A report from Research and Markets revealed that the global Domain Name System (DNS) service market is expected to grow from USD 238.9 million in the last year to USD 438.8 million by 2022. DNS is critical to the availability and performance of online services. As a result, the market is growing rapidly as enterprises replace older DNS systems with DNS services that deliver better reliability, performance, and advanced capabilities that help accelerate digital transformation.
As today’s organizations actively pursue the path to digital transformation, knowledge-centric businesses should leverage DNS to achieve the scalability, performance, and automation advantages they need to power their modern applications and IT infrastructure, and NS1 can help. Offering the only DNS solution for modern distributed, hybrid enterprise environments, and agile teams, NS1 Private DNS is purpose-built to meet the needs of modern IT.
SourceForge had the chance to speak with Jonathan Lewis, the Vice President of Product Marketing at NS1, to discuss how businesses can accelerate digital transformation and IT automation by upgrading to a modern, API-first DNS platform. Lewis also highlights the ways to address ongoing DNS security threats and attacks and shares how NS1 helps today’s IT organizations solve performance, traffic management, and automation challenges.
Q: Catch us up since we last spoke. What has NS1 been up to? Are there any new product offerings, solutions, or developments you’re particularly excited about at present?
Jonathan Lewis, the Vice President of Product Marketing at NS1
A: This has been a year of industry leadership and technology innovation for NS1. We have always been very involved with the Internet Engineering Task Force, but recently we’ve had the opportunity to take the lead in outlining a multi-vendor DNSSEC strategy. Several of our engineering team leaders were instrumental in validating the proposed solution and prototyping code toward the effort.
This past March, we launched Pulsar 2.0, a cloud-based routing engine that uses real user monitoring data to enable intelligent traffic management decisions for optimal application performance and maximum uptime. With Pulsar, NS1 is the only managed DNS provider that gives enterprises the ability to easily and automatically route traffic to multiple CDNs and cloud facilities based on availability, performance, and business logic. The extensive benefits range from dramatic performance improvements for the 99th percentile to advanced analytics that can guide continuous resource management.
Most recently, we launched Private DNS, a self-hosted platform that is ideal for organizations that are modernizing their application infrastructure and embracing everything from clouds to containers.
Q: Can you tell us more about this enterprise solution? What makes Private DNS unique from other DNS platforms? What are its key features and capabilities?
A: Private DNS brings all of the next generation DNS capabilities from our Managed DNS platform to a self-hosted solution. It is an ideal internal DNS solution for enterprises that are looking to modernize infrastructure or who are working in DevOps environments with multiple content delivery networks, cloud/multi- or hybrid cloud environments and microservices.
Built with an API-first architecture, Private DNS delivers fine-grained and automated traffic routing for the best application experiences; an API-first approach for rapid global change propagation and high-velocity application and infrastructure automation; vendor-agnostic DNS load balancing; and service discovery at cloud scale — all critical for successful modern enterprise application delivery.
Q: DNS plays a crucial role in modernizing the application delivery stack. However, there has been an obvious lack of DNS solutions that help meet the needs of today’s IT organizations. As the leader in next-generation DNS, how can NS1 help meet this challenge?
A: Traditional and open-source DNS systems were architected to support a relatively static DNS that was updated by manually editing zone files, supported by command line interfaces. Retrofitting these architectures to support API-driven, high-frequency changes has not worked. They often become bottlenecks, taking hours to propagate. NS1 developed a Private DNS to support modern application delivery.
NS1’s API-first architecture ensures every DNS function is directly programmable and performant at the speeds required for high-frequency updates. Combined with the rapid propagation of DNS changes across the infrastructure, it ensures that all infrastructure changes and updates are reflected in a timely manner at every DNS delivery node. This is important for DevOps teams that are rolling out applications into dynamic, software-defined environments, often delivering code more than 40 times faster than traditional application development. Also, a full set of DevOps integrations support infrastructure as code, monitoring, reporting and alerting, while intelligent DNS traffic management enables efficient use of complex and elastic cloud, data center, and network infrastructure.
Q: How does NS1 Private DNS help solve the performance, traffic management, and automation challenges of today’s modern enterprises? Can you provide some sample use cases?
