Monitor DNS Security
You are here: Monitor > Statistics > DNS Security.
Domain Name System (DNS) Domain Generation Algorithm (DGA) generates seemingly random domain names that are used as rendezvous points with potential Command & Control (C&C) servers. DNS DGA detection uses machine learning models and known pre-computed DGA domain names to provide domain verdicts, which helps in-line DNS query blocking and sinkholing on SRX Series Firewalls.
Use this page to verify the statistics of DNS sessions, submissions, and ATP latency.
Table 1 describes the fields on the DNS Security page.
|
Field |
Description |
|---|---|
|
DNS Sessions |
|
|
Cache Hits |
Displays the number of cache hits (domain is present in the cache). |
|
Cache Misses |
Displays the number of cache misses (domain is not present in the cache). |
|
Permitted C2 Sessions |
Displays the number of permitted C&C (C2) sessions. |
|
Dropped C2 Sessions |
Displays the number of dropped C2 sessions. |
|
Sinkholes C2 Sessions |
Displays the number of sinkholed C2 sessions. |
|
DNS Submissions |
|
|
Successful Domain Submission |
Displays the number of successful domain submissions. |
|
Failed Domain Submission |
Displays the number of failed domain submissions. |
|
Received Safe Verdicts |
Displays the number of safe verdicts received by Juniper ATP cloud. |
|
Received C2 Verdicts |
Displays the number of C2 verdicts received by Juniper ATP cloud. |
|
Detected DNS Tunnels |
Displays the number of DNS tunnels detected. |
|
ATP Latency |
|
|
Average Latency |
Displays the average response time (in milliseconds) that Juniper ATP Cloud takes to provide a verdict to the SRX Series Firewall. |
|
Maximum Latency |
Displays the maximum response time (in milliseconds) that Juniper ATP Cloud takes to provide a verdict to the SRX Series Firewall. |
|
Minimum Latency |
Displays the minimum response time (in millisecond) that Juniper ATP Cloud takes to provide a verdict to the SRX Series Firewall. |