Sunday, October 19, 2008

Nominum Unveils DNS-based Solution for Internet Security Threats

Nominum introduced an Internet security and trusted content solution for ISPs that leverages its Vantio caching DNS platform. The problem is the estimated 150 million malicious Internet hosts -- a number that appears to be spiking as the as number of phishing sites explodes due to the financial crisis.

Unlike brute force approaches such deep packet inspection (DPI), the Nominum approach uses the DNS look-up process involved in every Internet transaction to verify the target site against multiple, independent reputational databases. When a dangerous URL is entered into a browser, the user is automatically diverted to an ISP web page warning them about the target site.

Nominum said its Trusted Response and Universal Enforcement (TRUE) architecture can be used to wide range of Internet threats and malicious, illegal and inappropriate content in real-time without impact the user's privacy. Key points for the TRUE architecture include:

  • New revenues through paid subscriber services

  • Reduce cost of helpdesk calls from users victimized by Internet threats

  • Network-wide protection (all users, devices and applications)

  • No impact to users, browsers and applications

  • No privacy issues unlike intrusive approaches

  • Hundred times better price / performance of alternatives

  • No network re-architecture and no new hardware

  • Scales up to a billion malicious Internet destinations

  • Supports multiple threat data sources (best-of-breed)

The following Vantio enhancements and new products are the first in a series to utilize the new TRUE architecture:

  • Vantio Base Server is an advanced caching DNS platform that now features a modular design for on-demand addition of new services. Vantio offers DNS security, including protection against the Kaminsky cache poisoning attack.

  • Vantio Malicious Domain Redirection (MDR) Service Delivery Module -- a new add-on software module for the Vantio Base Server with real-time enforcement of threat data and security policies to safe guard Internet interactions. It acts as a self-learning enforcement point in the network and redirects user requests for malicious destinations to a helpful provider-managed notification page.

  • Centris Server -- a new threat aggregation and provisioning platform capable of tracking up to a billion malicious Internet destinations. It complements the Vantio MDR module by synchronizing with a wide range of threat information feeds in real-time and making the data instantaneously available to MDR enforcement nodes.

See also