's why today's introduction of the initial FortiDNS appliances is so significant. Organizations now have a DNS caching appliance running a hardened, commercially-crafted software, that is field-proven with hundreds of millions of users, providing exceptional security for one of the most important aspects of their IT infrastructure."
The security-focused FortiDNS-400C and FortiDNS-1000C feature a high-performance recursive DNS caching engine that supports IPv6 and Domain Name System Security Extensions (DNSSEC) making it an ideal upgrade option over aging and functionally-limited legacy solutions. By integrating the high performance and secure DNS features from Nominum with Fortinet's broad management, network security and cloud-based FortiGuard services, the FortiDNS family provides organizations with a simple-to-deploy and affordable appliance that provides critical DNS security capabilities.
Simplified Management
Until now, DNS has had a history of being a somewhat complicated and, at times, error-prone system to manage and administer. Simple configuration errors on the command line have proven disastrous and difficult to troubleshoot. To overcome these issues, FortiDNS is a fully hardened appliance that removes the need to patch and maintain the host operating system. As a GUI-configured solution, the FortiDNS family simplifies the task of administering the appliance to reduce operational overhead and significantly minimize the risk of misconfiguration.
FortiDNS Features
As a hardened system powered by Nominum, the FortiDNS-400C delivers market leading, carrier-class DNS security that has been tested in the most demanding environments in a simple-to-deploy appliance form factor for a wide range of enterprises and businesses. Through its secure DNS implementation including Transaction ID, UDP source port and case (query name) randomization, the appliance can prevent DNS cache poisoning attacks. In addition, its high-performance DNS caching speeds up name resolution and network performance.
FortiDNS appliances also provide support for IPv6 and DNSSEC to help ensure future requirements are supported in order to protect customer investments. To secure remote management and protect against brute force attacks to gain access, they also integrate with FortiToken two-factor authentication.
And for enhanced visibility, network and security administrators can gain insight into what is being queried on their network and who is making the query. This aids in quickly identifying potential misconfigurations and compromised systems and helps organizations adhere to audit requirements.
"The need to secure DNS infrastructures has never been greater," said Michael Xie, chief technology officer with Fortinet. "Because DNS is a fundamental enabling component of the Internet, it has to be aggressively safeguarded from malicious attacks that can wreak havoc on an organization's ability to conduct business. That's why we're collaborating with Nominum on the release of our initial secure DNS caching appliance. By combining best of class technologies from two market leaders, the FortiDNS family is a powerful yet highly affordable solution to help protect and preserve the integrity of an organization's DNS infrastructure."