|
|
|
|
|
|
|
|
|
DNSSEC Compliance Simplified
The Solution The Domain Name System Security Extensions (DNSSEC) protects traffic on the Internet by adding security to verify the authenticity and integrity of DNS data. DNSSEC provides security in three ways:
- Origin authentication of the DNS data–did the data originate from a trusted source?
- Data integrity–was the data modified in transit?
- Authenticated denial of existence–proof that the requested data does in fact, not exist.
BlueCat Networks reduces the inherent complexity of DNSSEC with our Signing Policy Management system allowing you to configure DNSSEC key and rollover settings in one place using the latest protocol features including full support for NSEC3.
The Challenge
|
How BlueCat Provides the Solution
|
- You want to adopt DNSSEC, but understand it to be very complex and difficult to configure using conventional command-line tools.
|
- BlueCat simplifies DNSSEC administration using single-click Signing Policies and automated key rollover.
|
- US Federal Agencies need to comply with the OMB mandate to ensure that the .gov zones are signed.
|
- BlueCat’s DNSSEC solution fully supports the requirements of the mandate and the default settings related to DNSSEC are based on acknowledged best practices.
|
- You need to control DNSSEC signed zones and parameters from a central location.
|
- Whether you have 10 or 1000 DNSSEC signed zones, BlueCat allows you to manage everything from a central interface.
|
- You need to be able to determine which zones are signed, which zones are not signed, and the settings used to sign zones.
|
- BlueCat provides DNSSEC Signing reports to provide a comprehensive view of DNSSEC-related data.
|
Whitepapers
DNSSEC - Secure DNS for Government Bluecat's Public Sector Practice
DNS is one of the most critical components of every network, but is often one of the most overlooked services. Organizations need to implement the proper security measures in order to provide a secure DNS solution that is resilient to attack and exploit.
|
Brochures
DNSSEC - Secure DNS for Government
DNS resolution assumes that information received from remote DNS servers is always valid. As a result of the Kaminsky exploit from mid-2008, organizations are now realizing that this is not always true. DNS is susceptible to cache poisoning attacks that can be used to misdirect users to malicious sites. To help provide added security, the DNS Security Extensions (DNSSEC) were created to provide a method for validating DNS information. Organizations need to begin implementing DNSSEC to safeguard against DNS threats.
|
Return to top 
|
|
|
|
|
|
|
© 2001-2010 BlueCat Networks - All Rights Reserved
|
Secure, Simplified Next Generation DNS management, DHCP and IP address management Network Appliances.
Security - hardened and purpose - optimized, BlueCat Networks'
Appliances are a leading choice for DNS Security Servers, DHCP Servers and Web based IP Address Management
(IPAM) solutions. IPv4 and IPv6 DNS and DHCP compliant.
