Cygna DDI Guard
DHCP and DNS summary and packet-level traffic monitoring for improved network visibility, security, and forensics.
Expansive DNS/DHCP Visibility
Defending against increasingly sophisticated cyberattacks requires vigilance at all levels of your network, including the foundational DNS-DHCP-IPAM (DDI) layer. DDI transaction data and history prove vital in troubleshooting, network forensics, and cyberthreat intelligence. Cygna DDI Guard enables collection of DNS and DHCP activity and can forward filtered activity data to third party SIEM systems.
DDI cyberthreat intelligence
Cygna DDI Guard retains all DHCP/DNS transactions while enabling forwarding of relevant DHCP and DNS packets to third-party SIEM systems. This infusion of DDI data provides critical input for your security event correlation activities and supplements your cyberthreat intelligence repository. Easily filter DDI data forwarded to external systems based on filtering criteria you define in order to minimize bloat of unremarkable data and to reduce SEIM ingest costs.
DNS/DHCP visibility without the performance hit
Cygna DDI Guard enables collection of DNS and DHCP activity with minimal server performance impacts and captures not only queries but responses as well. Leading reference implementations slow to a crawl when you enable logging. But you need visibility to packet details to verify provisioning, server moves, troubleshooting, and network forensics. Cygna DDI Guard enables collection of bi-directional data including real-time transaction tapping, providing in-depth visibility in real time and historically, without sacrificing DHCP/DNS server performance.
Customizable alerting enhances proactive management
Cygna DDI Guard monitors DHCP and DNS transactions and can generate alerts via SNMP or email for detection of DNS and DHCP packets meeting criteria that you can define. For example, you can define alerts for DNS queries to suspect DNS domains or for DHCP requests by devices outside of your set of known client identifiers. Such activity could be an indicator of rogue devices or malware attempting to contact a command and control (C2) center for updates or to exfiltrate sensitive information.
Transaction capture for security and compliance
DHCP and DNS transactions comprise critical information during troubleshooting and for cyber threat investigations. Deploy one or more Cygna DDI Guard Archives for centralized, regional, or local data retention based on your security, compliance, and regulatory policies. Simply deploy additional Archives to add retention capacity or utilize automated rollover to overwrite older transaction data.
Cross-platform, multi-cloud support
Cygna DDI Guard installs on our QIP and Diamond IP DDI appliances as well as servers running on Rocky Linux or Microsoft Windows 2022. This versatility enables you to centrally monitor, analyze, and investigate transactions across your diverse network served by distributed DHCP and DNS servers, regardless of whether they are hardware, virtual, or cloud appliances or servers.
Cygna Labs offers a broad spectrum of DDI security products
Cygna Labs offers several options to help you secure your DDI infrastructure. From extensive DNS security features such as DNS firewalls and DNS tunnel detection, to tracking of DDI administration events, DHCP and DNS packet capture and archiving with Cygna DDI Guard, and our managed DDI services. Our solutions couple world-class DDI features and functions with advanced DDI security capabilities to maximize your DDI ROI.
Try Award Winning DDI Software
VitalQIP streamlines management and reduces costs as you configure, automate, integrate and administer DDI services across your IP network.
Download BrochurePlanen Sie eine Demo
Unsere erfahrenen Ingenieure stimmen die Demo auf Ihre spezifischen Bedürfnisse ab. Sie werden herausfinden, wie einfach es sein kann, Ihre sensiblen Daten zu schützen.
Planen Sie eine Demo