Cisco has enhanced its Domain Name System (DNS) security software, introducing the Cisco Secure Access – DNS Defense. This new solution replaces the previous Cisco Umbrella DNS Essentials and Advantage packages, adding significant features, including AI-driven DNS tunneling mitigation and improved cloud malware detection.
The advancement comes with the integration of AI capabilities that can detect and block DNS tunneling techniques, improving detection rates by 11.1% while also significantly reducing false positives. Moreover, the DNS Defense uses AI to deny communications with malicious domains generated by Domain Generation Algorithms (DGA), which are often utilized in command-and-control attacks launched from infected devices.
Cisco notes that many organizations typically rely on their Internet Service Providers (ISPs) for DNS resolution. However, with the increase in direct enterprise internet connections and remote workforces, optimizing DNS for enhanced threat defense, privacy, compliance, and performance has never been more critical. Cisco emphasizes that implementing strong DNS-layer security is one of the most cost-effective strategies for improving overall security posture, as it can block threats before they ever reach the firewall, thus alleviating the burden on security teams.
In comparison to other Secure Service Edge (SSE) solutions that may treat DNS security as a secondary priority, Cisco Secure Access – DNS Defense incorporates robust security features directly within its extensive network of over 50 global DNS data centers. This unique architecture promotes low-latency DNS resolution and seamless failover capabilities.
Additional features included in the DNS Defense package are:
- SaaS API data loss prevention: This feature monitors and protects sensitive data across cloud applications such as Microsoft 365 and Google Workspace, enforcing compliance policies and scanning for data exposure.
- Cloud malware detection: The software automatically scans files stored in cloud services (e.g., Box, Dropbox, Microsoft 365, Google Drive) for malware, thus preventing harmful files from reaching user endpoints.
DNS Defense is part of Cisco’s broader Secure Access solution, which consolidates various security functions—including secure web gateway, zero trust network access, cloud access security broker, data loss prevention, and VPN as a service—into one cohesive platform. Existing customers of Cisco Umbrella can seamlessly transition to the new system via an upgrade manager without needing to redeploy software or alter network policies.
For more details, visit Cisco’s official announcement.
