"We benefit from the secure protocol, IPSEC, between the master and slaves at our hosting centres"
Mike Bird, IT Director, DHL, UK
"With DNSBOX we now have a hardened and easily managed solution not to mention the savings in space, electricity and cooling"
John Calisi, IT Manager of Operations, Tennessee Board of Regents, USA
"ApplianSys has made managing our DNS amazingly simple. Once the boxes were up and running, it was a case of ‘set it and forget it’..."
Matt Niswonger, Techician at UltraTech Resources, USA
"With DNSBOX our speed of response has improved dramatically. Previously, if a business unit set up a website, we would have to..."
Jonathan Guthrie, Networks Manager, CMPi - United Business Media, UK
"We needed to take DNS management in-house in a hurry. Without DNSBOX, we'd have been looking at several weeks"
Mike Bird, IT Director, DHL, UK

Protect Against Cache Poisoning with DNSSEC

DNSSEC protects against Man in the Middle and cache poisoning attacks, which can misdirect your users to malicious websites and/or disrupt your email and VOIP services. These attacks are designed to compromise private data, often with catastrophic consequences for enterprises:

  • Theft using stolen passwords/credentials for financial services
  • Damage to customer trust and your brand
  • Loss of valuable intellectual property
  • Fines from violation of regulatory compliance such as data protection

Service Providers have been slow to implement DNSSEC and many businesses would benefit from deploying it themselves. But implementing and managing DNSSEC can be complicated, costly and time-consuming:

  • All your zones need to be signed for DNSSEC to be effective – a big task for large networks
  • DNSSEC keys need to be stored securely so that they cannot be changed maliciously
  • Keys also need to be periodically updated – known as ‘key rollover’.
  • Additional DNSSEC steps in DNS resolution may introduce unwanted latency

Key rollover is particularly complex and requires very careful administration. If you get it wrong, keys which are no longer valid remain cached in other DNS servers around the world or are not synchronised with your own upstream servers. In such cases, clients using DNSSEC would be unable to resolve your records. With lots to know and manage, manual key rollover is incredibly error-prone.

DNSSEC-Screenshot-smYou need a solution that, like DNSBOX:

  • Automates DNSSEC key management and rollover
  • Automates zone signing for rapid implementation
  • Makes it easy to store DNSSEC keys securely
  • Uses a high performance resolver to mitigate the extra latency of DNSSEC requests

Next: Microsoft Integration >

Because DNSBOX is versatile and scalable, our customers around the world come in all shapes and sizes. ISPs, enterprises, government agencies and even internet registers simplify, control and protect their DDI services with DNSBOX.

How can we make your visit easier?

Give us a few details about your requirement and we'll make your life easier by serving the most relevant information.
I work in a...
I prefer to read...