CYGNA DDI SECURITY
Cygna DDI Guard
Enhance network security, visibility, and performance by capturing and analyzing critical DNS, DHCP, and IPAM activity in real time.
Cloud asset acuity
How many times have you reviewed your monthly cloud services bill to find random unused virtualized entities costing you money? Forgotten instantiations or shadow IT groups may be inadvertently consuming resources that are no longer needed. Improve your cloud asset acuity with Cygna DDI Guard’s resource record reclaim feature. A resource record that hasn’t been queried in weeks or months could indicate the resolved host is no longer needed but could still be active.
DDI cyberthreat intelligence
Cygna DDI Guard retains all DHCP/DHCPv6/DNS transactions while enabling forwarding of relevant DHCP and DNS packets to third-party SIEM systems. This infusion of DDI data provides critical input for your security event correlation activities and supplements your cyberthreat intelligence repository. Easily filter DDI data forwarded to external systems based on filtering criteria you define in order to minimize bloat of unremarkable data and to substantially reduce SIEM ingest costs.
DNS/DHCP protections
Defending against increasingly sophisticated cyberattacks requires vigilance at all levels of your network, including the foundational DNS-DHCP-IPAM (DDI) layer. DDI transaction data and history prove vital in troubleshooting, network forensics, and cyberthreat intelligence.
Optimize application user experiences
DNS is the first step in an IP connection. Historically, DNS query responses included static data as configured by the authoritative zone administrator. Cygna DDI Guard’s Routed Domain Name feature provides application level status checks on resolved IP addresses to adjust query responses to include only available endpoints. Performance and topology policy entries also help steer application users to the fastest available application endpoint on your network or in the cloud.
Visibility without sacrificing performance
Cygna DDI Guard enables collection of DNS and DHCP activity with minimal server performance impacts and captures not only queries but responses as well. Leading reference implementations slow to a crawl when you enable logging. But you need visibility to packet details to verify provisioning, server moves, troubleshooting, network forensics, and compliance. Cygna DDI Guard enables collection of bi-directional data including real-time transaction tapping, providing in-depth visibility in real time and historically, without sacrificing DHCP/DHCPv6/DNS server performance.
Multi-Platform DDI
Cygna DDI Guard provides DHCP and DNS auditing and security features for all Cygna DDI appliance models from Cygna Sapphire to Cygna VitalQIP and Cygna runIP. But if you’re operating stock ISC or Microsoft Windows DHCP and DNS servers within your network, no problem! Just as our Cygna DDI applications support our appliances and leading third-party vendor products, so does Cygna DDI Guard for DDI visibility, forensics, and security.
Customizable alerting
Cygna DDI Guard monitors DHCP and DNS transactions and can generate alerts via SNMP or email for detection of DNS and DHCP/DHCPv6 packets meeting criteria that you can define. For example, you can define alerts for DNS queries to suspect DNS domains or for DHCP requests by devices outside of your set of known client identifiers. Such activity could be an indicator of rogue devices or malware attempting to contact a command and control (C2) center for updates or to exfiltrate sensitive information.
Let Us Help You Tackle Your IT Challenges
Schedule your demo today to see what's possible.