DNS Security

The original design of the Domain Name System (DNS) did not include any security details; instead, it was designed to be a scalable distributed system. The later Domain Name System Security Extensions (DNSSEC) standard seeks to address this by adding security, while maintaining backward compatibility. DNSSEC was designed to protect applications (and caching resolvers serving those applications) from using forged or manipulated DNS data, such as that created by DNS cache poisoning.

DNSSEC can protect any data published in the DNS, including text records (TXT), mail exchange records (MX), and can be used to bootstrap other security systems that publish references to cryptographic certificates stored in the DNS such as Certificate Records (CERT record), SSH fingerprints (SSHFP), IPSec public keys (IPSECKEY), and TLS Trust Anchors (TLSA).

  • EfficientIP – DNS Security

    by Efficient IP

    EfficientIP provides hardware & software appliances to manage IP addressing schemas and to deliver DNS/DHCP services in a fully integrated solution. EfficientIP brings a new approach to managing IPAM, DNS and DHCP services at the architecture level with Plug-and-Play technologies to deliver secured and highly available services. Unlike products from most competitors, multiple services can all be run on a single unit.

    EfficientIPs SOLIDserver™ supports all the required resource records to deploy and provide DNSSEC. EfficientIP is fully compliant with RFCs related to DNSSEC, critically IETF RFCs 4033, 4034, 4035 and 5155.

  • Bluecat – DNS Security

    by BlueCat

    BlueCat Networks is an industry-leading provider of IPAM solutions. BlueCat supports integration of DNS and DHCP services, as well as overlay support for Microsoft DNS/DHCP services via its Address Manager appliances. Products are available as virtual or physical appliances, and can also be run on existing network infrastructure, including the Citrix NetScaler SDX ADP, and routers from Cisco and HP.

    Bluecat’s implementation of the Domain Name System Security Extensions (DNSSEC) is built around Industry Standards – critically IETF RFCs 4033, 4034, 4035 and 5155.

  • “IP Performance have worked as a trusted networking and cyber security partner with SCCB for many years. I highly recommend IP Performance. The team are highly responsive and extremely knowledgeable. Their networking and security solutions provided to us are well designed to meet our specific needs and the pricing is always very competitive. I have full trust in IP Performance to help us keep our IT systems at SCCB resilient, efficient, and secure.”

    Dave Birks, IT Services,
    South and City College Birmingham