Starting this week OpenDNS Enterprise has become an even more powerful anti-malware solution. It will block more forms of malware, and make networks around the world much more secure from costly malware infections. In addition to blocking malicious hostnames, we now block hostnames that resolve to known malicious IP addresses. That’s a big step forward, so I’ve added some notes on why this an important step for us.
First, some background: OpenDNS Enterprise malware protection is unlike anything else available. It’s a game-changing service for network admins tasked with keeping malware off their networks. It’s the first and only product that serves the two critical needs in fighting malware: blocking infections and mitigating compromised hosts.
Here are three excellent reasons you should consider using it:
Reason #1: Disable, Don’t Just Try to Detect
Mainstream anti-malware services from traditional companies like Microsoft and Symantec do little or nothing once a machine is infected to mitigate the damage that the malware causes. OpenDNS Enterprise malware protection, on the other hand, works to both prevent and mitigate malware. Since you can be infected through a variety of non-network vectors (USB stick, attachments, etc.) we also work to prevent infected computers from phoning home by blocking the master command and control servers that the malware communicates with.
Reason #2: Do You Run a Firewall or Anti-Spam System?
Some businesses sometimes ask me why they need OpenDNS. I ask them, “Do you have a firewall? Do you have a mail server with anti-spam and anti-virus enabled? Do you run an IDS system?” They invariably answer “yes” to all three questions. So then I ask, “Why do you leave your DNS traffic open like a firehose? Don’t you want to let in the good and block the bad?” Most network administrators and IT folks have never considered that problem, but once they do; the choice to use OpenDNS is clear.
Reason #3: Malware is a Major Problem For You, Whether You Realize it or Not
Malware is a massive problem, and one that’s growing fast. Stats from security firm Dasient show the number of websites infected with malware doubling since last year, with more than one million sites compromised during the fourth quarter of 2010. Another study from Microsoft shows that one in every fourteen programs downloaded by Windows users are malicious. And despite IE’s built-in warnings, 5% of people download the files anyway. Stopping infections is only part of the solution, the other part requires OpenDNS.
Interested? Existing OpenDNS Enterprise customers are getting this functionality today at no additional cost and with no additional effort on their end. Not yet a customer? Our clueful OpenDNS Enterprise sales reps would love to tell you more about it and get you started with a free trial today.
Lastly, our innovations have been noticed by the experts — Fahmida Rashid over at eWeek writes, OpenDNS Launches DNS-Based Malware Protection Service for Enterprises, and Kelly Jackson Higgins over at Dark Reading writes, Using DNS As Malware-, Botnet-Fighting Tool. Check them out.
PS, DNS hero and creator of BIND, Paul Vixie was quoted as saying that as long as malware continues to rely on DNS, tools like OpenDNS Enterprise malware protection will “be able to curtail it.”