If you know the movie and novel The Princess Bride, then you’re familiar with a certain narcissistic, 2-bit criminal concluding that “you fell victim to one of the classic blunders.” While getting into “a land war in Asia” and “going in with a Sicilian when death is on the line” are classic blunders according to cult movie lore, there are classic blunders in cybersecurity we strive to avoid being victimized by - getting phished and falling prey to ransomware or business email compromise are a few that probably top the list.
Protecting your organization from these and other forms of cyber threats are precisely why you get up in the morning, it’s why you vie for budget, search for qualified staff, and evaluate and purchase technology to accomplish your cybersecurity mission.
It’s also why HYAS clients depend upon our protective DNS solution, HYAS Protect, as a trusted and necessary component of their security stack.
HYAS Protect stops the connection with malicious web links when employees are tricked by phishing emails. If malware has already infected an employee machine, HYAS Protect prevents communication of the malware with its command and control, stopping malware from causing damage.
HYAS Protect also enforces acceptable internet use policies and aligns them all with existing business units, departments, and teams in your company. That means specific groups or users can access what they need to get their jobs done, but are prevented from tempting services or sites that could get mixed up with look-alikes operated by the bad guys.
And while real-time protections and enforcement like these act as a preventative layer of security, HYAS Protect also highlights patterns in your DNS traffic to drive security awareness and analysis that further protects your organization and helps you achieve a higher level of resiliency.
Well, HYAS Protect has gotten even better, with the recent release of new capabilities that ensure ease of use, support your organization's existing network architecture, and help make your organization more resilient.
Classic blunders? Not if we can help it!
Check out some of the newest capabilities in HYAS Protect:
HYAS Protect has long supported the idiosyncrasies of diverse network architectures so common in modern business. HYAS Protect lets you configure multiple source networks, it supports employee machines and mobile devices as they roam across public networks, and even integrates with other security tools so that HYAS standards of security can be achieved while hitching a ride on existing agents or other tech. In other words, we are all about adapting to your environment and making using HYAS a breeze.
HYAS Protect now supports “split-horizon DNS” for handling DNS requests differently depending upon whether the employee is on-network or off.
We already support “local domains” so that internally-facing applications and services are only accessible from the office. But in a split-horizon setup, the DNS server resolves the same domain name differently, depending upon whether the request originates internally from within the network or externally. It also helps ensure that employees have the “experience” determined by IT Security based upon the location of the employee.
Chalk up another win for HYAS Protect in meeting your organization where it is, and sidestepping any headaches in rolling out protective DNS!
Speaking of sidestepping headaches, we have also launched our HYAS Protect Relay which further improves the visibility, analysis, and ultimately protections that HYAS provides, but expands it into your internal network. To understand how, let’s take a look at the HYAS Protect deployment options:
HYAS Protect clients have the option of configuring protections on employee devices (via an agent), configuring for office networks (via DNS resolver), and integrating with existing capabilities like endpoint detection and response, or EDR (via piggybacking off of existing agents and capabilities).
Well, the HYAS Protect Relay augments resolver-based deployments (option #2 above) by providing visibility on DNS requests inside the network. By using our HYAS service inside the network, your organization’s internal DNS lookups, their frequency, and their metadata all become visible in HYAS Protect. That means more holistic visibility that can be leveraged to drive improved security for your organization.
You can now enable and configure SAML-based Single Sign-on (SSO) to support integration with your existing identity provider. HYAS SSO capabilities bring all the traditional benefits of SSO like reduced password fatigue, better efficiency, and alignment with authentication services and policies required by your organization.
It also brings additional custom role mapping that allows you to configure what HYAS Protect roles - such as administrator, analyst, or executive - are permissioned for each user based upon the privileges determined by use of your identity provider.
In the latest release of HYAS Protect, we’ve introduced a feedback loop so our global community of security users can send us feedback on our domain categories.
One of the policy management benefits we support is allowing/preventing access to domains that align with such topics as social media, sports, gambling, and adult content, to name just a few. We categorize billions of domains to help you achieve your appropriate use policies, but we don’t always get it right.
This new capability lets your HYAS Protect users (not your employees) tell us when they think we’ve gotten it wrong. This empowers our community of users with a voice and ensures we get your feedback so we can improve the overall quality and accuracy of categories HYAS uses going forward.
Please check it out, and don’t be bashful about sharing your feedback. We want to be the best we can be for you!
We are on a journey, one that involves delivering the best protective DNS solution on the planet. These new capabilities are only a part of the total value that HYAS Protect affords. And we’re not taking our foot off the gas. Check out some of the new capabilities we’re working on:
Check out HYAS blogs for future announcements on these capabilities!
Why Cybersecurity Must Include Protective DNS
How to Select a Protective DNS Solution
The Role of Protective DNS to Identify and Defend Against Cyber Threats
How HYAS Protect Stacks Up Against the Competition