Over the years there have been many attacks on the DNS of enterprises across the world. It is pretty well known fact that in the entire Internet architecture if there is one point of weakness, it is the lack of DNS security. The Domain Name System (DNS) was originally conceived keeping in mind the fact that an IP address is impossible for any average human to remember. Also, the IP addressing system has changed over time.
Even today, the world is in the cusp of shifting from IPv4 to IPv6 completely. It is practically impossible to keep track of the changing IP addresses of all the websites. The rapidly growing scale of Internet has only been possible due to the introduction of DNS, which gives a name to every website that corresponds to a specific IP address. The DNS server returns the IP address after checking the directory and finally the desired website is fetched.
When the question of network security arises most enterprise considers getting a firewall will be enough to ward off unauthorized access. However, with change in technology and better systems becoming easily available the good old firewall is not good enough anymore. There is need to have a separate layer of security specifically for the DNS server – the DNS firewall.
What are the extra benefits of having DNS firewall?
This is a question every CIO faces. When it is about the enterprise, any unauthorized access or attack on the DNS can potentially wreak havoc on the entire business structure. The DNS firewall is simply an initial line of defense. It is certainly not enough but definitely necessary.
DNS firewall filters incoming traffic and is particularly helpful if you do not want unauthorized computers to have access to the database. There are enterprise intranets that are for the purpose of internal use only. Such networks have their very own DNS server that needs to be protected from external traffic. DNS firewall can be configured check all incoming traffic and allow only authenticated IP addresses to interact with the server.
DDoS attack on the DNS server is carried out generally by creating bogus repetitive requests. DNS firewall helps prevent such scenario if configures well. Recursive requests from a single IP address can be flagged and such traffic can be blocked.
It is a good idea to increase redundancy to protect the DNS server from various types of attacks. Extra server can come in handy in case of an attack on any particular server as the extra servers will be able to distribute the load and prevent the network from crashing. However, this also needs for the DNS software to be installed in a separate system. Keeping this system dedicated to control the DNS server is the logical choice. This system requires its own protection and DNS firewall is the answer to this.
DNS firewall should be custom configured
Every network is different and will have at least minor differences between them. Depending upon the requirement of the enterprise, DNS firewall needs to be custom made and configured. It is always better to be safe than sorry.