
The Akamai Blog Subscribe
Innovation Driven by Operational Experience and Engi ...
DNS and security have had a long and tangled relationship. The DNS has always been an attractive target since it's a network leverage point. At DNS OARC 30 in Bangkok in 2019, Akamai's Ralf Weber did a presentation called DNS Security: Past, Present, and Future (It's Not Easy) covering numerous DNS security issues that have arisen over the years. Various forms of DNS-DDoS were a recurring theme in the presentation.
Simplifying the ISP Transition to DNS Encryption
New protocols to encrypt DNS traffic, DNS over HTTPS (DoH) and DNS over TLS (DoT), have been a visible Internet topic for the past two years. Akamai participated in the definition of DoH/DoT standards and recently released support in the high-performance CacheServe resolver. Major features include: Integration of DoH/DoT in CacheServe, alongside legacy UDP and TCP protocols Initial performance tests show scaling up to 500,000 active DoH/DoT sessions at 1.5
Introducing Akamai Edge DNS
At Akamai, we live by the motto "Intelligent Security Starts at the Edge," which is why we're excited to announce that we are changing the name of our authoritative DNS service from Fast DNS to Edge DNS. If you are an existing Fast DNS customer, rest assured that for now, this is purely a name change. But this announcement also marks the beginning of the next phase in the evolution
DNS Encryption at DNS OARC 32
The DNS DNS Operations, Analysis, and Research Center (DNS OARC) is an organization that, in their own words, works to "improve the security, stability, and understanding of the Internet's DNS infrastructure." They hold regular workshops where deployment experts, software developers, researchers, and DNS operators at service providers and top level domains (TLDs) from everywhere in the world get together to discuss the latest trends. DNS OARC 32 was held in
Geolocation and DNS Traffic Management
What is GTM Global Traffic Management, or GTM, is a DNS-based load balancing service that offers application owners a level of flexibility and insight that is unmatched by traditional on-prem solutions. Highly scalable and fault-resilient, GTM offers customers a layer of abstraction between endpoints, so traffic can be easily shifted between targets. The platform is not limited to weighted load distribution, however; GTM can execute intelligent routing decisions based on
Managing Traffic From the Outset - How GTM Can Make ...
What is GTM Global Traffic Management, or GTM, is a DNS-based load balancing service that offers application owners a level of flexibility and insight that is unmatched by traditional on-prem solutions. Highly scalable and fault-resilient, GTM offers customers a layer of abstraction between endpoints, so traffic can be easily shifted between targets. However, the platform is not limited to weighted load distribution: GTM can execute intelligent routing decisions based on
Why DNS Visibility Matters in Education
My colleague in Spain recently wrote an informative article about DNS Protection and why it's a must-have security solution for any company. Building out on this topic, I would like to look specifically at the Education market and what the consequences can be if DNS Visibility is not taken seriously. I will also share some insight in the results that we typically see when we run proof of concepts with
The Benefits of a Single Provider DNS Platform
I've written in previous blogs about the value of using DNS as a security control point and how using a DNS based security solution like Akamai's Enterprise Threat Protector can help accelerate your transition to a Zero Trust security approach.
A View into Top Level Domain (TLD) Abuse
Data science and security research teams in the carrier organization at Akamai process massive volumes of DNS queries every day to detect and track malicious activity. The data is live-streamed from DNS resolvers deployed in diverse service provider networks in every region of the world. Providers who supply the data anonymize it using Cryptography-based Prefix-preserving Anonymization (Crypto-PAn), a well known tool.