Extra Hands, Not Extra Headcount

Get More Info

Home DNS Services UltraDNS Resources White Papers DNSSEC Implementation Strategy

 


Neustar DNSSEC Implementation Strategy
DNSSEC Implementation Strategy

 

 

 

 

 

Introduction

DNS Security Extensions, DNSSEC, are a set of improvements to the DNS protocol to secure the transfer of its data. The extensions emerged from a threat analysis performed in the early 1990’s, developed under a US DARPA contract and began to be deployed originally via a US DISA contract that resulted in the release of BIND 9 in 2000. Fostering support for adoption of the extensions has been difficult and there have been several false starts. In the summer of 2008, however, a researcher demonstrated the severity of the threat, DNSSEC interest was renewed.

 

Although DNS is thought to be a client-server protocol, it really is a client-cache-server protocol, most data transiting at least one third party (a cache) along the way from server to client. The caches are vulnerable to “cache poisoning,” that is, accepting falsified responses. An unsuspecting visitor to the Internet may ask for certain website and land on another, a result of cache poisoning. DNSSEC is designed to address the issue of cache poisoning.

 

   

   

   

 

Related Links

 

Yankee Group Whitepaper Icon

The Business Case for Managed DDoS Protection

Enterprise Security Threats Are Growing in Size, Frequency and Sophistication. Today’s security professionals find themselves in a very different environment compared with even a few years ago.

Download Now

Via Twitter:

@sgabe I'm not sure I understand what you are asking. Can you clarify?

 

Ultra Blog - DNS Matters:

DDoS Attacks: Top Trends and Truths