Microsoft DNS Server

Version: Windows server 2008 R2 and later.

A DNS server hosts the information that enables client computers to resolve memorable, alphanumeric DNS names to the IP addresses that computers use to communicate with each other.

Netsurion’s Open XDR platform supports Windows DNS Server. It monitors configuration changes, policy changes, creation, deletion and modification in resource records and zones. It also generates alert for changes in configuration, deletion of zones and resource records and also when DNS server services is down.

Netsurion Open XDR intelligent in-depth monitoring of DNS logs helps you to detect the access of malicious site from client machine. Netsurion Open XDR compares the DNS queries generated by DNS client with malicious site database (periodically updated) and generates alert about the client which accessed it. it also gives geological information about that malicious site (IP,Country).

Netsurion Open XDR is capable to detect the access of DGA (Domain generated algorithm) domains which are used as command controls for malware. Netsurion Open XDR statistics monitoring of query, client,record type and error will help you to detect many DDOS attacks like (NXDOMAIN attack, Phantom domain attack, Random sub-domain attack,etc). Netsurion’s Open XDR platform monitoring of client DNS setting will help to detect DNS hijacking and generate alert for suspicious DNS setting of client which gives information about client as well as it’s DNS setting. Netsurion Open XDR flex dashboard helps you correlate attack detection data and client details which eases the detection of attack.

Netsurion Data Source Integrations for Microsoft DNS Server allows you to monitor the following:-

  • Security – DNS record resolution activities,Suspicious DNS setting, DGA Detection and malicious site detection.
  • Compliance – DNS server configuration.
  • Operations – changes in zones and resource records and DNS service down.

Once logs are received into Netsurion Open XDR; alerts and reports can be configured into Netsurion Open XDR.

To take advantage of this data source integration and to learn more about alerts, reports, and dashboards, contact your Technical Account Manager (TAM). If you are not currently a Netsurion customer or partner, contact us to learn more.