VitalQIP DDI Security
Securing and protecting your network and thereby your business necessitates a defense-in-depth security approach. Our DDI security layer can add rich data for detecting nefarious activity and forensics data for cyber threat investigations.
DDI Security Enhances Network Security
As the foundation of your IP network, DDI components need to be secured to reduce the risk of outages or degradations that could impact the performance of your network and your business. VitalQIP DDI solutions help you secure your overall network by securing your DNS transactions and by enabling rigorous IP inventory practices with discovery and reconciliation to identify and validate IP occupancy. VitalQIP incorporates the former Audit Manager add-on and provides a centralized repository of DDI audit events, while our DDI Guard software adds a layer of DDI transaction forensics and trend reporting.
Secure DDI appliances
Our QIP hardware and virtual DDI appliances ship with a secure RedHat-based Linux operating system to reduce exposure to kernel and operating system attacks. In addition, VitalQIP software offers a complementary set of DDI security features and capabilities to enable you to secure your DDI infrastructure and audit DDI changes within a centralized, holistic DDI solution.
Transaction logging for visibility and forensics
DHCP and DNS transactions comprise critical information during troubleshooting and for cyber threat investigations. VitalQIP centralizes DDI events and administrator changes for tracking and forensics analysis. Our DDI Guard software collects captured DHCP and DNS packets for a time and can be forwarded to the DDI Guard Archive appliance for longer term storage for forensics and for addressing regulatory as well as security and compliance requirements. SIEM interfaces are also supported to facilitate aggregation of network data.
Extensive DNS security features
VitalQIP DNS services support several additional DNS security features that add a DNS layer to your defense in depth network security strategy. DNS firewall support of multiple response policy feeds, block lists and allow lists helps detect and prevent queries by malware to command and control (C2) centers. DNSSEC signing and validation help secure the integrity of publishes and resolved DNS data. DNS access control options provide filtering of permitted query access.
Forensics for cyber threat analysis
VitalQIP provides a repository of audit events from DDI changes made using the VItalQIP application and events reported from DHCP and DNS servers or appliances. In addition, our DDI Guard software provides visibility to and reporting for DNS and DHCP transactions on your servers. DDI Guard provides graphical reporting of DNS and DHCP traffic from time-series summary trends to drill down to specific DNS and DHCP packets for forensics analysis.