Connect with us

Hi, what are you looking for?


Network Security

New Service Provides Proactive DNS Security

New DNS Security product Helps Prevents Connections to Known Malicious Internet Locations

New DNS Security product Helps Prevents Connections to Known Malicious Internet Locations

IID (Internet Identity), a provider of technology and services that help organizations secure Internet presence, this week announced the availability a new DNS security product designed to prevent enterprise employee and system connections to known malicious Internet locations. The service, ActiveTrust Resolver, alerts security teams about potential compromises on their networks such as botnets and advanced persistent threats (APTs). By utilizing this secure gateway, an enterprise can ensure its employees and IT systems are not routed to destinations that could jeopardize communications, proprietary information, customers’ private data and more.

DNS resolvers connect outbound requests for Internet hostnames with the (hopefully) correct Internet IP address. Every URL, e-mail, or on-line process is reliant on a DNS resolver to correctly route users and machines to a given destination. IID ActiveTrust Resolver is designed from the ground up with security in mind, incorporating IID’s ActiveKnowledge™ database of malicious Internet locations into a platform to protect enterprises at the DNS level, providing unparalleled protection from a wide range of today’s malicious threats. It blocks enterprise users and IT systems from connection to hosts, domain names and IP addresses that are known to be malicious, and routes the connections elsewhere so security is maintained and compromised machines can be identified.

Beyond blocking known dangerous locations, ActiveTrust Resolver takes a number of proactive steps to track and prevent the spread of malicious connections or infection through its unique TrapTrace features. By employing these optional TrapTrace services, enterprises can be instantly notified when a compromised machine tries to access a command-and-control server or transmit sensitive data to a known drop zone. These connections are blocked so the machines can be pinpointed, isolated and identified for immediate cleaning by an enterprise’s security or IT staff. Further, if users attempt to reach phishing or malware distribution sites, the security department can be notified so they can track down “spear phishing” attacks or educate people at the moment they are fooled by the latest scams.

“Typical DNS resolvers in use today, besides being susceptible to various attacks, lack the built-in security layer necessary to identify malicious locations and protect enterprise users,” said IID president and CTO Rod Rasmussen. “As a result, the current DNS resolution process doesn’t prevent arrival to known malicious locations. IID is dedicated to changing that.”

In February, Internet Identity introduced a border gateway protocol (BGP) security solution for the extended enterprise designed to detect, diagnose, and mitigate BGP security threats. The comany is based in Tacoma, Washington.

Advertisement. Scroll to continue reading.
Written By

Click to comment

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

SecurityWeek’s Threat Detection and Incident Response Summit brings together security practitioners from around the world to share war stories on breaches, APT attacks and threat intelligence.


Securityweek’s CISO Forum will address issues and challenges that are top of mind for today’s security leaders and what the future looks like as chief defenders of the enterprise.


Expert Insights

Related Content

Identity & Access

Zero trust is not a replacement for identity and access management (IAM), but is the extension of IAM principles from people to everyone and...

Cybersecurity Funding

Network security provider Corsa Security last week announced that it has raised $10 million from Roadmap Capital. To date, the company has raised $50...

Identity & Access

Hackers rarely hack in anymore. They log in using stolen, weak, default, or otherwise compromised credentials. That’s why it’s so critical to break the...

Network Security

Attack surface management is nothing short of a complete methodology for providing effective cybersecurity. It doesn’t seek to protect everything, but concentrates on areas...

Network Security

NSA publishes guidance to help system administrators identify and mitigate cyber risks associated with transitioning to IPv6.


Websites of German airports, administration bodies and banks were hit by DDoS attacks attributed to Russian hacker group Killnet

Application Security

Fortinet on Monday issued an emergency patch to cover a severe vulnerability in its FortiOS SSL-VPN product, warning that hackers have already exploited the...

Network Security

Our networks have become atomized which, for starters, means they’re highly dispersed. Not just in terms of the infrastructure – legacy, on-premises, hybrid, multi-cloud,...