Available immediately for new and existing customers of Akamai’s Enhanced Domain Name System (EDNS) offering, the service provides ease-of-implementation and management of DNSSEC, helping customers avoid common do-it-yourself (DIY) challenges. In addition, by leveraging Akamai’s distributed architecture, customers can deliver optimized performance for newly supported DNSSEC traffic along with standard Domain Name System (DNS) traffic.
Originally invented in 1983, DNS was designed to be scalable and distributed, but not necessarily secure, making it vulnerable to cache poisoning, data forgery, and other attacks. DNSSEC was developed to make DNS more secure, using digital signatures to establish authenticity and integrity of DNS data.
As one of the largest producers and providers of DNS services, Akamai is working with several forward-looking U.S. government agencies, including the International Broadcasting Bureau (IBB), to provide fully-managed DNSSEC support.
“As sophistication of cyber crime increases it is critical for us to have support for secure DNS capabilities,” said John Johnson, IT Director, IBB. “With Akamai’s DNSSEC support, IBB is meeting an OMB directive, and as a result, providing increased confidence of protection from cache-poisoning attacks without compromising on website performance or increasing our infrastructure costs.”
Offered in two modes, “sign and serve” or “serve only,” Akamai’s DNSSEC support service offers customers the flexibility to choose different levels of support based on their specific needs. For example, customers that want to fully outsource their key management process can select the “sign and serve” option, which is as simple as checking a box on the Akamai EdgeControl portal. Alternatively, customers that prefer to manage their signing independently can select the “serve only” option.
For additional flexibility, Akamai’s DNNSEC support service allows agencies to meet the OMB mandate even if the primary name server (master name server) is not DNSSEC ready. Alternatively, if DNSSEC has already been implemented, agencies can utilize Akamai’s EDNS service and leverage the global reach, scalability, security, and reliability of Akamai’s DNS infrastructure while maintaining compliance.
“Akamai’s DNNSEC support service represents an important step in our continued commitment to meet the most complex cloud security challenges for applications and websites,” said Willie Tejada, Vice President, Application and Site Acceleration, Akamai. “Without having to lose focus of their core missions, U.S. government agencies can now leverage Akamai services to help them comply with the OMB mandate while benefitting from the global reach of Akamai’s massively distributed platform.”
In addition to government agencies, businesses and other organizations can also leverage Akamai’s DNSSEC service to thwart attacks by DNS impersonators and rogue DNS servers. “Although it has been a decade since the first widely-accepted DNSSEC standard was published, we believe it is gaining traction with .gov and .org signed and with the announcement to fully deploy DNSSEC by the Root Zone operators,” said Thomas Ruff, Vice President of Sales, Public Sector, Akamai. “We have seen considerable interest from government agencies that are seeking a fully-managed service to provide expanded support for secure DNS functionality.”
For more information about Akamai’s Enhanced DNS service and the new DNSSEC support offering, please visit (http://www.akamai.com/html/technology/products/enhanced_dns.html).
Akamai' provides market-leading, cloud-based services for optimizing Web and mobile content and applications, online HD video, and secure e-commerce. Combining highly distributed, energy-efficient computing with intelligent software, Akamai’s global platform is transforming the cloud into a more viable place to inform, entertain, advertise, transact and collaborate. To learn how the world’s leading enterprises are optimizing their business in the cloud, please visit www.akamai.com