DDIDNSDNS RFCs: The Elephant in the Room – Part 2As stated in Part 1 of this series, DNS RFCs have a great impact on how DNS operates. It comes with a risk factor and can impact security. In this second part, we will continue to discuss the impact and provide some food for thought on how to deal with it. DNS is a clear Favorite – Everyone, and I mean EVERYONE loves it! DNS has had more than 25 years to mature, and with that, also the bad actors that want...
DDIDNSDNS SecurityHybrid Workforce: Who’s Managing DNS?Post pandemic situation sees the confirmation of working from home but also working from anywhere. After COVID-19, 92% of eligible people expect to work from home at least 1 day per week, and 80% expected to work at least 3 days from home per week according to a survey by Owl labs. Most enterprises seem to accept this new paradigm as it improves the overall productivity of the workforce. Provided the logistics of working outside the Enterprise can be addressed,...
DNSDNS SecurityHow DNS Security Protects the Most Targeted Industry: TelecomsThe past year has only increased the pressure placed upon the telecoms and media industry as companies continue their transition to the hybrid working model post pandemic and organizations continue to implement 5G. The rise in demand has left mobile operators and ISPs increasingly prone to threat actors using DNS to target the industry. The impacts of these cyber threats are felt globally, as telecoms provide the infrastructure needed to go about our daily lives, from our work to our...
DDIDNSDNS SecurityRemote Worker Protection Using DoHMost organizations now have remote workers and need to provide them with maximum comfort and security to perform their operations. We all know that DNS can be abused to carry out very powerful attacks, animate botnet activities, exchange data with command and control servers or for exfiltrating valuable information. Remote workers always use the public infrastructure from each ISP to connect back to the organization’s IT system and to consume SaaS or cloud services and applications. This shared and public...
DDIDNSWhy Using DoH is QuestionableDoH (DNS over HTTPS) is an interesting solution for securing the transport of DNS traffic up to the first resolver. But is it required? What are the drawbacks? Do we really need it? Can we trust its usage and the DoH providers currently available? After a few months of intensive usage, some are pushing the message that in the context of an organization DoH is an important subject for I&O teams and more generally for the CISO & CIO to...
DDIDHCPDNSDNS SecurityIPAMNetwork AutomationSOLIDserver 7.3: Boosting Network Automation, Security and ControlRelease 7.3 of SOLIDserver builds on the importance of the centralized IP Source of Truth data repository and open APIs to boost automation capabilities of DDI. With a focus on simplifying network management and easy ecosystem integration, the new functionalities introduced bring enhanced visibility over infrastructure resources and users, helping improve operational efficiency and control while strengthening security. The main features introduced with Release 7.3 include the following: 1) Network Identity Manager for Enriched IT Automation With Identity Manager, the...
DDIDNSDNS SecurityDNS over TLS for Improved PrivacyFor various reasons, DNS transport could be secured through encryption, with DNS over TLS (aka DoT) being one obvious solution to increase user security. User privacy reached the DNS area some while ago – we have seen a massive move from browser solutions to the adoption and more importantly the usage of secured DNS by applying, in some countries, an automatic switch to encrypted transport. DNS is business-critical so has to be secured Why is securing DNS so important? Mostly...
Application Traffic RoutingDDIHow Edge DNS GSLB complements LB/ADCEdge DNS GSLB (Global Server Load Balancing) is a great solution for enabling global application traffic routing and is therefore very complementary to all ADC load-balancing solutions installed directly in datacenters for improving performance and redundancy. This blog article focuses especially on the combined benefits of using both technologies to provide more value to the users and help ease the work of I&O teams. The role of a load balancer (LB) or application delivery controller (ADC) is mainly to distribute...
DDIDNSDNS SecurityDNS Flag Day 2020: Improving Internet DNS SecurityAlthough the DNS protocol is not secured by default, it is mainly used on IP networks as the key element to convert application names to technical addresses. Following the 2019 DNS Flag Day, which targeted protocol compliance on EDNS, the 2020 version will focus on operational and security problems caused by Internet Protocol packet fragmentation. Fortunately, EfficientIP customers will not suffer any issues, as our DNS servers already support the 2020 Flag Day recommendations, complying with standards and RFC. DNS...
DDIDNSDNS SecurityWhy You Shouldn’t Rush Into DoHWhile being a core component of the Internet, DNS remains one of the least secure protocols in active use. DNS security is a long-standing debate, with DNS privacy a much more recent matter and a source of division among the security community. Indeed, privacy matters and must weigh in the balance when considering DNS security. However, security is not only about confidentiality. Protocols such as DNS over TLS or DND over HTTPS must be leveraged wisely to strengthen network security,...
