Introduction to DNS Security

Authoritative DNS plays a critical role in our connected culture. It started as a simple phone book that routed requests to websites. But now, with virtually every application and computing activity connected to a sprawl of clouds, data centers, CDNs, and devices, authoritative DNS has emerged to new prominence in the internet infrastructure.

In this Refcard we’ll look at how authoritative DNS’s ubiquity and critical position in application infrastructure make it both a prime target for attackers and an opportunity to dodge downtime and defend against threats. Although no layer of your application delivery infrastructure is immune to attack, with the right tools you’ll be better equipped to meet the challenges head-on.

Yes, the cloud brings efficiencies with it, and the majority of enterprises racing to the cloud see it as a platform for innovation. According to an IDC research paper, “public cloud adoption is accelerating in large part as enterprises recognize that the cloud has become the launchpad for virtually every new IT innovation,” and those companies not on public clouds find themselves in “innovation isolation.”

There’s no greater single driver for DNS-based threats than the race to adopt the innovation inherent in digital experiences and cloud computing by enterprises and consumers alike. DNS is the primary mediator between users and any online service or application, and any disruption in DNS denies access to these services. The misdirection of DNS services can send users to malicious sites for further manipulation and can be used to gain access to private networks.

DNS is a potential single point of failure and a rich source of attack and manipulation techniques, and attackers are taking advantage of it. 40 percent of cloud-based application downtime is a result of attacks on DNS servers and services. For many companies (and even cloud providers), the race to embrace the cloud is outpacing the security and resiliency upgrades required in core enterprise and internet infrastructure to ensure not only security, but uptime and optimal end-user experience.

The cloud introduces fundamental changes that older architectures and technologies weren’t designed for, which opens the door for security risks. These include:

• Expansive connectivity and diversity. On the surface, the cloud seems much simpler for enterprises since the infrastructure is no longer onsite. But the massive connectivity of cloud computing adds new layers of complexity. According to Gartner, “the increased trend toward dynamic, fragmented, and distributed cloud-based applications complicates the task of maintaining visibility and availability of key resources.” There isn’t just “one” cloud, and the various options don’t all function in the same manner. 87 percent of enterprises use multiple clouds and as multi- and hybrid-clouds emerge, there’s increased complexity in the number of potential clouds, how, where and when users are routed to those resources, and how those resources are managed and protected.
• Concentration of information and risk. While the infrastructure may be fragmented and diverse, the data attackers want to steal can be highly concentrated in the cloud, vastly increasing its attractiveness to bad actors.
• Uneven innovation and security across clouds and enterprises. Not all clouds are equal in their capabilities, offerings, stability, and security. There’s little security equality across the vast landscape of cloud providers, and even less with the enterprises adopting them.
• Technical debt. The rapid innovations born from the cloud have not migrated quickly or evenly to the enterprises leveraging clouds. Enterprises are spending the vast majority of their budgets maintaining older, outdated systems, leaving critical projects on the cutting room floor — and perhaps worse, sometimes sending them shopping for cheaper cloud providers without robust security.

This is a preview of the Introduction to DNS Security Refcard. To read the entire Refcard, please download the PDF from the link above.