Gabriel Security Platform White Paper

Gabriel Connection Technology™ Overview

All Internet communications today, uses an Internet Protocol (IP) address, which is a sequence of numbers, to determine where to send data packets destined for a specific device. The Domain Name System (DNS) was created to simplify reaching public domains by associating a network/IP address to a name for a specific device. The DNS relies on a process, network address resolution, to resolve a domain name into a specific IP address of the device where are all the data packets need to be sent. For example, a user accessing the Acme website would enter the domain name (www.acme.com) for the website. This domain name is sent to a DNS server, which either knows the corresponding IP address or forwards the request to a server, which knows its address.  When the address is found, it is returned to the requesting device. This process suffers from vulnerabilities which can make it susceptible to a number of security threats including Distributed Denial of Service attacks (DDoS), DNS cache poisoning, Registrar hijacking, etc.

Unlike traditional DNS, Gabriel Connection Technology™, mitigates these vulnerabilities, by using a private secure domain name (e.g. www.acme.scom™).  Gabriel Connection Technology™ enhances the step of network address resolution by automatically determining the need for initiating a Virtual Private Network (VPN) and setting it up automatically to the destination device.

Figure 1, illustrates how the Gabriel Connection Technology™ intercepts the domain name lookup before it is sent to the legacy DNS and determines if the network address resolution request involves a Secure Domain Name. If the domain name in the resolution request is determined to be a Secure Domain Name, a VPN is provisioned and automatically setup for secure communication between the requesting device and the destination (or target) device. The VPN uses a secure, private IP address, which is then returned to the user’s requesting application. This IP address is then used by the application to connect to the target device through a secure VPN link.  If the domain name lookup request is determined to be for an unsecure, legacy domain name then the request is forwarded to the legacy DNS.

 

security-platform-fig-1Figure 1 – Gabriel Connection Technology™

Click here to download the Gabriel Security White Platform Paper or use page navigation above to continue reading.