Implementation of a Hostname Cache that holds DHCP Hostname events that can be used to enhance existing Host identification with the addition of more user friendly hostnames.
Hostname resolution enables the analyst to more easily identify hosts by their (typically) human readable name without performing an additional manual lookup. Having the hostnames available also assists in the identification of rogue devices and in the attribution of threats.
Identifying hosts is key to any network security product. Our hostname cache ensures analysts can track host activity regardless of dynamic IP.
Using this information we’re able to more easily pick up unauthorised, new, or forgotten devices connected to the network that may be vulnerable to attack. This also enhances our ability to monitor lifecycles of potentially malicious behaviour especially if the malicious activity extends beyond the IP lease period for the network.
This update is sensor based, and will be pushed to all managed customers at the pre-agreed upgrade time. Self-monitored customers can update their own sensors using the software upgrade process. If you have any further questions about this upgrade please contact us at firstname.lastname@example.org