DNS Security and Encrypted Traffic Insights Overview
Domain Name System (DNS) Security provides an additional layer of protection between a user and the Internet by blocklisting dangerous sites and filtering out unwanted content. By using secure DNS servers, you can avoid unnecessary risks and the possibility of malicious attack.
Security Director provides support to secure DNS. You can now configure DNS security policies on SRX Series devices. You can create and manage DNS Security and Encrypted Traffic Insights (ETI) profiles and use these profiles to create DNS Security and ETI policies.
DNS Domain Generation Algorithm (DGA) generates seemingly random domain names that are used as rendezvous points with potential C&C servers. DNS DGA detection uses machine learning models as well as known pre-computed DGA domain names and provides domain verdicts, which helps in-line blocking of DNS queries on SRX Series devices.
Encrypted traffic insights helps you to detect malicious threats that are hidden in encrypted traffic without intercepting and decrypting the traffic. ETI monitors network traffic for threats without breaking the encryption of the traffic, thereby adhering to data privacy laws. ETI adds an additional layer of protection beyond traditional information security solutions to help organizations reduce and manage risk.