Mimecast announced on July 18 that it is developing a new Domain Name System security gateway that is now available to members of the company’s early adopter program.
The DNS Security Gateway is an expansion of the Mimecast portfolio beyond the company’s email security services that protect against spam and phishing attacks. With the DNS Security Gateway, Mimecast is providing a service that will help organizations filter and block malicious web traffic.
“The Mimecast DNS Security Gateway is a new security service from Mimecast that provides a point of enforcement, monitors and enforces acceptable web use policies, and blocks access to malicious websites,” Jamie Fernandes, director of product management,” told eWEEK. “The Mimecast DNS Security Gateway also reports important information like the top-10 most visited domains, website categories and blocked domains to enable improved usage understanding and for conducting forensic investigations of incidents or breaches.”
Fernandes explained that the technology behind the new DNS Security Gateway is largely home grown by Mimecast. The core of the gateway is built on the proprietary MIME OS platform, which serves as Mimecast’s software-as-a-service (SaaS)-based, multitenant platform, he said.
“As with most security solutions, we have relationships with trusted OEM technology and threat feed providers that have been added to the security stack in MIME OS to enhance its security capabilities,” Fernandes said.
How It Works
The DNS Security Gateway works similarly to other cloud-based security filtering services. Fernandes said the service works by allowing or blocking access to websites by providing a DNS resolver service and applying an organization’s specific security policies to each DNS request from that organization.
Mimecast customers set their DNS resolution to point at the Mimecast service. From there, they add their networks via IP address to their authorized list, or install the Mimecast Security Agent on their endpoints (clients and servers) to connect to the DNS service and authenticate their requests. Once the service is set up, Fernandes said users configure their desired access policies, such as which type of sites to block.
The idea of using a DNS-based approach to help protect organizations against malicious traffic is not a new one, with multiple vendors, including Cisco, CloudFlare and Akamai, providing different services. Fernandes said the Mimecast’s service is different because it is integrated and managed as a complement to the Mimecast Targeted Threat Protection (TTP) email security services.
“The combined solution, managed from a single administrative console, empowers organizations to manage and enforce security for the two most common attack vectors: email and the web – providing multiple layers of security from a single security service,” he said.
Fernandes added that the URL Protect email security service (which secures URLs that are delivered in emails) and the DNS Security Gateway (which secures access to websites delivered via personal email, infected websites and instant messaging) use the same back-end security analytics, delivering a consistent web security experience.
While the name of the new service includes the term “DNS,” the Mimecast DNS Security Gateway does not currently help organizations secure DNS itself. Fernandes noted that neither DNSsec (DNS Security extensions for domain security) nor DNScrypt (for encrypted DNS resolution) is currently supported by the Mimecast service.
“The Mimecast DNS Security Gateway will support DNSSec in the future and will provide for the encryption of DNS traffic according to the standard of TLS and DNS over HTTPS,” he said.
Mimecast is planning on having the DNS Security Service reach general availability in the fourth quarter of 2018.
Sean Michael Kerner is a senior editor at eWEEK and InternetNews.com. Follow him on Twitter @TechJournalist.