BlueCat Edge operational best practices - BlueCat Edge - Service Point v4.x.x

BlueCat Edge Deployment Guide

Locale
English
Product name
BlueCat Edge
Version
Service Point v4.x.x

BlueCat Edge service point monitoring and troubleshooting

During the course of operation, there is little need to monitor the service points. service points respond to PING, polled for access to UDP/TCP port 53, and also have a helpful URL which can be used to monitor their status:

  • http://{SPv3 IP address}:80/v1/status/spDiagnostics Review more detailed information about a Service Point v3 instance.
  • http://{SPv4 IP address}:8083/api/v1/diagnostics Review more detailed information about a Service Point v4 instance.

The BlueCat service operations cloud has visibility into all micro-services for the service points and BlueCat Edge Clouds, and all activity is logged for troubleshooting purposes. System monitoring is being completed by cloud native tools managed by the BlueCat cloud operations team.

Incident response considerations

BlueCat Edge provides great visibility into client DNS traffic, incorporating BlueCat Edge policy application into your existing incident response process. BlueCat Edge makes it easy to respond to security events such as anomalous traffic, or suspicious or malicious behavior detected by BlueCat Edge. BlueCat Edge can immediately blocklist websites or individual clients. Individual clients can be redirected to a remediation site or a warning site.

BEST PRACTICE: Define an operational process to address security concerns identified by BlueCat Edge.