Contact Us  |  How To Buy  |  Worldwide  |  Login

DNS 
Solutions Challenges Features & Benefits

DNS High Availability and Flood Mitigation

DNS High Availability

AppDirector™ ensures the fault-tolerant operation of domain name system (DNS) servers for high-availability and continuous IP address translation across carrier networks. AppDirector monitors the responsiveness of the DNS application processing and performs health checks to assay and verify the receipt of DNS query replies. If a failure is detected, DNS requests are directed to another DNS server for processing, guaranteeing 99.999% uptime.

Virtualized DNS Architecture and Disaster Recovery

AppDirector Global ensures optimized load distribution across all DNS server farms, eliminating service volatility from traffic bursts. AppDirector Global capabilities enable the complete virtualization of DNS services across multiple point of presences (POPs) and data centers, providing complete flexibility in the planning and consolidation of DNS infrastructure across locations, for CAPEX/OPEX savings. DNS server overflow and full site redundancy is performed automatically and transparently to end users.

DNS Service Scaling

Employing AppDirector to front-end DNS services enables DNS resource and service scaling. By aggregating DNS servers, over 1 million DNS requests per second can be served by a farm through a single device, for highly economical DNS service growth.

Protection Against DNS Floods, DNS Program Exploits and OS Vulnerabilities

AppDirector mitigates DNS floods and ensures “zero-minute, zero-touch, zero-false positives” security for service integrity.

  • Direct DNS request floods are automatically thwarted by AppDirector’s behavioral DoS module. Specific DNS footprint parameters are identified, including domain names, to accurately detect abnormal DNS requests for a specific domain providing real-time protection from DNS floods. UDP and TCP floods are similarly identified and blocked using AppDirector’s behavioral DoS module. Reverse DNS requests floods are mitigated with AppDirector’s IPS module. Since only a small number of requests per second can cause service flooding, AppDirector’s ability to limit the number of reverse DNS requests provides full protection from these floods.

  • DNS exploits are identified and blocked in real time by AppDirector’s IPS module employing a powerful signature-based protection engine. A pre-defined DNS protection signature group includes all the known signatures to identify program and OS exploits. Radware’s Security Update Service provides automatic updates for over 1500 IPS signatures to ensure ongoing protection from new OS exploits and emergent threats.