"With DNSBOX , administration can easily be passed on through business generations without worrying about maintaining lots of specialist local knowledge and the risk of losing it."
Network Manager, Telecoms Equipment Manufacturer
"DNSBOX was easy to deploy – it didn’t require much training to get started. The ApplianSys support engineers guiding us understood our technical requirements well – we were assured that we were in good hands."
Nokia Siemens Networks (NSN), USA
"DNSBOX’s in-built monitoring system shows physical device health and gives a clear picture of logical resources utilization."
Samson Oduor, Access Kenya, Kenya
"CACHEBOX is a great product with excellent support."
Manish Govindji, ZEE Communcations, Tanzania
"I so appreciate that you communicate so well with us. It’s unbelievable customer service!"
Sheri Peterson, IT Director, St Joseph Parish School, USA

Protect Against Cache Poisoning with DNSSEC

Many organisations want to introduce DNSSEC to protect against cache poisoning which can result in your users being misdirected to malicious websites and/or disrupt services that rely on DNS such as email and VOIP.

But implementing and managing DNSSEC can be complicated, costly and time-consuming:

  • All your zones need to be signed for DNSSEC to be effective – a big task for large networks
  • DNSSEC keys need to be stored securely so that they cannot be changed maliciously
  • Keys also need to be periodically updated – known as ‘key rollover’.
  • Additional DNSSEC steps in DNS resolution may introduce unwanted latency

Key rollover is particularly complex and requires very careful administration. If you get it wrong, keys which are no longer valid remain cached in other DNS servers around the world or are not synchronised with your own upstream servers. In such cases, clients using DNSSEC would be unable to resolve your records. With lots to know and manage, manual key rollover is incredibly error-prone.

DNSSEC-Screenshot-smYou need a solution that, like DNSBOX:

  • Automates DNSSEC key management and rollover
  • Automates zone signing for rapid implementation
  • Makes it easy to store DNSSEC keys securely
  • Uses a high performance resolver to mitigate the extra latency of DNSSEC requests

Next: Microsoft Integration >

Because DNSBOX is versatile and scalable, our customers around the world come in all shapes and sizes. ISPs, enterprises, government agencies and even internet registers simplify, control and protect their DDI services with DNSBOX.

How can we make your visit easier?


Give us a few details about your requirement and we'll make your life easier by serving the most relevant information.
I work in a...
I prefer to read...
GO