Infloblox has announced a new security service to prevent employees from visiting known malware sites, and to alert administrators if malware on compromised devices is trying contacting command-and-control servers or botnets.
The service is called ActiveTrust Cloud. A lightweight agent is deployed on laptops and PC (Windows and Mac OSs are supported). This agent redirects DNS queries to the nearest Infoblox site (the company has multiple points of presence globally), where the queries are resolved and inspected.
If a query matches Infoblox’s database of known bad sites, it will deny the connection.
ActiveTrust Cloud targets workers whose computers aren’t connected to the corporate network. It also targets remote offices and retail locations that have PCs and laptops connected to the Internet.
Infoblox says it plans to add support for Apple iOS and Android over the next six months, but for now smartphones and tablets aren’t an option.
Organizations that sign on to the standard service get access to a set of threat databases and a dashboard with basic reporting features. An advanced version includes access to additional intelligence, a threat investigation tool called Dossier that can provide more details about suspected malware, and enhanced reporting that identifies the user and device.
ActiveTrust Cloud integrates with Infoblox’s appliance-based DNS security and IPAM products, but those products aren’t required: ActiveTrust Cloud is available as a standalone service.
I asked if ActiveTrust Cloud offered content filtering (that is, the ability to limit or block access to inappropriate Web sites). The answer is not yet, but they plan to add it later in the year.
Infoblox did not provide specifics on pricing other than that it is per-device, with licenses sold in packs.
ActiveTrust Cloud is available now.