Doman Name System (DNS) handles translation of domain names and IP addresses for the enterprise. Because its data is served to and from the Internet, it is intended to be accessed by any computer in the world that is on the Internet. DNS security is mostly concerned with authenticating the source of the data and maintaining the integrity of the domain name data as it traverses the Internet.
Because DNS components can be the target of denial-of-service attacks, DNS security is extremely important. DNS deployments can be configured to prevent such attacks on DNS vulnerabilities. Our IT Download, “Secure Domain Name System (DNS) Deployment Guide,” presents guidelines on how to secure your DNS to subvert exploitative attacks.
The document contains information on:
- Securing Domain Name System
- DNS data and DNS software
- DNS transactions
- Threats and protection approaches
According to the document:
Currently, the DNS is not the target of most attacks, but as hosts become more security aware, and applications begin to rely on the DNS infrastructure for network operations, the DNS infrastructure will become a more tempting target. The ultimate goal for DNSSEC is full deployment across the entire domain tree that provides DNSSEC capabilities. Hence, the first step towards full deployment is to provide DNSSEC capability for domain subtrees that have high security needs.
DNS administrators and IT security will benefit from the detailed explanations included in this informative publication. Its 10 sections cover the complexities of DNS deployments and proper tactics to securing the DNS.