Detect malicious traffic on your network and get detailed reports.
Download and install DNSeye VM appliance
Get In Touch
Protect all your users at DNS level from harmful contents of the internet with the help of AI.
14 days free trial
Start Your Free Trial
Most advanced dynamic cyber threat intelligence for deep dive domain analysis.
No registration required
Get Your First Analysis

Advanced DNS Visibility

Advanced DNS Visibility

What is DNS Visibility Feature?

DNS Visibility comes as a part of the DNSEye product as a feature. DNSEye detects the sources of malicious activities on the networks regardless of the network’s size where it is deployed on. DNSEye will enhance the clients’ security via the reports and the warnings that are generated on the basis of users.

92% of the businesses could not receive any visibility for their DNS traffic or they do not report the traffic in the manner of analysis. The main reason behind this situation, the EPS costs belonging to DNS traffic are very high and the hardiness of interpreting the DNS traffic.

In any size of network, if malicious traffic is formed, the device that generates this activity will be detected and detailed information about this device such as its MAC address, source IP, the user will be reported. Thus, the EPS costs will be reduced since only malicious traffic is reported.

How does the DNS Visibility Feature Work?

The users’ DNS requests will be forwarded to the DNSEye and carried through in a matching process.

In this process, Microsoft DNS Server’s DNS logs are collected and their real-time traffic data, Source IPs, hostname information are collected.

The user information(user, AD domain) is gathered from Microsoft Active Directory, and MAC Address information is gathered from DHCP, then this information is analyzed.

The data that is collected from Microsoft AD and DHCP are matched to the DNS log information.

Then the domain names will be directed to Roksit DNS Servers. The real-time DNS traffic is analyzed and the requested domain is categorized by Roksit’s AI-based mechanism. Roksit has 99.9% precision in categorization, and it classifies the traffic by grading with the help of Roksit’s Cyber Threat Intelligence platform and AI-based substructure.

After the matching and the categorization process, a meaningful report will be generated that indicates which user requested which exact domain on which device and when this request happened.

Frequently Asked Questions

No items found.
No items found.