on 03-15-201911:25 PM - last edited on 03-18-201907:45 AM by ploera
Learn all about the DNS Security Service in the new Best Practice Webinar by Palo Alto Networks. This new webinar highlights DNS Security Service and how to strengthen your security posture. Get your questions answered on Live Community.
PAN-OS 9.0 introduced several new exciting features and services, with the DNS Security Service being one of the biggest leaps forward, tapping into a new area of protection.
• How real-world threats found by Unit 42 use DNS for command-and-control and data theft. • Challenges in addressing DNS-based attacks faced by the Palo Alto Networks SOC team. • Best practices for protecting DNS traffic to keep your organization safe.
You’ll also get your questions answered in our live Q&A when you join us for this interactive session. Learn what you should be doing to protect your DNS traffic today—and how to stay ahead of emerging tactics.
In a nutshell, what does the DNS Security Service bring to the table?
By combining the data learned through services, alliances, and good old elbow-grease research, and applying predictive analytics to this vast wealth of information we can disrupt attacks that use DNS for exfiltration or C2.
Once you Activate the Subscription License, all you need to do to Enable DNS Security is add the Palo Alto Networks DNS Security (represented in the drop-down as 'default-paloalto-cloud') to your existing Anti-Spyware Profile DNS Signature settings and select an action.
I recommend setting the action to 'sinkhole' as this will add visibility in the traffic logs about the source of the malicious DNS requests.
Once all profiles are updated, commit the change and restart the DNS proxy process.