The easiest and fastest way to protect your network

February 17, 2020

6 minutes of reading

When you are an IT analyst or director of a company, it is important to make some important network control and security decisions. Especially when the internet is the main tool for the company's full operation. If this responsibility were not enough, the volume and sophistication of cyber attacks aimed at harming organizations is increasing. Therefore, it is important that professionals in the field have knowledge of tools that can help block these attacks to avoid loss of information, productivity and money.

Furthermore, the budget for investment in network security and internet control is always limited in most small and medium-sized companies. Therefore, it is necessary to study the entire network scenario, act quickly and find an integrated solution to improve digital security without spending excessively and without burdening the team's productivity.

One of the most important parts of the network, as it is most often the gateway to attacks, is the DNS layer. And with an integrated solution, which uses data intelligence and studies the reputation of each website, it is possible to identify and block malicious websites in advance, such as access anonymizers, hacking, keyloggers, malware, spyware, phishing and fraud. In this way, a solution that helps protect the DNS layer of a company's network becomes the first line of defense, since DNS requests precede all activities on the internet.

Main types of attacks at the DNS layer

It's not just companies that create security solutions that are innovative. Cybercriminals, by necessity, also innovate aggressively by trying to find loopholes in organizations' security products and policies.

But in recent years, criminals have become more motivated and ambitious due to the increasing financial rewards from happy-ending attacks. As digital media is increasingly used, generating a lot of important information, the data of these companies becomes valuable and the main target of these criminals. If this data is stolen, it can be resold in the open on the internet for a very significant amount. Another type of attack is ransomware , which is increasingly common, which forces the organization to pay for access to its own information.

The most common DNS attack techniques cause the user to try to access a certain page and be redirected to an incorrect destination. These techniques are called cache poisoning (DNS Poisoning) and server hijacking (DNS Hijacking).

The DNS Poisoning attack occurs when a criminal manages to infiltrate the DNS server, with the aim of modifying the information recorded in the cache and thus changing the destination IP number, without having to change the address that the user types in the browser.

In the DNS Hijacking attack, the criminal uses malware with the aim of hijacking domain translation requests and redirecting traffic to a malicious DNS server.

The difference between the two techniques is that the criminal's focus in the first (DNS Poisoning) is the DNS server and the second (DNS Hijacking) is the device itself (computer, laptop).

The malicious pages to which the user may be directed are, in general, cloned (a phishing ) with the aim of spreading malware payloads or unwanted applications, mining cryptocurrencies, stealing information on falsified access forms, etc. And as the user entered the correct domain, it will be difficult for them to quickly identify that they were a victim of this type of engineering.

Advantages of DNS Layer Control

A solution for controlling DNS requests brings many advantages to companies, including the following:

1. Security internet access control solution it is possible to proactively protect against emerging threats. These solutions are equipped with services that have constantly updated lists of suspicious websites. Another important feature is the possibility of defining the necessary level of reputation that a website must have to be accessible on the network, blocking it if the level is lower than that configured.
2. Productivity : Improper use of the internet by employees can greatly compromise the company's productivity. This waste of time can occur in countless ways, accessing social networks such as Facebook or Instagram, accessing personal email, communication services such as WhatsApp or Skype, entertainment websites, shopping, sports, among others. However, an internet access control solution also allows the blocking of unwanted websites that are outside the company's scope of work and that waste employees' time and compromise productivity.
3. Cost reduction : With increased network security, reduced equipment maintenance costs and increased team productivity, the investment in an internet access control solution often pays for itself in the first few months.
4. Information : Another important point is collecting information about internet use, having reports on what is being accessed and analyzing this information in conjunction with reports on team productivity and task delivery, this can lead to the optimization of your access policy to Internet.

Tools to increase network security

As the DNS layer is the gateway to the main cyber attacks on a company's network, implementing a tool to increase security becomes an essential factor in ensuring information security.

By preemptively blocking all requests on any port or protocol, security at the DNS layer can stop the action and avoid the burden of needing to identify the specific source of that attack.

To increase network security in your company, there are different alternatives, such as traditional Linux proxy solutions provided by specialized companies, which require greater investment in servers, specialized labor and constant maintenance.

Other options are SonicWall , Fortinet FortiGate and similar, or more modern solutions that use cloud resources and are more accessible, easy to implement and manage. This type of service is mainly recommended for small and medium-sized companies, good options are Lumiun , OpenDNS or DNSFilter .

To choose the best option for managing internet access, it is important to clearly define your company's needs and compare the costs, characteristics and benefits of each of the existing solutions.

Why Lumiun?

The Lumiun company is the only one of the options mentioned above that is 100% Brazilian. We really understand how the work environment works in Brazilian companies and create solutions that can increase network security and team productivity.

Every day, more than 22 million accesses are controlled and 3.2 million unwanted accesses are blocked. This is data that we study and combine with third-party services with the intention and commitment to protect the company's information.

Main features you can find in Lumiun:

Access control:
- Allowing and blocking applications, websites and website categories. Including by time;
- Protected search ( Safesearch ) on Google, Bing and Youtube to ensure that inappropriate content is not displayed in search results;
- Domain search where Lumiun scans and finds their category, reputation, description, last hits and even a preview of the page.
Security:
- Option to define the minimum reputation level to access a website;
- Blocking websites that belong to categories considered harmful such as hacking, malware, phishing, etc.
firewall:
- Forget the old and difficult concept of deploying firewall rules on your network. In Lumiun, it is possible, with a few clicks, to add blocking and releasing rules by ports, protocols, source and destination. Furthermore, there are predefined configurations that help those who are more unfamiliar with the subject.
Speed:
- With this feature you can limit the amount of Download and Upload for groups of equipment. This way you can distribute your internet link as you see fit or according to the demand of each group.
Reports:
- All these resources would be of no use if it were not possible to monitor the results. On Lumiun it is possible to monitor in real time which websites are most accessed or blocked, accesses per period, security blocks, firewall logs, equipment that consumes the most internet bandwidth and much more.

What customers like most about Lumiun is the ease of managing multiple networks in a single control panel, in the cloud, simple and accessible from anywhere.

20 minutes to increase network security in your company

After reviewing our main features and benefits, you may be apprehensive because you think it is a complex solution that takes time to implement and is expensive.

Installation of Lumiun Box on the company network

Good news! After receiving the Lumiun Box (sent on loan), our customer service team will assist you at every stage. On average, our customers take up to 20 minutes from installing the box to the network and configuring the control panel. It only takes 20 minutes to make your company's network more secure and your team more productive.

In addition to Lumiun Box , there is another solution, which does not require equipment and has a reduced cost, Lumiun DNS , see more here .

What about the cost of hiring Lumiun? You will be impressed by the low investment. Request our contact form using the form below or visit the website www.lumiun.com .

Author

Alex de Oliveira

Hello, my name is Aléx de Oliveira and I am the CTO and co-founder of Lumiun. At Lumiun, I lead the technical team responsible for creating and implementing information security solutions for companies of all sizes. If you need help implementing information security solutions for your company, you can count on me and the Lumiun team. We are always ready to help our customers achieve their goals safely and efficiently.