October Updates – Category and Record Type Insights Tabs with Drill Down Actions
We have several exciting updates to cover regarding our Insights and data views. These updates help bring further visibility with greater detail than any other solution on the market. In August we released TLD views alongside the Domain Insights tab. We are now happy to release the Category and Record type TLD tabs along with a first ever in the DNS filtering space, full message response inspection on every query. We have also improved browsing of the insight tab by using full page with breadcrumb navigation to allow better viewing.
Here are the changes:
New Insights Category Sub Tab
We have always shown the top 5 allowed and 5 blocked categories on our main dashboard. With the new category insights sub tab, you can now see all of the categories queried over a selected time period with aggregate view counts. Now, you can select any category from this view and choose to see the associated Domains or jump straight into the related logs. If you have chosen to view the domains that make up the aggregate counts, you can then further drill down to the log data for a specific domain.
In this view we can select Show Domains to show us all domains that resolve with this category in the selected time period.
Now, viewing all related domains, we can choose to take further actions. We can add any to allow or block list directly from this view, or we can select Show Logs which will bring up a new view displaying all log data related to this domain for the given time period.
We now see the detailed logs pertaining to the selected domain and time period. Here we can take actions such as adding to allow or block lists, or we can select “Inspect’ to view the full RDATA and message response. We will cover this further in a different post.
New Insights Record Type Sub Tab
The Record Type insights sub tab allows administrators the ability to view all DNS query activity by their DNS record types with aggregate usage counts. This view is incredibly useful for keeping a closer look on the DNS record level activity taking place on your network allowing for further inspection of unexpected or suspicious activity. Similar to the pervious insights tabs including Category Insights tab as described above, administrators can drill down further into any record type by selecting Show Domains or Show Logs.
Once we have drilled down to a specific domain and viewed the related logs, we can take actions such as adding to allow/bock lists, or we can inspect the message response. We will cover this feature further in another post.
Stay tuned, there are more great updates to come as we continually improve DNS layer visibility for network administrators. If you are interested in gaining this level of visibility into your DNS layer activity and wish to improve your cybersecurity footprint try us out or give us a call.