DNSWatchGO cloud service gives MSPs another layer in their security portfolios
IT service providers and enterprises have a new cloud-based tool from WatchGuard Technologies aimed at addressing security challenges raised by the growing number of mobile workers, whether they’re on or off the corporate network.
The Lowdown: WatchGuard’s DNSWatchGO is designed to automatically detect and block a range of cyber-threats – including phishing attacks, command-and-control callbacks, and data exfiltration efforts – and is available either as a stand-alone service or through the vendor’s Passport bundle of security services.
The Details: The service extends the DNS-level protection and content filtering in WatchGuard’s current DNSWatch service to address security issues for users who are off-network. DNSWatchGO monitors and correlates outbound DNS requests from such users against a list of malicious domains. The service blocks endpoint attempts to connect with known malicious infrastructure, users are redirected, and the traffic is sent to DNSWatch servers, where it’s investigated and malware removed. The service also delivers automated phishing protection.
Through the DNSWatchGO, WatchGuard also is looking to help enterprises improve their security posture via end user education. When an employee clicks on an e-mail or link that the service deems a phishing attempt, they are redirected immediately to resources that address phishing attacks and how best to prevent them.
The Impact: WatchGuard’s latest service gives MSPs and IT administrators more capabilities in their security portfolios to offer customers and employees in what’s becoming a much more distributed environment, with workers increasingly working remotely, which expands the attack surface for hackers.
DNSWatchGO adds another layer of security to the MSP tool kit and provides an analysis of each attack that was blocked, giving service providers more information for context and further action, as well as evidence of the protection they’re providing to their customers. In addition, as a cloud-based solution, there are no hardware or manual software updates to worry about and both on- and off-network users can be managed via a single interface.
Background: It’s becoming more common for employees to work remotely, even if just part of the time. A recent CITE Research survey found that 92% of respondents said their organizations allow remote working, and while 90% said they’re using endpoint threat detection and response solutions, almost two-thirds said a remote worker was a victim of a cyberattack. In addition, 49% of employees receive security awareness training twice a year or less.
The Buzz: “As the workforce becomes increasingly mobile, businesses need to be able to protect against the increasing attacks that take place outside of their core network. They need to be able to monitor off-network traffic, filter access to malicious and unwanted content, and protect users even when they’re not using a VPN,” said Andrew Young, senior vice president of product management at WatchGuard. “DNSWatchGO was built to deliver these capabilities and extend our industry-leading layered protections to secure remote workers beyond the network perimeter, while also educating and training them on security best practices in the process.”
“As an established IT solution provider, I have worked with many vendors over the years and have seen a lot of product innovation and very little channel innovation. Channel experience goes beyond basic discounting and training programs and involves how products and services are procured from the vendor, resold to clients, and managed throughout their lifetime,” said Kevin Willette, president and CEO at Verus Corp. “With WatchGuard, I know I’m getting both technology innovation and an investment in my experience. DNSWatchGO brings off-network content filtering to my user-based security stack and Passport gives me a simple way to deliver it with all of WatchGuard’s other user-based security services in a single SKU.”