DNS DDoS Protection

DNS DDoS Protection

Protect your DNS infrastructure from advanced DNS DDoS attacks

Protecting DNS is Critical for Your Business

When a DNS server falls victim to a DoS attack, users lose access to the websites, services and APIs associated with that server. If attacks target your organization, you could see far-reaching consequences that affect the availability of your applications, your customer relationships and your bottom line.

Radware’s DDoS Protection solutions use behavioral-based detection and automatic real-time signatures to identify and automatically block today’s most advanced DNS DDoS attacks. These DNS DDoS protections can be flexibly deployed—appliance, cloud-based and hybrid—to suit every customer’s need and deployment architecture.

Safeguard Your Infrastructure, Availability and Customer Trust

Based on DNS behavioral protection modules from DefensePro and cloud DDoS services, Radware’s DNS DDoS attack protection offers:

State-of-the-Art Protection

State-of-the-Art Protection

Zero-day and advanced attack protection against sophisticated DNS DDoS attacks such as DNS Floods, DNS Amplification attacks, DNS Water torture and more

Behavior-based Protection for Highest Accuracy

Behavior-based Protection for Highest Accuracy

Patented behavior-based detection and machine-learning algorithms to accurately detect and mitigate attacks in real time while minimizing false positives

Flexible Deployment

Comprehensive Reporting and Analytics

Detailed reporting and analytics capabilities provide valuable insights into attack trends, attack mitigation effectiveness, and network performance

Fully Managed Security Service

Fully Managed Security Service

Real-time support from the 120 battle-proven security experts on Radware Emergency Response Team (ERT)

Comprehensive Reporting and Analytics

Flexible Deployment

Cloud services, appliances and hybrid solutions to match any customer use case, environment or architecture

Types of DNS DDoS Attacks

DNS Amplification Attack

Attackers exploit misconfigured DNS servers, making the DNS response much larger than the DNS request. The attacker sends a large number of small DNS queries with a spoofed source IP address to the targeted DNS server. The server then sends the amplified responses to the victim's IP address, overwhelming its network capacity

DNS Flood Attack

Attackers utilize a network of compromised computers called botnets to send a massive volume of DNS requests to the target DNS server, which floods the DNS server and causes it to become unresponsive

DNS Water Torture / DNS Random Sub-domain Attack

Attackers send a constant stream of small, legitimate-looking DNS queries to the victim's DNS server at a slow and steady rate. The continuous flow of queries gradually overwhelms the DNS server's resources and causes complete unresponsiveness over time

Phantom Domain Attack

Attackers set up one or more phantom domains and send requests to the victim's DNS server to resolve the phantom domains. The victim's DNS server gets overwhelmed when it tries to resolve the phantom domains through non-responsive servers


Attackers flood DNS servers with requests for non-existent domains, resulting in DNS recursion and NXDOMAIN responses. This causes the server to process numerous requests for domain names that do not exist, consuming the resources and leading to denial of service

Contact Radware Sales

Our experts will answer your questions, assess your needs, and help you understand which products are best for your business.

Already a Customer?

We’re ready to help, whether you need support, additional services, or answers to your questions about our products and solutions.

Get Answers Now from KnowledgeBase
Get Free Online Product Training
Engage with Radware Technical Support
Join the Radware Customer Program

Get Social

Connect with experts and join the conversation about Radware technologies.

Security Research Center