A: Private DNS enables enterprises to intelligently manage workloads across a distributed infrastructure. Open data feeds enable Private DNS to track availability and workloads at every facility and intelligently shift traffic to ensure the best application performance and capacity utilization. This open, vendor-agnostic approach delivers global server load balancing (GSLB) across multi-vendor, heterogeneous data center and cloud infrastructures.
Some primary use cases include preventing deployment delays for DevOps teams; enabling rapid propagation for microservices; supporting service discovery in elastic, dynamic infrastructures; facilitating seamless migrations to new infrastructure; eliminating downtime and reducing latency in highly-distributed systems; and orchestrating automated, modern application delivery.
Q: Tell us more about NS1 and your DNS products. How is your company helping businesses speed up IT automation and achieve successful digital transformation?
A: Outside the more obvious use cases for Agile teams and modern infrastructure already mentioned, our next generation DNS solutions are also beneficial for enterprises facing a proliferation of disparate legacy technologies, often a result of mergers and acquisitions or decentralized IT management. These companies are amassing technical debt and struggling with digital transformation initiatives. NS1 solutions can support both modern and legacy systems, as well as facilitate migrations without downtime by moving fractions of traffic at a time to new infrastructure. Once migrated, our platforms continue to enable automation and orchestration while ensuring uptime, high velocity, and maximum performance.
Q: Today’s headlines are filled with reports of successful DNS attacks, from AT&T and broadcaster Al-Jazeera to Bank of America. As the expert in this field, how can NS1 address ongoing DNS security threats and attacks?
A: There are two critical areas where NS1 protects customers from attacks targeting DNS. First is protection from threats to DNS availability. DNS is a very common DDoS attack target because attackers know they can take a business down by going after the DNS. NS1’s Managed DNS service is very well provisioned – designed and operated to fend off DDoS attacks. Our service has a stellar track record for reliability and performance. That said, it is a best security practice for enterprises to build redundancy into every mission-critical service, including DNS. DNS redundancy ensures no service interruptions, regardless of cause. This, however, is a technical challenge for many enterprises due to functional trade-offs and excessive IT management overhead. NS1 has solved these problems with our Dedicated DNS service, making redundant DNS practically seamless.
The second critical area is protecting the DNS information itself. DNS cache poisoning, man-in-the-middle, and DNS redirection attacks are becoming more common as attackers target websites and online services that deliver access to financial assets and high-value personal data. DNSSEC is recognized as the most effective defense against these attacks and indeed, it is a mandate in some cases. However, DNSSEC can be technically challenging, and many enterprises, even those that are responsible for securing the financial assets of their customers, have not implemented DNSSEC. In 2018 NS1 began offering no-fee DNSSEC support that removes the barriers to use – abstracting all the technical complexity and functional trade-offs that have kept enterprises from implementing this vital security mechanism.
Q: What strategies or advice can you offer to help organizations reduce, prevent, and even avoid attacks on DNS servers?
A: This answer has a couple of dimensions. First deals with protecting public, internet-facing DNS. DNSSEC and DNS redundancy are of course important. In addition, it is important to implement strong DNS management hygiene with respect to role-based access controls and strong authentication.
For self-hosted and/or internal DNS systems, it is also important to lock down access to only authorized sources and protocols and ensure the systems are current with security updates and patches.
Q: Looking ahead, what trends, technologies, or current market movements will likely shape the future of DNS?
A: The need to increase business velocity and deliver optimal application performance in order for companies to remain competitive will shape the future of DNS. One of the greatest benefits of the cloud is the ability to auto scale in order to meet capacity and performance demands. Advancements in microservices and DevOps have dramatically increased the speed at which organizations can spin up new resources, and DNS will continue to evolve to support the CI/CD approach. Performance demands will continue to drive edge computing resources, and DNS will enable these advancements.
About NS1
NS1 is the leader in next-generation DNS solutions that orchestrate the delivery of the world’s most critical internet and enterprise applications. Only NS1’s purpose-built platform, which is built on a modern API-first architecture, transforms DNS into an intelligent, efficient and automated system, driving dramatic gains in reliability, resiliency, security, and performance of application delivery infrastructure. Many of the highest-trafficked sites and largest global enterprises trust NS1, including Salesforce, LinkedIn, Dropbox, Nielsen, Squarespace, Pandora, and The Guardian. Visit www.ns1.com to learn more.