Infoblox and Qualys announced that they have joined forces to provide enterprises with powerful network visibility to better safeguard organizations from infections, automate asset management, remediate threats faster, and ease compliance and auditing. Under the expanded technology partnership, Infoblox, the network control company that provides Actionable Network Intelligence, is the first DNS, DHCP and IP Address Management (DDI) solution provider to integrate with the Qualys Cloud Platform. The integrated solution provides joint customers a single source of truth which integrates DNS data for devices and networks. Infoblox provides notification to Qualys when new physical, virtual, or cloud infrastructure elements join the network, when malicious events are detected, and generates context about infected machines on the network.
Corporate networks are becoming increasingly complex and use diverse deployment architectures, including physical, virtual, and private/public clouds. With the proliferation of the Internet of Things (IoT), analysts project there will be 20 billion devices connected to the Internet by 2020, up from 10 billion in 2015, making it significantly more challenging to gain visibility into devices and end hosts. Together, Infoblox and Qualys enable security and incident response teams to leverage the integration of vulnerability scanners and DNS security to enhance network visibility, automate remediation, and share intelligence to improve the efficacy of security investments customers have already made.
“Cybercriminals rely on critical network infrastructure such as DNS to infect devices, spread malware and steal data—and the longer it takes to discover, the higher the cost of damage,” said Scott Fulton, executive vice president of products at Infoblox. “Sharing Actionable Network Intelligence with the Qualys Cloud Platform provides our joint customers unparalleled visibility into every connected device and end host on corporate networks. The rich context and out-of-the box integration accelerate remediation and allow customers to effectively manage risk.”
“Security starts with visibility, which is critical to gain immediately in order to protect against cyber-threats when new hosts join the network,” said Sumedh Thakar, Chief Product Officer at Qualys. “This seamless integration with Infoblox provides our customers an automated way to gain visibility of the inventory, security, and compliance of a new device, and thus help provide a continuous central view of IT security state across all global assets.”
Infoblox and Qualys: Supercharge Network Visibility and Automate Remediation
By combining Infoblox’s DNS technology with the Qualys Cloud Platform, organizations can automate scanning when new devices join the network or when malicious activity is detected. Key capabilities include:
Asset Management: Infoblox provides device discovery and a single source of truth for devices and networks, which Qualys can leverage for organizing new assets, automated tracking, and a detailed view of the network.
Visibility: Infoblox delivers outbound notifications to Qualys to provide visibility into new networks, hosts, and IP-connected devices (IoT) joining the network, including contextual information such as where on the network an infected device is and to whom the device is assigned. This detailed context allows IT departments to prioritize response and remediation.
Malware and Data Exfiltration Threat Identification: Infoblox uses advanced threat intelligence to detect and control malware communications at the DNS level by disrupting command-and-control communications to proactively control the spread of malware such as ransomware that uses DNS. These indicators of compromise can be easily shared with Qualys for further analysis and remediation.
Compliance and Audit: Infoblox triggers Qualys when new devices join the network—physical, virtual, or cloud—to check for compliance.