Cygna Labs
Book a Demo
shield

Strengthen your organization’s cybersecurity posture with software solutions from Cygna Labs

Expansive DNS/DHCP Visibility

Defending against increasingly sophisticated cyberattacks requires vigilance at all levels of your network, including the foundational DNS-DHCP-IPAM (DDI) layer. DDI transaction data and history prove vital in troubleshooting, network forensics, and cyberthreat intelligence.  Cygna DDI Guard enables collection of DNS and DHCP activity and can forward filtered activity data to third party SIEM systems.

DDI cyberthreat intelligence

Cygna DDI Guard retains all DHCP/DNS transactions while enabling forwarding of relevant DHCP and DNS packets to third-party SIEM systems. This infusion of DDI data provides critical input for your security event correlation activities and supplements your cyberthreat intelligence repository. Easily filter DDI data forwarded to external systems based on filtering criteria you define in order to minimize bloat of unremarkable data and to reduce SEIM ingest costs.

DDI cyberthreat intelligence

DNS/DHCP visibility without the performance hit

Cygna DDI Guard enables collection of DNS and DHCP activity with minimal server performance impacts and captures not only queries but responses as well. Leading reference implementations slow to a crawl when you enable logging. But you need visibility to packet details to verify provisioning, server moves, troubleshooting, and network forensics. Cygna DDI Guard enables collection of bi-directional data including real-time transaction tapping, providing in-depth visibility in real time and historically, without sacrificing DHCP/DNS server performance.

DNS/DHCP visibility without the performance hit

Customizable alerting enhances proactive management

Cygna DDI Guard monitors DHCP and DNS transactions and can generate alerts via SNMP or email for detection of DNS and DHCP packets meeting criteria that you can define. For example, you can define alerts for DNS queries to suspect DNS domains or for DHCP requests by devices outside of your set of known client identifiers. Such activity could be an indicator of rogue devices or malware attempting to contact a command and control (C2) center for updates or to exfiltrate sensitive information.

Customizable alerting enhances proactive management

Transaction capture for security and compliance

DHCP and DNS transactions comprise critical information during troubleshooting and for cyber threat investigations. Deploy one or more Cygna DDI Guard Archives for centralized, regional, or local data retention based on your security, compliance, and regulatory policies. Simply deploy additional Archives to add retention capacity or utilize automated rollover to overwrite older transaction data.

Transaction capture for security and compliance

Cross-platform, multi-cloud support

Cygna DDI Guard installs on our QIP and Diamond IP DDI appliances as well as servers running on Rocky Linux or Microsoft Windows 2022. This versatility enables you to centrally monitor, analyze, and investigate transactions across your diverse network served by distributed DHCP and DNS servers, regardless of whether they are hardware, virtual, or cloud appliances or servers.

Cross-platform, multi-cloud support

Cygna Labs offers a broad spectrum of DDI security products

Cygna Labs offers several options to help you secure your DDI infrastructure. From extensive DNS security features such as DNS firewalls and DNS tunnel detection, to tracking of DDI administration events, DHCP and DNS packet capture and archiving with Cygna DDI Guard, and our managed DDI services. Our solutions couple world-class DDI features and functions with advanced DDI security capabilities to maximize your DDI ROI.

Cygna Labs offers a broad spectrum of DDI security products