(844) 442-9462(844) 442-9462Free TrialFree TrialContact SalesContact SalesSign inSign in
Cygna Labs
<b>IPControl</b> Software
IPControl Software

Advanced DDI software for Linux or Windows

<b>Sapphire</b> Appliances
Sapphire Appliances

Secure, multi-platform DDI appliances

<b>DDI</b> Services
DDI Services

Tiered support and managed DDI services

<b>DDI</b> Security
DDI Security

DDI defense-in-depth protections

<b>DNSSEC</b> Appliances
DNSSEC Appliances

Automated DNS integrity and authentication

<b>IPAM</b> Auditor Appliance
IPAM Auditor Appliance

Rich DDI reporting, auditing, and forensics

<b>ImageControl</b> Software
ImageControl Software

Scalable DOCSIS firmware management

<b>Sapphire</b> Automation Appliances
Sapphire Automation Appliances

Drag-and-drop DDI API automation

<b>IPAM</b> Executive Failover Appliances
IPAM Executive Failover Appliances

DDI management resiliency

DDI Guard Software
DDI Guard Software

DDI transaction reporting and filtering

Products
IT Managers
IT Managers

Keep your network and business running

DevOps Engineers
DevOps Engineers

Insert DDI automation effortlessly

Security Professionals
Security Professionals

Add a DDI defense-in-depth layer

Business Professionals
Business Professionals

Maximize returns with comprehensive DDI

Cloud Architects
Cloud Architects

Consolidate cloud subnet, IP & DNS data

Solutions
Resource center
Resource center

Explore Cygna Labs' library of white papers, webinars and other helpful content

Blog
Blog

Intriguing DDI and Compliance posts

Newsroom
Newsroom

Keep up with our blistering news feed

Webinars
Webinars

Educational technology webinars

Events
Events

Come see us at upcoming industry events

Success stories
Success stories

How real businesses accelerate their growth with us

White Papers
White Papers

Read about the many ways Cygna Labs can enhance your diverse network initiatives.

Resources
About us
About us

Learn what makes us great

Leadership
Leadership

Meet our executive team

Partners
Partners

View our growing partner integrations

Careers
Careers

Come join our rapidly growing team

Company
Book a Demo
shield

Strengthen your organization’s cybersecurity posture with software solutions from Cygna Labs

DDI Security

Like all of your critical infrastructure, DDI components must be secured to reduce the risk of outages that will impact your user community’s ability to access and use your network. In addition, Diamond IP DDI solutions help you secure your overall network by securing your DNS transactions and by enabling rigorous IP inventory practices of inventory with discovery and reconciliation to identify and validate IP occupancy. Our Sapphire A30 IPAM Auditor appliance provides an added layer of DDI transaction forensics and trend reporting.

Secure DDI appliances

Diamond IP offers a rich set of DDI security features and capabilities to enable you to secure your DDI infrastructure within a centralized, holistic IP address management solution. For one, our virtual and hardware Sapphire appliances are built from scratch to mitigate operating system, server, or poisoning attacks. In addition, we build our proprietary operating system based on a non-commercial Linux distribution built from scratch in a secure environment with a non-modular kernel, uninterruptible boot, and protections against networking attacks such as spoofing, route and ICMP redirections, and more. The file system includes only necessary binaries which run in a sterile jailed environment and have non-privileged attributes.

Secure DDI appliances

Transaction logging for visibility and forensics

Sapphire DNS appliances support standard DNS query logging to log collectors or full DNS query and response capture with transmission to our Sapphire A30 IPAM Auditor appliance. Sapphire DHCP appliances support multiple resiliency features including hardware clustering (TwinMirror), split scope and DHCP failover server deployments. Sapphire DHCP and DNS appliances also support SNMP MIBs and traps to view and report address pool capacity exhaustion, DNS firewall hits, DNSSEC validation failures, all alerting administrators to a possible threat or to supplement address capacity.

Transaction logging for visibility and forensics

Centralized visibility and control

IPControl software or Sapphire Executive (EX) appliances provide centralized configuration, monitoring and management of deployed Sapphire DNS and DHCP appliances. IPControl provides a web graphical user interface (GUI) to configure all Sapphire, ISC, CNR or Microsoft DHCP and DHCPv6 attributes on all deployed DHCP servers, including pools, shared subnets, manual DHCP (“reservations”), options, polices, client classes and more. IPControl provides threshold and alert definitions to enable administrators to be notified in advance of address pool exhaustion.

Centralized visibility and control

AI-based risk reduction

Our prediction models facilitate planning and can dictate urgency for proactive actions. Beyond notification, alert conditions can trigger automated actions, such as provisioning of additional address space for added capacity. And IPControl supports centralized staging and distribution of updates and patches to deployed Sapphire appliances. IPControl’s Appliance Dashboard provides a centralized summary of each deployed appliance’s service status and enables drill-down for appliance level configuration and diagnostics.

AI-based risk reduction

DNS security boosts network security

Diamond IP supports several additional DNS security features including the following, which can add a DNS layer to your defense in depth network security strategy:

  • DNS firewall with support of multiple response policy feeds, block lists and allow lists to detect and prevent queries by malware to command and control centers

  • DNS tunnelling detection and optional automated shutdown helps prevent sensitive data exfiltration and theft

  • Query/response rate limiting to mitigate D/DOS and reflector/amplification attacksQueries per client and query depth to reduce impacts of bogus query attacksTransaction signatures for DNS transactions

  • Anycast support for D/DOS resiliency

  • DNSSEC signing of zone data

  • DNSSEC validation of signed responses

  • DNS service access control lists

  • DNS update policy to granularly control dynamic updates

  • Control and statistics channels ACLs

  • Appliance port access and packet rate limiting

Forensics for troubleshooting and incident analysis

The Sapphire A30 IPAM Auditor appliance provides visibility to and reporting for DNS and DHCP transactions on your servers. The IPAM Auditor appliance aggregates inputs from deployed Sapphire DNS and DHCP appliances to enable graphical reporting of all levels of DNS and DHCP traffic from time-series summary trends to drill down to specific DNS and DHCP packets for forensics analysis. Graphical dashboards for appliance-level, DNS and DHCP statistics provide easily consumable information to enable rapid detection and investigation of issues. The IPAM Auditor also aggregates DNS, DHCP and IPAM data for full DDI reporting.