Network security software for monitoring, alerting, and archiving DNS and DHCP transactions to enhance visibility and cyberthreat intelligence.
Vendor
Cygna Labs
Company Website
Cygna DDI Guard is a software solution designed to monitor, collect, and archive DNS and DHCP transaction data across distributed network environments. It provides real-time and historical visibility into DDI (DNS, DHCP, IPAM) activity, enabling organizations to enhance network security, support forensic investigations, and improve operational troubleshooting. The system forwards filtered DDI data to third-party SIEM platforms, generates alerts for suspicious activity, and supports compliance and regulatory data retention requirements. Cygna DDI Guard installs on dedicated appliances or on servers running Rocky Linux or Windows 2022, supporting both physical and virtualized network infrastructures.
Key Features
Comprehensive DDI Monitoring Monitors DHCP and DNS transactions at both summary and packet levels.
- Captures both queries and responses
- Provides real-time and historical transaction visibility
SIEM Integration & Data Filtering Forwards filtered DHCP/DNS activity to third-party SIEM systems.
- Customizable filtering to reduce irrelevant data
- Minimizes SIEM ingestion costs
Alerting & Threat Detection Generates alerts for suspicious DNS/DHCP activity.
- Alerts via SNMP or email
- Detects rogue devices and malware indicators
Flexible Data Retention Supports centralized, regional, or local archiving of transaction data.
- Deployable archives for scalable retention
- Automated rollover for data management
Minimal Performance Impact Captures detailed transaction data with low impact on server performance.
- Suitable for hardware, virtual, or cloud environments
Benefits
Enhanced Network Security Improves detection and response to cyber threats at the DDI layer.
- Identifies suspicious or unauthorized activity
- Supplements cyberthreat intelligence repositories
Operational Efficiency Facilitates troubleshooting and forensic investigations.
- Provides granular visibility into network events
- Aids in verifying provisioning and server changes
Regulatory Compliance Supports compliance with security and data retention policies.
- Flexible deployment for various retention needs
- Centralized management of critical DDI data