Action against DNS malwares using the Bitdefender.

What are the ways to protect my endpoint using the features of Bitdefender GravityZone Business Security, from different types of DNS malwares?

Best Answer

  • Andrei_S Enterprise
    Answer ✓

    Hello @deadshot ,

    To protect your endpoint from different types of DNS malware using Bitdefender GravityZone Business Security, you can leverage several features and modules.

    1. Bitdefender Endpoint Security Tools (BEST) - security agent

    To protect your network, you must install Bitdefender Endpoint Security Tools on your Windows, Linux, and macOS endpoints. This is the foundational step to ensure that your endpoints are protected by Bitdefender's security features.

    2.Enable Network Attack Defense

    Network Attack Defense is a crucial module that helps protect against network-based attacks, including DNS-based malware. Ensure that this module is enabled in your security policy:

    - Go to the GravityZone Control Center.

    - Navigate to Policies.

    - Edit the relevant policy and ensure that Network Attack Defense is enabled.

    3. Configure DNS Protection

    DNS protection can be configured to block malicious DNS requests. This helps in preventing endpoints from connecting to malicious domains:

    - In the GravityZone Control Center, navigate to Policies.

    - Edit the policy and go to the Network Protection section.

    - Enable Web Protection and configure it to block malicious websites and phishing attempts.

    4. Use Advanced Threat Control (ATC)

    Advanced Threat Control continuously monitors running processes for signs of malicious behavior. This can help in detecting and blocking DNS-based malware:

    - In the GravityZone Control Center, navigate to Policies.

    - Edit the policy and go to the Antimalware section.

    - Ensure that Advanced Threat Control is enabled.

    5. Enable Content Control

    Content Control can be used to block access to malicious websites and prevent DNS-based attacks:

    - In the GravityZone Control Center, navigate to Policies.

    - Edit the policy and go to the Content Control section.

    - Enable Web Access Control and configure it to block access to known malicious websites.

    Additionally you should ensure that:

    Regular Updates and Scans are configured

    Ensure that your endpoints are regularly updated and scanned for malware:

    - Schedule regular updates for the Bitdefender Endpoint Security Tools.

    - Schedule regular full system scans to detect and remove any malware.

    Monitor and Respond to Incidents

    Use the GravityZone Control Center to monitor security incidents and respond promptly:

    - Navigate to the Network section to view the status of your endpoints.

    - Check the Incidents section for any alerts related to DNS-based malware.

    - Take appropriate action based on the alerts, such as isolating the affected endpoint or running a full scan.

    You can find more details about these features and modules in our product documentation: https://www.bitdefender.com/business/support/en/77209-77398-security-management.html#UUID-abc6460e-589b-b83d-1e0b-cbcef9ee7307

    Kind Regards,

    Andrei