Action against DNS malwares using the Bitdefender.

deadshot

What are the ways to protect my endpoint using the features of Bitdefender GravityZone Business Security, from different types of DNS malwares?

Andrei_S Enterprise

Hello @deadshot ,

To protect your endpoint from different types of DNS malware using Bitdefender GravityZone Business Security, you can leverage several features and modules.

1. Bitdefender Endpoint Security Tools (BEST) - security agent

To protect your network, you must install Bitdefender Endpoint Security Tools on your Windows, Linux, and macOS endpoints. This is the foundational step to ensure that your endpoints are protected by Bitdefender's security features.

2.Enable Network Attack Defense

Network Attack Defense is a crucial module that helps protect against network-based attacks, including DNS-based malware. Ensure that this module is enabled in your security policy:

- Go to the GravityZone Control Center.

- Navigate to Policies.

- Edit the relevant policy and ensure that Network Attack Defense is enabled.

3. Configure DNS Protection

DNS protection can be configured to block malicious DNS requests. This helps in preventing endpoints from connecting to malicious domains:

- In the GravityZone Control Center, navigate to Policies.

- Edit the policy and go to the Network Protection section.

- Enable Web Protection and configure it to block malicious websites and phishing attempts.

4. Use Advanced Threat Control (ATC)

Advanced Threat Control continuously monitors running processes for signs of malicious behavior. This can help in detecting and blocking DNS-based malware:

- In the GravityZone Control Center, navigate to Policies.

- Edit the policy and go to the Antimalware section.

- Ensure that Advanced Threat Control is enabled.

5. Enable Content Control

Content Control can be used to block access to malicious websites and prevent DNS-based attacks:

- In the GravityZone Control Center, navigate to Policies.

- Edit the policy and go to the Content Control section.

- Enable Web Access Control and configure it to block access to known malicious websites.

Additionally you should ensure that:

Regular Updates and Scans are configured

Ensure that your endpoints are regularly updated and scanned for malware:

- Schedule regular updates for the Bitdefender Endpoint Security Tools.

- Schedule regular full system scans to detect and remove any malware.

Monitor and Respond to Incidents

Use the GravityZone Control Center to monitor security incidents and respond promptly:

- Navigate to the Network section to view the status of your endpoints.

- Check the Incidents section for any alerts related to DNS-based malware.

- Take appropriate action based on the alerts, such as isolating the affected endpoint or running a full scan.

You can find more details about these features and modules in our product documentation: https://www.bitdefender.com/business/support/en/77209-77398-security-management.html#UUID-abc6460e-589b-b83d-1e0b-cbcef9ee7307

Kind Regards,

Andrei