Wider attack surface coverage powered by hundreds of integrations and deeper threat visibility powered by thousands of detections.
Version: Windows server 2008 R2 and later.
A DNS server hosts the information that enables client computers to resolve memorable, alphanumeric DNS names to the IP addresses that computers use to communicate with each other.
Netsurion's Open XDR platform supports Windows DNS Server. It monitors configuration changes, policy changes, creation, deletion and modification in resource records and zones. It also generates alert for changes in configuration, deletion of zones and resource records and also when DNS server services is down.
Netsurion's Open XDR platform intelligent in-depth monitoring of DNS logs helps you to detect the access of malicious site from client machine. Netsurion's Open XDR platform compares the DNS queries generated by DNS client with malicious site database (periodically updated) and generates alert about the client which accessed it. it also gives geological information about that malicious site (IP,Country).
Netsurion's Open XDR platform is capable to detect the access of DGA (Domain generated algorithm) domains which are used as command controls for malware. Netsurion's Open XDR platform statistics monitoring of query, client,record type and error will help you to detect many DDOS attacks like (NXDOMAIN attack, Phantom domain attack, Random sub-domain attack,etc). Netsurion's Open XDR platform monitoring of client DNS setting will help to detect DNS hijacking and generate alert for suspicious DNS setting of client which gives information about client as well as it's DNS setting. Netsurion's Open XDR platform flex dashboard helps you correlate attack detection data and client details which eases the detection of attack.
Netsurion Data Source Integrations for Microsoft DNS Server allows you to monitor the following:-
Once logs are received in to Netsurion, Alerts and reports can be configured into Netsurion.
Some of the Data Source Integrations available in Netsurion are listed below.
The configurations detailed are consistent with Netsurion version 8.x and later, windows server 2008 and later.
Download Integration Guide and How-to Guide for more information and to configuration instructions.