DNS Blast

DNS Blast: Absorb DDoS Attacks on Cache DNS

DNS Blast is a cache appliance that can support up to 17 millions queries per second. It can handle more bandwidth than the network itself; therefore, the cache will never be saturated.

The DNS caches can be synchronized between several DNS servers. Each server benefits from resolutions done by the other servers thus reducing network bandwidth consumption.

DNS Blast Absorbs DDoS Attacks up to 17 Million DNS Queries per Second

The total number of Distributed Denial of Service (DDoS) attacks increased 26% from Q4-2012 to Q4-2013, and infrastructure (Layer 3 and 4) attacks increased 29%. The average attack duration was 23 hours, and many attacks consumed over 100 Gbps of bandwidth. (Source: Prolexic Technologies)

While most organizations are aware of the security risks linked to DNS servers (82% of respondents were aware and recognized the threats), most IT budgets and time are still spent on more traditional network security solutions such as Firewalls (68%) which will not have any effect.

Why is DNS performance so important ?

DNS availability to ensure business continuity

If your DNS servers crash and stop answering queries, your users will not be able to connect with their applications, nor will your customers be able to interact with you. In simple words, you lose money, and your brand image will be dramatically impacted.

Follow DNS best practices against cache poisoning

The DNS protocol was designed to always answer a query. If for any reason there is latency or time out and some queries do not get resolved, this creates a major security hazard. Your DNS is now wide open for attackers to poison your DNS cache, which means that valid traffic will be redirected to malicious sites where private data can be intercepted and stolen.

Protect legitimate traffic, block queries only when you’re 100% sure

Trying to filter malicious queries from valid queries is a very dangerous game and very difficult to achieve or administer operationally. Filtering can easily generate false positives, and have you block legitimate traffic.

DNS Blast benefits

  • Mitigate risk before DDoS attacks take down your business
  • Simplify your DNS infrastructure while maintaining high level of security
  • Reduce cost of DNS management and ownership
  • No risk of blocking valid DNS Queries with inaccurate filtering
  • Limit DNS Cache poisoning while always answering queries