360 Government Enterprise Security Group officially launched the “security DNS new product launch” on the ISC platform, and released three strategic DNS product services for the whole network, including basic resolution service, security resolution service and 360dns security monitoring system. Focus on government and enterprise users to quickly discover network threats, improve the efficiency of security management, redefine DNS industry security solutions, and build a new generation of security protection network.
Advantage integration and 360 threat to main pipeline
Since its invention in 1983, DNS has been the key infrastructure of the Internet. In recent years, with the rapid development of Internet of things and 5g technology and the rapid popularization of IPv6, the number of network access devices has increased dramatically. According to relevant forecasts, the number of networking devices will exceed 100 billion in 2030. Although the shapes, chips, systems and functions of networking devices are different, DNS has always been the “first hop” for them to connect to the network, and its security is self-evident.
Yao Tong, senior vice president of 360 government enterprise security group, said at the press conference that although DNS is very important, at the beginning of its design, DNS protocol often focuses on usability and ignores security. And because of the importance and particularity of the protocol, almost all defense measures allow unrestricted transmission of DNS protocol type data packets, which is equivalent to opening the “window”. As time goes on, DNS has exposed more and more security problems.
According to the global network infrastructure security report of netscout in 2019, DNS is one of the main targets of the application layer. Idc200 global DNS threat report shows that 79% of enterprises have been attacked against DNS, of which 82% have suffered program service interruption. In the past 12 months, each enterprise has suffered 9.5 DNS related attacks on average, and each attack will cause a loss of 920000 US dollars.
“In other words, DNS is not only an important network critical infrastructure, but also an important network security critical infrastructure.” Yao Tong said.
Due to the wide application of DNS protocol, it has become the main channel of network threat flow. It has the ability to obtain a large number of network threat data, and then can sense the network threat and block it in real time. Therefore, more and more governments and enterprises begin to realize the importance of DNS in network security, and try to put forward security solutions based on DNS.
But the combination of DNS and security analysis is not easy. Li Fengpei, senior director of Network Security Research Institute of 360 government enterprise security group, proposed three “thresholds”: first, DNS data; second, big data processing capacity; third, data interpretation capacity.
Under these harsh conditions, companies with data often do not have the ability of security analysis, companies with security analysis ability do not have data, and it is difficult to communicate with each other due to data jurisdiction. Even if the above conditions are met, there may be a lack of an experienced team of experts to analyze the operation.
360 government enterprise security group has unique advantages in this field. Li Fengpei said that on the one hand, 360 is a public DNS service provider with a full set of licenses and operation qualifications, and has the “hardest threshold” – massive data in the era of big data. Under the support of “360 search gene”, 360 has different big data processing capabilities; on the other hand, 360 has accumulated security experience for many years All big data, in the analysis of DNS, there is a lot of data cross comparison space. More experienced in this field of security expert team, has the ability to interpret the data. In this context, 360 government enterprise security group integrates its resource advantages to provide DNS Security services.
Focus on three major tracks to adapt to future scenarios
Undoubtedly, DNS will be of great value in network security, even in national network security. In view of this, 360 government enterprise security group is the first to launch three new products: basic resolution service, security resolution service and 360dns security monitoring system.
Among them, the basic DNS resolution service is a service that 360 has been providing for individual and government enterprise customers for free since 2013, and has been operating steadily. As a pioneer in the head DNS service provider, 360 started the support of IPv6 as early as a year ago after internal testing. At the press conference, Gao Yiwei, senior product director of DNS division of 360 government enterprise security group, announced that it will officially provide free IPv4 and IPv6 dual stack resolution services to all users.
In addition, the security resolution service is the “externalization” of internal capabilities. Since 2019, it has provided dot and DOH security resolution services for 360 security guards and 360 browser users, and its value and stability have been verified. The 360doh / dot security resolution service follows the RFC standard, overcomes a lot of security problems existing in traditional DNS resolution, avoids many security problems such as domain name hijacking and advertisement insertion caused by traditional DNS, and solves the problems caused by abnormal domain name resolution in Internet services.
As for 360dns security monitoring system, a network security product for government and enterprise customers, it can find lost network assets based on DNS resolution data, block malicious domain name requests in real time, effectively control network security risks, and can be managed through a unified management and control platform.
The core of this system is comprehensive and accurate network threat detection capability, which is based on 360 domain name Threat Intelligence produced by massive security big data. It is precisely because 360 has the world’s largest security big database, based on these security big data mining analysis, we can get comprehensive, accurate, and rich context information Threat Intelligence.
In addition to the above core functions, 360dns security monitoring system can adapt to a variety of customer scenarios and needs. Gao Yiwei said that in order to meet the demand of the rapid rise of information and innovation, 360dns security monitoring system also continuously adapts to mainstream information and innovation platforms such as haiguang, Kunpeng and Qilin.
Differentiation advantage is obvious, 360 deepens DNS Security new front
For a long time, finding and blocking malicious requests, even backtracking hacked devices and removing malicious code through DNS malicious requests, are important parts of in-depth defense of government and enterprise networks. How to achieve accurate identification through effective means to reduce the occurrence of network malicious behavior has become very important.
As an important part of 360 security brain, 360 security DNS has been serving for the eighth year since 2013. In the past eight years, 360 has been closely following the development of DNS industry, continuously focusing on the operation and maintenance, analysis and R & D of secure DNS, and has made certain achievements in basic resolution, security resolution and network security applications. Among them, the public authority hosting service provides resolution services for more than 8 million domain names every day, and the public recursive resolution service resolves more than 200 billion times a day.
Thanks to the strong security analysis team and massive security big data support, 360 has been intercepting more than 2 million malicious domain name resolution requests every day through its own domain name Threat Intelligence since 2016, establishing and maintaining the country’s first and largest passive DNS database, with more than 10 billion pieces of data.
Since 2019, 360 secure DNS has provided security resolution services for 360 internal products for a long time, with more than 100 billion users per day. In DNS resolution and security applications, 360 has always been in a leading position in the industry.
In the 360 secure browser, by using 360 secure DNS, it can further improve its security and protect the network and privacy of users. Yin Qingjian, senior technical manager of 360 group’s PC browser, said at the press conference: in November 2019, 360 browser and 360 government enterprise DNS team worked together to add DOH to the 12.0 version of 360 speed browser, becoming the first browser supporting DOH service in China. Then, in December 2019, 360 security browser synchronously supports DOH protocol. As of September 2020, 360 browser has received billions of DOH requests every day, which ensures the network security and privacy of millions of users.
It is the long-term investment in DNS and security that makes 360 build a new DNS product and service. With 360’s rich experience in operation and maintenance of public DNS resolution service, industry-leading Threat Intelligence and practical function accumulation, this service has the advantages of easy deployment, strong perception, wide coverage, fast response and high throughput.
As 360 government enterprise security group continues to make efforts in the government enterprise market and expand the big security territory, its identity as a network security service provider in the digital era is further highlighted. In the future, 360 government enterprise security group will continue to cultivate the DNS Security front and guard the first entrance of government enterprise users to the Internet.
Editor in charge: GT