Virtual DNS Protects and Supercharges DNS Servers, Mitigating one of the Most Common Infrastructure Vulnerabilities—Distributed Denial of Service Attacks (DDoS)

March 12, 2015

4 Min Read

PRESS RELEASE

SAN FRANCISCO, March 10, 2015—CloudFlare, the leading Internet performance and security company, today launched Virtual DNS to protect and accelerate any organization’s DNS infrastructure. DNS is the Internet’s address book, and every query on the Internet begins with a DNS lookup. The performance and security of an organization's DNS infrastructure is therefore critical. Virtual DNS boosts the security, global availability, and speed of DNS responses without requiring organizations to make disruptive changes to their legacy DNS infrastructure.

“Virtual DNS is a lifesaver for anyone managing their own legacy nameservers. Hosting providers and large enterprises are stuck between a rock and a hard place: on one hand, they struggle to keep up with the performance and security challenges of running their own DNS infrastructure while, on the other, their legacy DNS infrastructure is nearly impossible to replace without costly disruption,” explained Matthew Prince, co-founder and CEO of CloudFlare. “With Virtual DNS, organizations get the performance, security, and high availability of CloudFlare’s global DNS network with no disruption and no change to their existing infrastructure.”

DNS infrastructures are increasingly becoming the target of cyber attacks. The latest DNS based DDoS attacks mitigated by CloudFlare have exceeded 500Gbps with more than 250 million seemingly valid DNS queries. Traditional DDoS scrubbing hardware and services are useless in the face of these attacks, meaning that until now there has been no way for organizations to avoid downtime if they are targeted. Virtual DNS stops attack traffic at CloudFlare’s edge—blocking traffic before it reaches a company’s nameservers—so even legacy infrastructure is safeguarded.

Industry-leading cloud hosting provider, DigitalOcean, was an early beta customer of Virtual DNS and has been using the service since July 2014. Since every request on the Internet begins with a DNS query, faster DNS responses mean quicker page loads and happier customers.

“DigitalOcean answers 10,000 DNS queries every second, and CloudFlare makes sure that it’s 100 percent clean,” said Sam Kottler, platform engineer at DigitalOcean. “CloudFlare’s Virtual DNS is exactly what we need to protect our DNS infrastructure and  ensure that we are always fast and always online, anywhere.”

Dan Kaminsky, DNS security expert and chief scientist and co-founder of White Ops, agrees: “CloudFlare is addressing a critical issue at the foundation of the Internet.” Kaminsky said, “Internet users depend on DNS to be both highly available and accurate. CloudFlare’s DNS stack, including Virtual DNS and DNSSEC, is already a reality for more than 35 percent of domains using managed domain nameservers.” 

With CloudFlare’s Virtual DNS, records stay on an organization’s nameservers. More than 30 enterprises participated in CloudFlare’s beta. Beta participants were protected from all attacks, and their DNS performance increased by 50 percent. “We’re opening up a new door for organizations that were unable to make changes to their legacy infrastructure,” said Olafur Gudmundsson, long time contributor and DNS Working Group chair at the IETF and now a systems engineer at CloudFlare focused on DNS and DNSSEC development. “Virtual DNS gives organizations a global, battle-tested DNS shield in front of their existing operations.”

Virtual DNS is currently available to CloudFlare Enterprise customers, hosting providers, and large DNS operators.

 

Additional Resources

●      VirtualDNS

●      DigitalOcean Case Study

●      (Blog) Announcing Virtual DNS

 

\# #

About CloudFlare

CloudFlare, Inc. (www.cloudflare.com / @cloudflare) makes sites lightning fast, protects them from attacks, ensures they are always online, and makes it simple to add web apps with a single click. Regardless of size or platform, CloudFlare supercharges websites with no need to add hardware, install software, or change a line of code. The CloudFlare community gets stronger as it grows: every new site makes the network smarter. More than 5 percent of global Web requests flow through CloudFlare's network; every month more than 1.8 billion people experience a faster, safer, better Internet. CloudFlare was recognized by the World Economic Forum as a Technology Pioneer, named the Most Innovative Network & Internet Technology Company for two years running by the Wall Street Journal, and ranked among the world's 50 most innovative companies by Fast Company. CloudFlare has offices in San Francisco, California, USA and London, UK.

Keep up with the latest cybersecurity threats, newly discovered vulnerabilities, data breach information, and emerging trends. Delivered daily or weekly right to your email inbox.

You May Also Like


More Insights