Nominum has unveiled the next generation of its Trusted Response and Universal Enforcement (TRUE) Architecture, which is said to use Intelligent Domain Name System (DNS) to provide end-users with greater Internet security.
The key improvements to the third generation architecture include automated provisioning and enforcement of malicious and illegal sites; real-time visibility into online threats; and options to personalise web security settings.
Speaking to CBR about the new platform, Gopala Tumuluri, Nominum’s VP of marketing and business development said that legacy DNS did not adequately protect users from online threats. “All legacy DNS did was get the request for a domain name and get the IP address from that,” he said. “It didn’t check whether the site was safe, secure or even whether it was the intended destination.”
The new Intelligent DNS can block access to any site that is carrying malicious software such as botnets, phishing attempts and illegal content. This also uses real-time visibility to protect against attacks within seconds of their launch, Tumuluri said.
“Online threats are fast-changing,” Tumuluri said. “We are constantly working to improve the security offered, but hackers and attackers are clever. Real-time visibility gives us the grace of time to quickly detect and stop threats.”
If an end-user attempts to access an infected page they will be redirected to a “teaching” page, where the threat will be explained. ISPs have the option of enabling end-users to continue to the infected site, if they so wish.
Real-time visibility examines all DNS queries for abusive uses of the DNS, such as DoS and spam attacks, without any impact on the server or service performance. This, Tumuluri claims, could have stopped the recent denial of service (DoS) attacks on Twitter, Facebook and Google, something that legacy DNS was not able to do.
“Legacy systems cripple the visibility function,” he told CBR. “This can track threats as they are happening and evolving with quick detection and enforcement. It could well have stopped the recent DoS attacks.”
Nominum uses the Conficker worm as another example of the failings of legacy DNS. The firm says that the worm used the DNS as a base for command and control, which effectively turned the DNS into part of the attack. Nominum’s Intelligent DNS systems were able to track, block, and isolate the Conficker worm and identify infected hosts.
Intelligent DNS can detect if a user has typed in a web address incorrectly and will block access to the site. The Navigational Assistance tool will then confirm with the end-user whether the typed address is the intended destination.
The platform also offers end-users an opt-out option, enabling them to set the required level of security. Some services, such as regulatory requirements, are location-specific and therefore have to be included by law.
Intelligent DNS should sit alongside pre-installed anti-virus and other security software, Tumuluri said. “There is single silver bullet for Internet security,” he said. “But this offers more pro-active and real-time actions against the threats.”
Nominum is headed by Dr Paul Mockapetris, the inventor of DNS.
