What makes Infoblox stand out from other organizations offering cyber attack defenses? That's the question Cherif Sleiman, Infoblox's MEA general manager, addressed when he recently spoke to Telecom Review. ""All we ever hear about today is cybersecurity this and cyber security that,"" he said. ""In fact, companies that have nothing to do with cybersecurity are marketing themselves under cybersecurity which makes things confusing."" What sets Infoblox apart from other security firms, he explained, is the way it acts as an invisible layer that blocks access to hackers.
Infoblox is unique in the way it does things that other cybersecurity players don't. The company is headquartered in Silicon Valley, but operates around the world. It sells itself as having the ability to control and secure networks from the core, using one unified platform including DNS, DCHP and IPAM (DDI). The company has grown its presence in the Middle East, where it recently displayed an impressive stand at Dubai's GITEX Technology Week 2016. Speaking to Telecom Review, Cherif outlined the company's important role as a silent defender against hackers.
""When you look back 20 years ago at the security landscape, one of the things that we used to dread were viruses,"" he said. ""When a network was attacked by a worm or a virus, it was a really big deal. Those days are behind us now with anti-virus and personal firewalls, and all kinds of protection at the client level. But what we've seen is the attacks move to the network level. There, we've been able to use protocol tunneling and other solutions to exploit the network. We've come a long way since then as well. We have firewalls and vendor-firewalls; firmwares are hardened for switches, routers and firewalls; ACLs have shipped by default and we've kind of locked down the network.""
""We have seen the attacks and the focus of the 'bad guys' move to the application layer,"" Cherif added. ""There we have seen a multi-billion dollar industry get formed, with the likes of F5 and Citrix, Bluecoat, Palo Alto and others that focus on protecting the L4-7 services which is where the applications are. The latest innovation there is the web application firewall, and we continue to focus on hardening the HTTP because it's the protocol that fundamentally runs the world and commerce.""
Eighteen months ago, Cherif explained, hackers, which basically run their own industry and their own innovation, scored big time against the ""good guys"" - the ""innovators for the good"" he said. They now use DNS as the number one threat vector for exploiting and attacking a network. What's bad about DNS is that it is trusted by every network and every security device. The minute you shut-down or block DNS, said Cherif, there will be no economic value added in the digital economy because users can't access users or talk to applications, applications can't talk to applications, and business processes as we know them would stop working.
""How do the security landscape solutions that you deploy from traditional security vendors protect against something that they trust to begin with? Infoblox is the security layer that addresses such gaps,"" said Cherif. ""It does wire-line, wire-speed, machine-learning analytics on DNS and DPI, and can address behavioral zero-day breaches and exploits, as well as very tough attacks. It ultimately gives you the best of both worlds by offering not only protection, but also identification of whom, when, where, why; and can safeguard a digital network from such exploits that are not addressed by the other vendors.""
Another area where Infoblox is unique comes in its Eco System security integrations which come under its corporate social responsibility. Cherif said today organizations are fed up with the fact that buying best-of-breed siloed-layers of security no longer works because hackers are able to exploit the gaps between these layers. Therefore, Infoblox has been innovating the past 12 months to create an incredible amount of linkages in the entire ecosystem and does not charge much for such critical integrations.
""What are the first three things you do when you log-in?"" he asked. ""You plug your machine into a network, then you log-in, then perhaps check your email and then fire up your browser. The fact that the machine plugs into the network and gets an IP address from DCHP - that is Infoblox. The fact that you log-in with your active directory, username and password - the active directory service needs to connect to a database and to authenticate it uses DNS - that is Infoblox. The fact that you fire up your email, your email client to connect to your email service needs DNS - that is Infoblox. When you fire up your browser to access an internal or external application, it requires DNS - that is Infoblox.""
Infoblox is the first thing that a user encounters, but they don't know that Infoblox is there. Where it sits on the network is powerful and important. Infoblox knows who, where, what and can determine the machine you're accessing information from, as well as its location. If, for example, Infoblox takes all of this information and passes it on to Cisco, Palo Alto, Fortinet or Microsoft and many other players, they can provide a lot more value than they can do on their own.
The rising flood of malware and DDoS attacks
""There is no doubt that we have transitioned from an era where people would attempt to penetrate someone's network for fun just to see if they can do it. We are now in an era that is a lot more dangerous, because today, cybercrime is an industry,"" Cherif said, adding that for hackers, it's not just about bringing your network down; it's about stealing data, intellectual property and sensitive documents. It is about the monetization of this stolen data.
From that perspective, this is driving innovation in the ""bad world"" because there is an incredible amount of economic gain from it. Cherif believes we will continue to see this ""cat and mouse"" game for the next few years, and it will continue to surpass any analyst predictions.
""In MEA - specifically the Middle East - we expect cybercrime and cyber-warfare to grow at a much higher rate than the rest of the world, and that is due to the geopolitical conflicts between the nations,"" Cherif explained. ""In this region, there is no nation that particularly likes another nation; and cyber-warfare is the way they are handling their conflicts. From that perspective, we expect this to rise.""
Infoblox exists to defend against these trends. It has focused on malware and exploits specifically as they come in, for example via DNS, and other protocols that Infoblox addresses. The company guarantees safety and aids its customers to accelerate adoption by creating outside awareness, such as investing in GITEX. It costs a lot of money to showcase at GITEX as a platform to create awareness and know-how by showcasing solutions. But more importantly, Infoblox is focused on creating new consumption models such as SaaS that fast-forward customers' adoption.
""Previously, if you wanted to purchase a firewall, you had to go out and purchase one. If you wanted to buy security, you had to purchase a bunch of products and architect the things yourself. What's more, skills in this region when it comes to security, according to analysts, are not highly available,"" said Cherif. ""Sometimes you need security right now and want to be secured fast. You may not have time to train your people, or have the capital expenditure to buy within a certain budget cycle. How do you do that?""
He said Infoblox has taken the ""best-of-breed"" and uniqueness of the company, to deliver those types of security using its cloud. This has positioned Infoblox as an expert to keep an eye on things so that customers don't have to. Infoblox acquired a company called IID which is a leader in machine readable threat intelligence, and provides threat intelligence for Homeland Security and big energy customers.
""Now that this is inside Infoblox, it gives us a lot of research and data analysts who can provide an incredible amount of threat intelligence that we will not only feed to Infoblox, but also to other ecosystem players like Palo Alto, Cisco, Fortinet etc.,"" said Cherif. ""This gives us more of a unified policy and management when it comes to battling cybercrim