TERILOGY momenutm Case Study

momentum Solves DNS Monitoring Problem For Large ISP Firm

The creative Security monitoring Tool

One of the largest ISP based in the Taiwan, this firm

serves over 10 millions of customers in Taiwan, including

individuals, institutions.

Challenge:

• Monitoring the traffic of large) number of DNS servers

• Precision Burst analyst

• Constant DNS attack

Resolution:

DNS Traffic Visibility from momentum DNS viewer

Benefits:

• Capture and Record all packets

• DNS Reporting capability independent from specific

DNS software vendor

• Support historical trend of DNS traffic with one second

granularity.

• Detect the attack with traffic trend or domain statistic

This organization maintains a large, complex, mission-critical DNS servers

that require constant monitoring for security, performance, and capacity. It

had deployed a wide variety of different network monitoring and security tools,

including syslog analysis system , IPS

In some cases, collecting the syslog from DNS servers for analyzing, it is

hard to get detail information to find what happened in the DNS traffic burst,

what is the root reason for slow response time or security incident.

By deploying the momentum DNS viewer in the network, it gives visibility the

trend of DNS traffic and drill down the root reason from pcap, and analyze the

traffic burst from the one second granularity pcap

Eventually, the IPS deployed in the front of DNS Servers, when DNS attack

happened, it is difficult to grasp the attack detail information before it affects

the DNS servers performance.

momentum DNS viewer find the attack from the traffic trend and pcap

analysis, and to apply the countermeasure to reduce the minimum DNS

servers performance impact

Copyright © 2016 Terilogy Co., Ltd. All Rights Reserved.