Powerful threat prediction, prevention, detection, and response along with compliance in a scalable, simple managed solution.
All-in-one networking solution that combines network connectivity, agility, security, and compliance in an affordable managed solution.
Accelerate business growth through our award-winning partner program.
Applies To: Windows server 2008 R2 and later.
A DNS server hosts the information that enables client computers to resolve memorable, alphanumeric DNS names to the IP addresses that computers use to communicate with each other.
The EventTracker Enterprise supports Windows DNS Server. It monitors configuration changes, policy changes, creation, deletion and modification in resource records and zones. It also generates alert for changes in configuration, deletion of zones and resource records and also when DNS server services is down.
EventTracker intelligent in-depth monitoring of DNS logs helps you to detect the access of malicious site from client machine. EventTracker compares the DNS queries generated by DNS client with malicious site database (periodically updated) and generates alert about the client which accessed it. it also gives geological information about that malicious site (IP,Country).
EventTracker is capable to detect the access of DGA (Domain generated algorithm) domains which are used as command controls for malware. EventTracker statistics monitoring of query, client,record type and error will help you to detect many DDOS attacks like (NXDOMAIN attack,Phantom domain attack,Random sub-domain attack,etc).EventTracker monitoring of client DNS setting will help to detect DNS hijacking and generate alert for suspicious DNS setting of client which gives information about client as well as it's DNS setting. EventTracker flex dashboard helps you correlate attack detection data and client details which eases the detection of attack.
EventTracker Knowledge Pack for Microsoft DNS Server allows you to monitor the following:-
Once logs are received in to EventTracker, Alerts and reports can be configured into EventTracker.
Some of the Knowledge Packs available in EventTracker are listed below. For more information please refer Integration Guide.
The configurations detailed are consistent with EventTracker version 8.x and later, windows server 2008 and later.
To configure Microsoft DNS Server to send logs to EventTracker, refer to the How-to Guide.
For more information please refer to the Integration guide.