I would rate BlueCat Edge ten out of ten. Edge is my favorite BlueCat product that we use. Our typical maintenance routine involves updating BlueCat Edge whenever the company releases new versions and security patches. In the past, troubleshooting specific issues has occasionally required waiting for updates to external libraries used by BlueCat Edge. While waiting isn't ideal, it's important to understand that BlueCat relies on these libraries. During such times, we implemented workarounds until the necessary updates were available. Additionally, some major upgrades have required rebuilding our entire environment, which we accomplished through a batched virtual machine recreation process. This was necessary because the upgraded software involved significant technological changes, including a new underlying Linux version. The effectiveness of a next-generation firewall depends on its features. While some offer limited functionality, I'm satisfied with our current product's flexibility, improved log visibility, and strong security, especially its DNS features like tenant detection and global availability. However, there might be even better options out there. For instance, while web proxies can handle some modern threats, DNS security offers a more targeted approach. Overall, I wouldn't change BlueCat Edge unless a new option demonstrably surpasses its capabilities. For a new BlueCat Edge implementation, I'd prioritize high availability using an Anycast architecture. Even the best solution is useless if unavailable. Secondly, implement security features as early as possible to avoid later complications and permission requests. Finally, establish a schedule to review generated reports, take action on observations, and closely monitor infrastructure for optimal performance and availability.
Enterprise Architect at a financial services firm with 10,001+ employees
Real User
Top 20
2024-02-02T18:42:00Z
Feb 2, 2024
I would rate BlueCat Edge nine out of ten. BlueCat Edge will release optics patches which will require manual deployment by our IT team. Due to company policy, automatic updates are disabled, even though BlueCat Edge offers an auto-upgrade feature. This aligns with our general policy of avoiding automated tools in certain situations. DNS-specific security solutions offer the first line of defense by providing greater visibility and control compared to traditional methods like individual firewalls. Consolidating all DNS queries in a central location enhances effectiveness and simplifies management, making it superior to utilizing a basic firewall for DNS security, such as a Cisco firewall. I recommend completing the Edge homework. Make sure to understand the main list, name servers, resolution process, and similar concepts. It's also crucial to grasp the nature and function of caching. Remember, thorough understanding is key.
If a colleague said to me that their next-gen firewall and other security tools mean that they do not need a DNS-specific security solution, I would say that DNS is the heart and soul of your firewall to begin with. Without that, you are not going to know where things are coming and going. I am going back to the old adage. The company that I am with right now has been bought and sold a few times. Back in 2012, during the course of a sale, we were being spun off to a new entity. Nobody took into consideration DNS, and I raised my hand in the meeting with only six days to go to launch as a new entity and asked, "What are we doing for DNS?" I was told that they would just stand up a couple of servers and dump information there. I said no because DNS is not just a name and an IP. DNS goes way beyond that. There is so much more than that. You get management making decisions and people who do not understand solutions generalizing. Once they got the third-party company that was assisting in the transition involved, they started to see all the nuances of what DNS entails. They did not realize the complexities and should have had it on the tote board long in advance. That is the analogy I use for how general people do not understand the complexities of DNS. I would rate BlueCat Edge a solid nine out of ten just for the fact of how well it provides ease of use and time savings for us. We can also use Edge endpoints wherever we need to deploy them. The reason why I am not giving it a ten out of ten is that it is always a work in progress.
BlueCat Edge is an intelligent DNS resolver and caching layer that leverages existing DNS infrastructure to provide unprecedented visibility and control over DNS traffic. As a first hop DNS resolver, BlueCat Edge intelligently manages DNS forwarding rules and logs all queries to offer intuitive analytics and data governance. By monitoring all queries and IP addresses with BlueCat Edge, enterprises can also leverage BlueCat’s advanced Threat Protection and policy-based network/security...
I would rate BlueCat Edge ten out of ten. Edge is my favorite BlueCat product that we use. Our typical maintenance routine involves updating BlueCat Edge whenever the company releases new versions and security patches. In the past, troubleshooting specific issues has occasionally required waiting for updates to external libraries used by BlueCat Edge. While waiting isn't ideal, it's important to understand that BlueCat relies on these libraries. During such times, we implemented workarounds until the necessary updates were available. Additionally, some major upgrades have required rebuilding our entire environment, which we accomplished through a batched virtual machine recreation process. This was necessary because the upgraded software involved significant technological changes, including a new underlying Linux version. The effectiveness of a next-generation firewall depends on its features. While some offer limited functionality, I'm satisfied with our current product's flexibility, improved log visibility, and strong security, especially its DNS features like tenant detection and global availability. However, there might be even better options out there. For instance, while web proxies can handle some modern threats, DNS security offers a more targeted approach. Overall, I wouldn't change BlueCat Edge unless a new option demonstrably surpasses its capabilities. For a new BlueCat Edge implementation, I'd prioritize high availability using an Anycast architecture. Even the best solution is useless if unavailable. Secondly, implement security features as early as possible to avoid later complications and permission requests. Finally, establish a schedule to review generated reports, take action on observations, and closely monitor infrastructure for optimal performance and availability.
I would rate BlueCat Edge nine out of ten. BlueCat Edge will release optics patches which will require manual deployment by our IT team. Due to company policy, automatic updates are disabled, even though BlueCat Edge offers an auto-upgrade feature. This aligns with our general policy of avoiding automated tools in certain situations. DNS-specific security solutions offer the first line of defense by providing greater visibility and control compared to traditional methods like individual firewalls. Consolidating all DNS queries in a central location enhances effectiveness and simplifies management, making it superior to utilizing a basic firewall for DNS security, such as a Cisco firewall. I recommend completing the Edge homework. Make sure to understand the main list, name servers, resolution process, and similar concepts. It's also crucial to grasp the nature and function of caching. Remember, thorough understanding is key.
If a colleague said to me that their next-gen firewall and other security tools mean that they do not need a DNS-specific security solution, I would say that DNS is the heart and soul of your firewall to begin with. Without that, you are not going to know where things are coming and going. I am going back to the old adage. The company that I am with right now has been bought and sold a few times. Back in 2012, during the course of a sale, we were being spun off to a new entity. Nobody took into consideration DNS, and I raised my hand in the meeting with only six days to go to launch as a new entity and asked, "What are we doing for DNS?" I was told that they would just stand up a couple of servers and dump information there. I said no because DNS is not just a name and an IP. DNS goes way beyond that. There is so much more than that. You get management making decisions and people who do not understand solutions generalizing. Once they got the third-party company that was assisting in the transition involved, they started to see all the nuances of what DNS entails. They did not realize the complexities and should have had it on the tote board long in advance. That is the analogy I use for how general people do not understand the complexities of DNS. I would rate BlueCat Edge a solid nine out of ten just for the fact of how well it provides ease of use and time savings for us. We can also use Edge endpoints wherever we need to deploy them. The reason why I am not giving it a ten out of ten is that it is always a work in progress.
Do proper research and then get pricing. Overall, I'd rate it an eight out of ten.
Overall, on a scale from one to ten, I would give this solution a rating of six.