Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.


11:28 AM
Dark Reading
Dark Reading
Products and Releases

VeriSign DNSSEC Interop Lab Adds Brocade, A10 Networks, BlueCat Networks

Meanwhile, VeriSign continues to work closely with ICANN and the Department of Commerce on root zone deployment

MOUNTAIN VIEW, CA--(Marketwire - June 25, 2010) - VeriSign, Inc. (NASDAQ: VRSN), the trusted provider of Internet infrastructure services for the networked world, today announced that Brocade, A10 Networks and BlueCat Networks are participating in the DNS Security Extensions (DNSSEC) Interoperability Lab. The lab was established by VeriSign to help vendors confirm that their solutions interoperate with DNSSEC.

By applying digital signatures to DNS data, DNSSEC authenticates the origin of the data and verifies its integrity as it moves across the Internet. Testing the widest array of infrastructure components in the VeriSign DNSSEC Interoperability Lab is especially crucial as the signed root zone is set to become available on July 15. Plans call for VeriSign to sign the .edu domain in July, .net by fourth quarter 2010 and .com by first quarter 2011.

Additionally, VeriSign is working in collaboration with the industry, including ICANN and the Department of Commerce, on the deployment of DNSSEC in the root zone. In an important DNSSEC deployment milestone, VeriSign recently joined ICANN, the Department of Commerce and 14 Trusted Community Representatives in generating and securely storing the first cryptographic digital key used to secure the Internet root zone.

Brocade, A10 Networks and BlueCat Networks have joined Cisco Systems, Juniper Networks and other organizations in working with VeriSign's DNSSEC Interoperability Lab to review their solutions in a DNSSEC-enabled environment. DNSSEC is designed to protect the Domain Name System from "man in the middle" and cache poisoning attacks.

"The growing need to access critical data and applications anytime and anywhere through the Internet requires a collaborative effort to mitigate possible threats to network infrastructures," said Keith Stewart, director of product management at Brocade. "As a networking leader delivering customers unmatched investment protection and high availability, Brocade is committed to simplifying and securing Internet communications end-to-end, including at the name server level. Our participation with the VeriSign DNSSEC Interoperability Lab will provide customers a proven and secure solution to deploy next generation networks."

"DNS is fundamentally essential to Internet operation, and DNSSEC offers the ability to provide a higher level of integrity for DNS queries, giving consumers, enterprises or any Internet user more trust in their transactions," said Lee Chen, founder and CEO for A10 Networks. "We are pleased to participate with our AX Series in the VeriSign DNSSEC Interoperability Lab to ensure our Application Delivery and Server Load Balancing functionality works seamlessly in true DNSSEC environments."

"BlueCat didn't become an award-winning provider of physical and virtual IPAM (IP Address Management) solutions by ignoring the demands of the marketplace," said Luc Roy, vice president of product management and marketing at BlueCat Networks. "For our customers and for the industry at large, ensuring DNSSEC interoperability is a business imperative. VeriSign's DNSSEC Interoperability Lab makes it significantly easier for all members of the Internet communications ecosystem to be part of the DNSSEC solution."

The DNSSEC Interoperability Lab is staffed by VeriSign personnel who can help solution and service providers determine if DNS packets containing DNSSEC information, which are typically larger than standard DNS packets, will cause problems for their Internet and enterprise infrastructure components. For instance, some solutions may make assumptions about DNS packet size and structure that are no longer true with DNSSEC.

"Interoperability testing helps identify and solve any technical roadblocks that might pose a challenge to the secure, stable and resilient implementation of DNSSEC across .edu, .net and .com," Ken Silva, senior vice president and chief technology officer at VeriSign. "When DNSSEC goes live, we'll see larger volumes of data traffic move through the DNS system, because DNSSEC packets are larger than current DNS packets. That's why, as we begin the final stage of the root zone deployment this summer, it's essential for more organizations to take advantage of the DNSSEC Interoperability Lab to ensure firewalls, applications and other equipment can support DNSSEC."

In addition to operating the DNSSEC Interoperability Lab, VeriSign has rolled out a program to ease DNSSEC deployment for a wide range of Internet stakeholders. Over the past several months, VeriSign has published technical resources, led educational sessions, participated in industry forums and developed tools designed to simplify DNSSEC management.

The company has also actively provided support for its network of registrars for DNSSEC implementation, and has provided a software development kit (SDK) and other tools, training, services and support. Once .com and .net are signed, VeriSign also plans to provide registrars with key exchange services.

"Adopting DNSSEC could be significantly more costly, difficult and time-consuming without the support we're receiving from VeriSign," said Clint Page, president and CEO at Dotster, Inc. "VeriSign is working with us to establish a deployment strategy. This is on our product road map, and availability is currently under review."

More information on VeriSign's DNSSEC plans is available here: http://www.verisign.com/dnssec.

About VeriSign VeriSign, Inc. (NASDAQ: VRSN) is the trusted provider of Internet infrastructure services for the networked world. Billions of times each day, VeriSign helps companies and consumers all over the world engage in communications and commerce with confidence. Additional news and information about the company is available at www.verisign.com.

Comment  | 
Print  | 
More Insights
Newest First  |  Oldest First  |  Threaded View
COVID-19: Latest Security News & Commentary
Dark Reading Staff 11/19/2020
New Proposed DNS Security Features Released
Kelly Jackson Higgins, Executive Editor at Dark Reading,  11/19/2020
How to Identify Cobalt Strike on Your Network
Zohar Buber, Security Analyst,  11/18/2020
Register for Dark Reading Newsletters
White Papers
Cartoon Contest
Write a Caption, Win an Amazon Gift Card! Click Here
Latest Comment: This comment is waiting for review by our moderators.
Current Issue
2021 Top Enterprise IT Trends
We've identified the key trends that are poised to impact the IT landscape in 2021. Find out why they're important and how they will affect you today!
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
PUBLISHED: 2020-11-24
499ES EtherNet/IP (ENIP) Adaptor Source Code is vulnerable to a stack-based buffer overflow, which may allow an attacker to send a specially crafted packet that may result in a denial-of-service condition or code execution.
PUBLISHED: 2020-11-24
An ACL bypass flaw was found in pacemaker before 1.1.24-rc1 and 2.0.5-rc2. An attacker having a local account on the cluster and in the haclient group could use IPC communication with various daemons directly to perform certain tasks that they would be prevented by ACLs from doing if they went throu...
PUBLISHED: 2020-11-24
Barco wePresent WiPG-1600W firmware includes a hardcoded API account and password that is discoverable by inspecting the firmware image. A malicious actor could use this password to access authenticated, administrative functions in the API. Affected Version(s):,,,
PUBLISHED: 2020-11-24
HRSALE 2.0.0 allows XSS via the admin/project/projects_calendar set_date parameter.
PUBLISHED: 2020-11-24
A flaw was discovered in WildFly before 21.0.0.Final where, Resource adapter logs plain text JMS password at warning level on connection error, inserting sensitive information in the log file.