DNSCyte is a cloud-based security platform based on DNS filtering. The system utilises global cyber threat intelligence and machine learning to block threats and targeted attacks in real–time.
DNSCyte has indexed 99.9% of the Internet, which includes more than 1.7 billion web sites and 350 million top-level domains growing daily. With this intelligence, DNSCyte protects global businesses and users blocking malicious activity, including zero-day attacks.
The main dashboard enables the discovery of abnormal traffic based on the historical data which has been normalised. Any deviation from the learned patterns is easily identified. The blue section in the main chart is the pattern learned where the red dots represent deviations. Variations can be discovered for total and malicious site access.
Show summary and show detail options enable easy access to detailed data.
Through the Monitor menu, a detailed search can be performed. The filtering menu on the top right enables the definition of the search rules with ease. Search operations can be executed on total traffic or blocked pages through built-in filters.
Custom reports are used for the analysis of summarised data. The log histogram provides a historical view of the activity. It is similar to the monitoring interface with the same filtering settings.
DNSCyte can be using three different methods. The first method is to make DNSCyte the external DNS for the organisation. In this scenario, the external IP, the users access the Internet needs to be defined as the Public IP in DNSCyte settings. A security profile is then applied.
The second method is to deploy DNSCyte as a DNS relay component. DNS relay acts as an internal DNS server and forwards DNS requests to the DNSCyte cloud. Local DNS Relay Servers are assigned to groups where the security profiles are applied.
The last option is to deploy agents to the endpoints. The agents intercept DNS requests from the endpoints and direct them to the DNSCyte cloud for categorisation. The agents can be assigned to groups for assigning security profiles. Agents can also be downloaded directly from the top–right menu.
Security profiles are the polices DNSCyte uses to control access. A profile has two primary modes of operation:
Positive security and negative security. When positive security is chosen, users can only visit safe domains. “Firstly Seen” domains are blocked. “Firstly Seen” domains will be categorised in 10 minutes. When the negative security model is chosen, users can visit “Firstly Seen” domains which can be harmful.
There are three additional features to enables a better user experience. When a safe search is enabled, the search engines return a result which is defined safe in the search engine. When Safe Search is on, it helps filter out explicit content in search results for all queries across images, videos, and websites.
Youtube restrict mode filters search results to remove videos with mature content or videos that are age–restricted, meaning that such content will not show up in video searches, related videos, playlists, shows or movie sections.
Clear Ads offers a better browsing experience by blocking the ads on the websites.
The last part in security settings is the choose the categories to be blocked. It is recommended to block all malicious categories. Blocking variable categories provides more robust security for stopping malicious activity.
Applications setting is security profiles enable granular policy control for accessing instant messaging, online video, remote access tools and social media.
Finally, it is possible to create black and white lists for site–based control.
We're member of
We're member of