DNS Security (DNSSEC) Solutions
Streamline DNSSEC and ensure high availability for globally distributed applications
DNS cache poisoning and other DNS attacks can compromise your local DNS (LDNS) servers and make it possible for hackers to hijack DNS responses, redirect clients to malicious sites, and access private information. Traditionally, deploying DNS security (DNSSEC) services has involved complex and expensive manual provisioning of encryption keys that validate response authenticity. In addition, organizations have had to choose between the high availability of global server load balancing (GSLB) and the security of DNSSEC because DNSSSEC architecture did not support intelligent GSLB systems.
F5 takes the only approach to DNS security that enables organizations to deploy DNSSEC quickly and easily into an existing GSLB environment. F5 streamlines encryption key generation and distribution by dynamically signing DNS responses in real-time. And F5 combines this DNSSEC technology with GSLB to provide high availability, maximum performance, and centralized management for applications running across multiple and globally dispersed data centers.
Why do I need DNS security?
Business benefits of using F5 for DNSSEC include:
- Strong DNS security.F5 ensures that DNS responses cannot be modified by rogue DNS servers, so clients get validated, trusted DNS responses that direct them to application sites.
- Compliance with government DNSSEC regulations.F5 delivers secure and dynamic DNS responses to help you comply with regulatory mandates.
- Optional FIPS key security.F5 provides the option to deploy military-grade key security using FIPS hardware cards.
- Simplified implementation and reduced management costs.With a onetime, three-step process, you can create automatic key policies that eliminate routine DNSSEC management tasks and reduce management costs.
High availability and performance.
Intelligent global traffic management routes clients to the best-performing resource to ensure fast application responses and high availability.