Simple, Stress Free UltraDNS DNSSEC

Protection Against Cache Poisoning and User Theft

DNSSEC is Vital to Your Digital Defense

Stolen usernames, passwords and personal information. Not what you want associated with your organization's website. But without DNS security extensions (DNSSEC) that's exactly what you could face. These days, it's easier than ever to poison DNS server caches and redirect your traffic to phony, malicious sites. Your organization's reputation could take a major hit. With Neustar Security Services UltraDNS, you've got the right protection.

Neustar Security Services UltraDNS: Stress-Free DNSSEC

DNSSEC digitally signs your DNS records, allowing DNS recursive servers to check and validate them. This exposes false responses and prevents cache poisoning attacks.

Like other aspects of DNSSEC, key management can be complex. UltraDNS makes it simple and cost-efficient with:

• A DNSSEC-compliant DNS platform
• Easy-to-use Web management portal
• Automated zone signing
• Automated or manual ZSK key rollovers
• Automated key rollover notifications

Neustar Security Services UltraDNS eases the challenges of new policies and procedures, DNS server upgrades and larger domain zones. (Domain zones signed with DNSSEC are traditionally larger and contain more records to accommodate cryptographic signatures, but not so with UltraDNS.) As a fully managed service, UltraDNS avoids the need for costly DNSSEC training or additional staff to manage private and public key management.

More About Cache Poisoning

When users connect to websites, their requests must be routed to the correct host. A DNS server, typically run by the user’s ISP, transparently converts the FQDN (Fully Qualified Domain Name) to a corresponding IP address. When the correct answer is found, DNS servers cache it for a certain amount of time to decrease network traffic and allow faster future responses. When cyber criminals “poison” these caches with incorrect data, they can redirect people to phony sites and steal usernames, passwords and credit card data.

DNSSEC secures the DNS zone data, providing end to end data integrity and authenticated denial of existence. Developed specifically to counter cache poisoning attacks, DNSSEC protects your users from receiving forged DNS responses. By including this extra security as a standard feature, UltraDNS delivers peace of mind.