Cygna Labs
SIGN IN

CYGNA DDI

Cygna DDI Security

A plenitude of DDI security protections and mitigations to strengthen your overall cybersecurity posture.

Cygna DDI Security header image

DNS Threat Protections

Cygna DNS services support response policy zones (RPZs) at no extra cost. You can define up to sixty-four RPZs to manage allowed domain name queries and those that should be block or otherwise treated in accordance with RPZ policies. Cygna Labs also offers a DNS Threat Protection service to regularly update identified malware names and sources for a designated RPZ to block malware queries from potentially infected devices. The source IP address of the query originator allows rapid identification of the suspect malware device.

Protected DHCP

Cygna DHCP provides the industry’s highest performing DHCP server to support large client bases and for minimizing denial of service attacks in conjunction with adaptive rate limiting. Cygna DHCP also supports DHCP failover with cloning for tertiary DHCP services resiliency. Cygna DDI Guard enables alerting upon detection of rogue DHCP clients, defined explicitly or as falling outside of known good clients. Cygna DDI Guard also provides visibility and reporting of DHCP and DHCPv6 per server or across servers for real-time and forensics analysis.

Protective DNS

Cygna DDI supports several protective DNS measures including DNS firewalling, DNS tunneling detection and shutdown, Domain Generation Algorithm (DGA) detection, DNS over TLS (DoT) and HTTPS (DoH), DNSSEC, transaction signatures, update policies, multi-master support, denial of service protections, secure purpose-built DNS appliances, and more. Visibility and reporting per DNS server or across servers is also provided for real-time and historical analytics.

Purpose-Built DDI Appliances

Cygna DDI appliances are built from the ground up for DDI and only DDI. Our proprietary Sapphire operating system (OS) is not based on a commercial Linux distribution with associated fees and vulnerabilities. The Sapphire OS and kernel are hardened starting from the basic build process and includes strict security measures for the Linux kernel, file system, processes, and network interfaces.

Purpose-Built DDI Appliances illustration

Comprehensive IPAM

Cygna DDI applications enable the tracking and managing of subnets, IP addresses, DHCP pools and parameters, and DNS zones, resource records and parameters. As one of the six major categories of the NIST Cybersecurity Framework, “Identify” stipulates the accurate inventorying of organizational assets, and IP addresses associated with cloud, premises, and IoT devices comprise important organizational assets.

Comprehensive IPAM illustration

Secured DDI Managed Services

Cygna DDI managed services are ISO-27001:2022 certified. This independent third party certification testifies to the rigorous documentation and adherence to internally recognized information security best practices. Not only is managed services customer data protected and secured, but the certification also extends to our Cygna DDI product development, test, and support organizations in assuring you our products are built from the ground up with security as a key design principle.

Secured DDI Managed Services illustration

Let Us Help You Tackle Your IT Challenges

Schedule your demo today to see what's possible.