DNS DDoS Protection

DNS DDoS Protection

Protect your DNS infrastructure from advanced DNS DDoS attacks

Protecting DNS is Critical for Your Business

When a DNS server falls victim to a DoS attack, users lose access to the websites, services and APIs associated with that server. If attacks target your organization, you could see far-reaching consequences that affect the availability of your applications, your customer relationships and your bottom line.

Radware’s DDoS Protection solutions use behavioral-based detection and automatic real-time signatures to identify and automatically block today’s most advanced DNS DDoS attacks. These DNS DDoS defenses leverage adaptive and multilayered protection that can be flexibly deployed—appliance, cloud-based and hybrid—to suit every customer’s need and deployment architecture.

Safeguard Your Infrastructure, Availability and Customer Trust

Based on DNS behavioral protection modules from DefensePro X and cloud DDoS services, Radware’s DNS DDoS attack protection offers:

Protection Against Any DNS DDoS attack

Protection Against Any DNS DDoS attack

Real-time detection and mitigation of both known and zero-day DNS DDoS attacks, ensuring that networks and services remain accessible and resilient

Automated machine learning protection

Automated Machine-learning Protection

Multi-layered, patented and adaptive solution to accurately detect and mitigate attack campaigns while minimizing false positives

shorter time-to-mitigate (TTM)

Shorter Time to Mitigate (TTM)

Autonomous management of detection, characterization and mitigation without human intervention lowering the overall TTM

Lower total cost of ownership (TCO)

Lower Total Cost of Ownership (TCO)

Configuration management and handling of ongoing attacks is fully automated, leading to significantly lower costs

Flexible Deployment

Flexible Deployment

Cloud services, appliances and hybrid solutions to match any customer use case, environment or architecture

Fully Managed Security Service

Fully Managed Security Service

Real-time support from the 120 battle-proven security experts on Radware’s Emergency Response Team (ERT)

Types of DNS DDoS Attacks

DNS Amplification Attack

Attackers exploit misconfigured DNS servers, making the DNS response much larger than the DNS request. The attacker sends a large number of small DNS queries with a spoofed source IP address to the targeted DNS server. The server then sends the amplified responses to the victim's IP address, overwhelming its network capacity

DNS Flood Attack

Attackers utilize a network of compromised computers called botnets to send a massive volume of DNS requests to the target DNS server, which floods the DNS server and causes it to become unresponsive

DNS Water Torture / DNS Random Sub-domain Attack

Attackers send a constant stream of small, legitimate-looking DNS queries to the victim's DNS server at a slow and steady rate. The continuous flow of queries gradually overwhelms the DNS server's resources and causes complete unresponsiveness over time

Phantom Domain Attack

Attackers set up one or more phantom domains and send requests to the victim's DNS server to resolve the phantom domains. The victim's DNS server gets overwhelmed when it tries to resolve the phantom domains through non-responsive servers

Contact Radware Sales

Our experts will answer your questions, assess your needs, and help you understand which products are best for your business.

Already a Customer?

We’re ready to help, whether you need support, additional services, or answers to your questions about our products and solutions.

Get Answers Now from KnowledgeBase
Get Free Online Product Training
Engage with Radware Technical Support
Join the Radware Customer Program

Get Social

Connect with experts and join the conversation about Radware technologies.

Security Research Center