A multi-DNS solution provides fail-over when your vendor is attacked
A DDoS attack can overwhelm a DNS server with lookup requests. If an attacker targets a DNS provider rather than individual websites, they can take down all end users whose DNS requests route through a given server.
The recent DDoS attacks on a major DNS provider highlighted the importance of individual companies having a DNS infrastructure that includes fail-over. This can be accomplished by implementing multiple solutions from different vendors.
As the attacks last week played out, it became evident that a large number of internet sites use only one DNS provider. So, they had no redundancy or fail-over and their websites became unavailable.
Paul Calatayud, CTO of FireMon, an internet firewall and security company, provided this advice in a recent blog, “Begin to plan for situations where cyber-attacks against you may never be directed at you, but rather organizations you come to rely upon. In the case of this attack and DNS, having a secondary DNS service operating at the same time may have mitigated the impact to your organization even when your primary provider goes down.”
CDNetworks has one of the larger DNS infrastructures with 48 global points of presence. We offer an easy solution for adding a secondary DNS solution even if you have a current service.
If you don’t have a cloud-based DNS service and are trying to go it alone, please read our white paper that explains the main requirements for an effective DNS strategy. The white paper outlines the options for enabling DNS and provides key criteria to consider when choosing the best option for your organization.