Solutions

DNS Security (DNSSEC) Solutions

Streamline DNSSEC and ensure high availability for globally distributed applications

DNS cache poisoning and other DNS attacks can compromise your local DNS (LDNS) servers and make it possible for hackers to hijack DNS responses, redirect clients to malicious sites, and access private information. Traditionally, deploying DNS security (DNSSEC) services has involved complex and expensive manual provisioning of encryption keys that validate response authenticity. In addition, organizations have had to choose between the high availability of global server load balancing (GSLB) and the security of DNSSEC because DNSSSEC architecture did not support intelligent GSLB systems.

F5 takes the only approach to DNS security that enables organizations to deploy DNSSEC quickly and easily into an existing GSLB environment. F5 streamlines encryption key generation and distribution by dynamically signing DNS responses in real-time. And F5 combines this DNSSEC technology with GSLB to provide high availability, maximum performance, and centralized management for applications running across multiple and globally dispersed data centers.

Why do I need DNS security?

Business benefits of using F5 for DNSSEC include:

  • Strong DNS security.
    F5 ensures that DNS responses cannot be modified by rogue DNS servers, so clients get validated, trusted DNS responses that direct them to application sites.
  • Compliance with government DNSSEC regulations.
    F5 delivers secure and dynamic DNS responses to help you comply with regulatory mandates.
  • Optional FIPS key security.
    F5 provides the option to deploy military-grade key security using FIPS hardware cards.
  • Simplified implementation and reduced management costs.
    With a onetime, three-step process, you can create automatic key policies that eliminate routine DNSSEC management tasks and reduce management costs.
  • High availability and performance.
    Intelligent global traffic management routes clients to the best-performing resource to ensure fast application responses and high availability.

Top White Papers

Top News Articles

Latest Web Media

DNSSEC: Compliance is Easier than You Think

How do I implement DNS security?

With F5, you can easily configure DNSSEC to deliver trusted, signed responses. One of the highlights is default settings that are based on governmental guidelines. This offers an easy, turnkey implementation that makes DNSSEC enforcement simple and easy to manage.

DevCentral Content

Resources

DevCentral Community

F5 DevCentral, is our community driven site that helps customers and partners maximize the effectiveness of F5 technologies & solutions.

F5 Knowledge Base

The AskF5 Knowledge Base has product manuals, security advisories, and release notes on F5 products.

What F5 offerings do I need for a DNS security solution?

F5 BIG-IP solutions deliver a simplified, central point of control for DNSSEC based on trusted, signed query responses. F5 solutions provide built-in security protection to help you achieve compliance with security standards, including DNSSEC, in a cost-effective way.

Products or technologies that apply to this solution

Partner products or technologies that apply to this solution

Resources

F5 Technology Demo

This animated demo shows the F5 application delivery networking technologies working in different scenarios.

BIG-IP Overview Demo

This in-depth Flash demo gives a video introduction, overview, and next steps for using BIG-IP.

How to Buy

How to Buy button Talk to F5 Sales by Phone Talk to F5 Sales by Text Message