OpenVPN Blog

Introducing DNS Log for CloudConnexa

Written by Mollie Horne | Dec 13, 2024 11:21:31 PM

When it comes to cybersecurity, visibility is key. That’s why we’re excited to announce the beta release of DNS Log, a powerful new feature designed to give CloudConnexa administrators deeper insights into user activity, enhance security compliance, and strengthen threat prevention efforts.

New to CloudConnexa? You can get started for free today — with instant access to all features, no credit card required. 

What is DNS Log for CloudConnexa?

DNS resolution is the process of converting a website’s domain name (e.g., example.com) into an IP address (e.g., 192.0.2.1). Whenever you type a URL into your browser, DNS translates that domain name into an IP address so your device can access the site.

DNS resolutions can either be system-initiated (typically to facilitate background operations) or user-initiated (e.g. web browsing, sending an email, etc.).

DNS Log records all DNS resolution requests made by users, hosts, networks, and devices connected to CloudConnexa. This comprehensive logging enables administrators to monitor web activity — from domains accessed to those blocked or failed — and provides the tools to investigate unusual patterns, improve security policies, and troubleshoot connectivity issues.

What are the key features & benefits of DNS Log?

Bar chart visualization 

Visualize the volume of DNS resolution requests over time, instantly identifying days with abnormal activity. Spikes in blocked DNS resolution requests could indicate potential threats worth investigating.

Domain traffic insights 

For each registered domain, see the total count of DNS resolution requests categorized as “Allowed,” “Blocked,” or “Failed.” These insights help pinpoint high-traffic domains or those with frequent failed requests, potentially indicating unsanctioned SaaS usage.

Subdomain breakdown

Get granular detail on each subdomain's DNS request outcome and reply. Drill down into subdomains to uncover unusual activity and hold users accountable for unauthorized access. Investigate the DNS replies for insights that make troubleshooting connectivity issues easier.

Log filtering

Filter logs to focus on the domains and subdomains that matter most, hide irrelevant data, and save time.

What sets DNS Log apart?

Expanded visibility

When it comes to better understanding user activity, some of our competitors default to monitoring only users' web activity. But limiting visibility to just registered domains and subdomains means excluding private applications and other web resources — and an increased risk for you.

Meanwhile, DNS Log tracks all DNS resolutions — including private applications and other web resources — giving administrators unparalleled visibility. By pairing high-level visualizations with detailed logs, DNS Log makes it faster and easier to spot anomalies, address potential issues, and reduce their attack surface even further.

The best of both worlds: high-level insights and granular detail

In addition to giving admins the ability to drill down into their data for granular details, DNS Log also makes it easier and faster for admins to get high-level insights for more information. 

With DNS Log, admins don't have to tediously analyze the log data alone. Instead, they can look to high-level insights to immediately spot days with an abnormally high volume of blocked DNS resolution requests — potential opportunities for further investigation.

Native integration with Log Streaming

Additionally, DNS Log is designed to eventually integrate seamlessly with Log Streaming, allowing administrators to effortlessly push their log data to their SIEM for streamlined audit processes.

Use cases for DNS Log

  • Update your cybersecurity policy: Add inappropriate domains to your Cyber Shield Block List or modify Access Groups to manage sensitive resources effectively, thereby reducing the risk of malware and unnecessary data exposure.
  • Detect malicious actors: Pinpoint users responsible for a high volume of blocked DNS requests, and hold them accountable for unusual activity, such as attempts to access inappropriate or sensitive resources.
  • Troubleshoot faster: Use DNS replies to diagnose and resolve failed resolution requests. Doing so can unlock insights that help resolve connectivity issues faster.
  • Ensure compliance: Monitor user activity to ensure they only access permitted domains that comply with your organization’s policies around acceptable use. This is especially valuable for teams required to comply with standards like SOC 2 or ISO 27001 — or those who operate under GDPR or HIPAA.

How do I get started with DNS Log?

Getting started with DNS Log is simple. Follow these steps:

  1. Navigate to API & Logs in the menu on the left.
  2. Click DNS Log and select Enable.
  3. Filter your DNS Log by domain name or IP address to focus your investigation.
  4. Export your DNS Log data as a .csv file for further analysis.

Want to see how it works via an online walkthrough? Click the button below to check out our interactive demo of DNS Log. 

Need more assistance? Our support team is available to answer any questions you might have.

Strengthen your security posture today with DNS Log

With DNS Log, CloudConnexa takes another step forward in helping organizations maintain robust cybersecurity strategies. Whether you're updating your policies, detecting threats, or ensuring compliance, DNS Log equips you with the insights needed to act with confidence.

Ready to unlock greater visibility into your network activity? Enable DNS Log now and take your security to the next level.

New here? Ready to take your business to the next level with CloudConnexa? Work from anywhere and from any device with confidence. Create an account today for three free connections.