Internal Authoritative DNS

Deliver the Authoritative DNS Data within your Enterprise Ensure fast resolution Reduce Reliance on Public DNS

Reliance on the Internet for Pubic DNS is a liability. Deployment of the Internet’s Authoritative Data in a network or ISP provides cyberspace superiority by removing specific attack vectors and reducing latency while enabling the network to communicate even if access to the Internet is limited.

    Threat Vectors
  • Cache poisoning
  • Man-in-the-middle (MitM)
  • Phishing Certain malware (HTML misdirection)
  • Certain malware
  • Attacks disrupting external communications
  • Malformed packets
  • DNS, TCP/IP, UDP, NTP, IoT etc. based attacks

Detect Anomalous Packets, Remove Specific Attack Vectors, Ensure Correct IP Address Resolution and Reduce Latency

Attack Mitigation

The CDNS approach to provide resiliency complements any existing DNS resolution infrastructure that relies on the availability of access to the public Internet with a majority of the global Authoritative DNS data within one’s own network. Users are assured access to localized Authoritative DNS data and users in the network can communicate almost unaffected by an on-going attack. The service can also be supplemented by any private or individual resource records further enhancing the resiliency of the service delivered. Variations of the architecture can be implemented to suit specific needs. Cache Poisoning is the method of changing the IP address associated with a DNS record in the cache of a DNS resolver i.e. “hacking” into the server and changing a corresponding IP address. Man-in-the Middle (DNS Spoofing, Hijacking) occurs when an attacker impersonates the response of the requestor and intercepts the request query and resolves the request falsely by providing the wrong IP address. MitM attacks have become very common for acquiring login credentials on secure sites (banks, web interfaces, etc.) and the interception of email.

Innovative Approach to Internet Resiliency Through Technological Breakthroughs and Unique Architecture

  • Removes specific attack vectors
  • Deploys Internet's Authoritative Data directly in a Network or ISP
  • Topology has flexibility to provide Authoritative Information all the way to the end user/enclave level; the Authoritative data can reside in core or edge of the network.
  • Decreased Internet Latency – the recursive resolvers utilize the DNS data within the network vs. waiting on the Public Internet for resolution.
    • Efficient - Reduced need for multiple hops for DNS resolution
  • Dependency on access to the Public DNS resolvers is significantly reduced
  • Users in the network will be able to communicate if access to the Internet is limited
  • Phishing/Malware that rely on DNS. Attacks that depend upon corrupting web addresses with false DNS data are thwarted because the Authoritative DNS cannot be manipulated.