Security is like skating on thin ice;
as clients and technology modernize, the ability to monitor, detect and respond
to risks imposes different challenges. Therefore one must apply overarching practices
to every single area of security. TCPWave's DNS TITAN is one of the efficient
frameworks that helped us evolve the threat models and objectives to scale up
the security operations.
Andrea Jackson, CIO
In-House built tunnel detection Machine Learning (ML) algorithms trained using millions of records and varied DNS data help detect the malicious DNS traffic flowing through the DNS pathways in one's organization.
The T-Zeek technology is an integrated part of TCPWave's network security management model. It observes the network traffic on port 53 and helps to correlate abnormal DNS behavior.
Titan leverages a highly scalable and multi-threaded IPS technology known as T-Suricata. It identifies attacks and reaches out onto the network, and disrupts traffic it marks as suspicious.
TCPWave IPAM integrates with the DNS Response Policy Zones (RPZ). It is a layer-7 firewall that blocks Malware, Phishing, etc. TCPWave supports various external RPZ feed providers such as ThreatStop and SpamHaus are supported.
TCPWave IPAM DNS appliances have an inbuilt firewall based on IPTables that enables packet filtering capabilities.
DNS Blackhole mechanism denies malicious clients from querying the mission-critical DNS infrastructure. TCPWave IPAM allows the network administrators to restrict the source IP addresses that can query DNS.
TCPWave IPAM provides in-built DDI reporting framework. It helps the network risk management teams visualize the DDI resource's utilization trends, such as the DNS queries, DHCP leases per second, cumulative traffic analysis, anomaly detection, etc. TCPWave Reporting Engine can deliver rich content onto the screen, printer, PDF, Excel, and CSV files. TCPWave Reporting engine supports Send or Schedule Email functionality, which sends the PDF report to the selected contacts.
