Use Cases

Cybersecurity Defense

  • Protect Your Network
  • Prevent DNS-based DDoS attacks and block malicious Internet bot activity that cause network outages and deteriorated service.
  • Prevent Bandwidth Theft
  • Prevent theft of service caused by hackers using DNS tunnels on cellular and Wi-Fi networks.
Across all devices

Features & Benefits

Over-blocking DNS traffic isn’t an option in provider networks because subscribers complain when they can’t reach desired destinations. GIX is supported by in-house staff, algorithms, and infrastructure, yielding a track record of zero false positives as well as industry-best threat coverage for all forms of DNS DDoS and bot malware. Precision Policies provide fine grained filtering so good queries get protected while bad ones are dropped.

DNS-based DDoS has evolved constantly as attackers change tactics. ThreatAvert adapts in parallel, taking advantage of a massive real-time stream of worldwide DNS data to keep GIX updated with the latest threats. Precision Policies offer sustained effectiveness against diverse forms of DDoS and other sources of unwanted DNS traffic with a comprehensive framework for targeting malicious activity.

Manual security processes introduce delay and require substantial operational coordination when new threats arise. Separate facilities are also required for capturing and analyzing security data. GIX and Precision Policies instantly and automatically identify and remediate threats so operations staff don’t have to. OPEX goes down, responsiveness improves, and stress on staff is reduced by eliminating “fire drills” or after hours security interventions.

Customer Stories

Deter DNS DDoS Quickly and Painlessly

A very large Latin American ISP was experiencing regular DNS based DDoS attacks causing perceptible service outages. In some cases support centers were saturated with calls which resulted in upper management visibility. Initial attempts to block attack activity with coarse grained query filters contributed to the damage by blocking legitimate queries.

A transition to N2 ThreatAvert from open source DNS not only prevented DDoS related service outages but improved overall DNS performance and latency. Precision Policies corrected the earlier over-blocking problem. Operations teams also configured Real Time Alerts to notify them whenever malicious activity arose. Staff were happier being able to focus on normal workflows rather than fighting unpredictable fires. Management was kept in the loop with regular security reports summarizing network status, automatically generated and sent daily.

Give Bots the Boot

A medium-sized Northern European broadband provider discovered they had an unusually high bot infection rate – 15% of their subscribers showed bot activity. More than 600 million malicious queries for “Command & Control” or sending spam were generated by bots every day. These query spikes strained DNS infrastructure and amplification attacks also consumed bandwidth.

An existing Vantio customer, they were able to quickly introduce ThreatAvert.  Severing bot connections had an immediate positive impact on DNS server utilization, especially during busy times of day. Subscribers benefitted too when bots could not function normally. Deterring DNS amplification and getting rid of spam also reduced bandwidth on transit links.  Operations was no longer preoccupied tracking down subtle problems.