Facebook Google Plus Twitter LinkedIn YouTube RSS Menu Search Resource - BlogResource - WebinarResource - ReportResource - Eventicons_066 icons_067icons_068icons_069icons_070

DNS Summary

by Megan Daudelin
January 29, 2016

DNS Summary Dashboard Screenshot

The Domain Name System (DNS) is an integral component in most modern networks. DNS facilitates the identification and access of services and devices across a network. Every domain relies on one or more DNS servers to assign and map domain names to hosts and services. A healthy DNS is essential to secure networks. SecurityCenter integrates with Nessus, the Passive Vulnerability Scanner (PVS), and the Log Correlation Engine (LCE) to monitor DNS for errors, vulnerabilities, and indications of compromise.

The DNS Summary dashboard monitors events and vulnerabilities related to DNS in the network. Specific plugins and events used to indicate whether vulnerabilities or errors are present. Details about specific vulnerabilities and events are included for review. Plugin IDs are used to filter for specific vulnerabilities and DNS detections. Events are listed by type with associated trend data. By monitoring DNS activity within the environment, security teams can more easily identify and remediate errors and vulnerabilities.

The components in the DNS Summary dashboard present vulnerabilities and events related to DNS issues. Tables list specific information about DNS servers, vulnerabilities, failed queries, and event types. Matrices present information about specific event counts and indicators of concern. Each component can be modified to focus on areas or hosts of particular concern. Organizations can use the information provided to better monitor the health and integrity of the DNS in their network.

This dashboard and its components are available in the SecurityCenter Feed, a comprehensive collection of dashboards, reports, Assurance Report Cards, and assets. This dashboard can be easily located in the SecurityCenter Feed under the category Threat Detection & Vulnerability Assessments. The dashboard requirements are:

  • SecurityCenter 4.8.2
  • Nessus 6.5.4
  • PVS 4.4.0
  • LCE 4.6.0

SecurityCenter Continuous View (CV) provides continuous network monitoring, vulnerability identification, risk reduction, and compliance monitoring. Nessus is continuously updated with information about advanced threats and zero-day vulnerabilities, and new types of regulatory compliance configuration audits. The Passive Vulnerability Scanner (PVS) performs deep packet inspection to enable discovery and assessment of operating systems, network devices, hypervisors, databases, tablets, phones, web servers, cloud applications, and critical infrastructure. The Log Correlation Engine (LCE) performs deep log analysis and correlation to continuously discover and track systems, applications, cloud infrastructure, trust relationships, and vulnerabilities. By integrating with Nessus, PVS, and LCE, SecurityCenter CV’s continuous network monitoring is able to detect systems and vulnerabilities across the enterprise.

This dashboard includes the following components:

  • DNS Event Counts: The DNS Event Counts matrix displays the counts of various DNS events within the past seven days.
  • DNS Servers: The DNS Servers table presents an IP summary of the DNS servers detected in the network.
  • DNS Error Indicators: The DNS Error Indicators matrix shows whether specific DNS errors or alerts have been detected.
  • DNS Event Trends: The DNS Event Trends table lists normalized events related to DNS by count.
  • DNS Vulnerabilities: The DNS Vulnerabilities table lists the top 100 vulnerabilities related to DNS by severity.
  • DNS Requests by TLD: The DNS Requests by TLD matrix displays the counts of DNS requests to several top-level domains (TLD) within the past 72 hours.
  • Most Recent DNS Failed Client Queries: The Most Recent DNS Failed Client Queries table lists the 100 most recent client query failure events detected.

Tenable Vulnerability Management

Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy.

Your Tenable Vulnerability Management trial also includes Tenable Lumin and Tenable Web App Scanning.

Tenable Vulnerability Management

Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy. Purchase your annual subscription today.

100 assets

Choose Your Subscription Option:

Buy Now

Tenable Vulnerability Management

Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy.

Your Tenable Vulnerability Management trial also includes Tenable Lumin and Tenable Web App Scanning.

Tenable Vulnerability Management

Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy. Purchase your annual subscription today.

100 assets

Choose Your Subscription Option:

Buy Now

Tenable Vulnerability Management

Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy.

Your Tenable Vulnerability Management trial also includes Tenable Lumin and Tenable Web App Scanning.

Tenable Vulnerability Management

Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy. Purchase your annual subscription today.

100 assets

Choose Your Subscription Option:

Buy Now

Try Tenable Web App Scanning

Enjoy full access to our latest web application scanning offering designed for modern applications as part of the Tenable One Exposure Management platform. Safely scan your entire online portfolio for vulnerabilities with a high degree of accuracy without heavy manual effort or disruption to critical web applications. Sign up now.

Your Tenable Web App Scanning trial also includes Tenable Vulnerability Management and Tenable Lumin.

Buy Tenable Web App Scanning

Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy. Purchase your annual subscription today.

5 FQDNs

$3,578

Buy Now

Try Tenable Lumin

Visualize and explore your exposure management, track risk reduction over time and benchmark against your peers with Tenable Lumin.

Your Tenable Lumin trial also includes Tenable Vulnerability Management and Tenable Web App Scanning.

Buy Tenable Lumin

Contact a Sales Representative to see how Tenable Lumin can help you gain insight across your entire organization and manage cyber risk.

Try Tenable Nessus Professional Free

FREE FOR 7 DAYS

Tenable Nessus is the most comprehensive vulnerability scanner on the market today.

NEW - Tenable Nessus Expert
Now Available

Nessus Expert adds even more features, including external attack surface scanning, and the ability to add domains and scan cloud infrastructure. Click here to Try Nessus Expert.

Fill out the form below to continue with a Nessus Pro Trial.

Buy Tenable Nessus Professional

Tenable Nessus is the most comprehensive vulnerability scanner on the market today. Tenable Nessus Professional will help automate the vulnerability scanning process, save time in your compliance cycles and allow you to engage your IT team.

Buy a multi-year license and save. Add Advanced Support for access to phone, community and chat support 24 hours a day, 365 days a year.

Select Your License

Buy a multi-year license and save.

Add Support and Training

Try Tenable Nessus Expert Free

FREE FOR 7 DAYS

Built for the modern attack surface, Nessus Expert enables you to see more and protect your organization from vulnerabilities from IT to the cloud.

Already have Tenable Nessus Professional?
Upgrade to Nessus Expert free for 7 days.

Buy Tenable Nessus Expert

Built for the modern attack surface, Nessus Expert enables you to see more and protect your organization from vulnerabilities from IT to the cloud.

Select Your License

Buy a multi-year license and save more.

Add Support and Training