What BlueCat learned from five billion DNS queries 

BlueCat’s 2020 Networking Trends Report illustrates how CIOs can use DNS data to uncover efficiencies, minimize threats, and improve customer experience.

More than ever, CIOs are called to be more than just the heads of technology. They drive business initiatives by delivering services and applications.

These changes impact networking professionals as well. It forces them to deal with a much more complex network environment and a growing emphasis on speed and agility. To empower digital transformation, NetOps teams and CIOs need to find new ways to use data about the network at their disposal. With that information, they can optimize operations and improve network performance.

DNS data: An untapped resource

BlueCat’s 2020 Networking Trends Report illustrates how CIOs can use DNS data to uncover potential efficiencies, minimize security threats, and improve overall customer experience. The report analyzes more than five billion DNS queries spanning North America and Asia. When taken together, these queries provide visibility into network activity that can be used to find cost savings and operational efficiencies.

Here are some of the key recommendations and conclusions from the report:

Optimize performance with insights from DNS: With visibility into DNS queries, IT teams can discover network and query performance degradation, identify root cause, and speed up remediation. It allows organizations to gain meaningful insights into application and cloud service usage levels, to better understand user adoption and behaviors, and measure ROI.

Change KPIs of network performance: Legacy metrics such as uptime and latency are still relevant. But service delivery is a growing focus as IT departments move toward new business models. In this context, DNS data offers a wide range of meaningful business metrics that can assess the value of a NetOps team in delivering services.

Develop a cross-functional approach: DNS data often holds the context that threat hunters and security operators need for a smart, focused response to malicious activity. The ability to collect and analyze that data often originates with the network team, however. A collaborative, cross-departmental approach is required to truly reap the rewards of this valuable data set.

Leverage DNS data for security policies: Periodic analysis of DNS traffic (and internal DNS traffic in particular) can uncover significant threats to network security. That traffic should inform targeted security policies to lock down critical systems. Only by digging into the data and mapping it against business requirements can you discover how it can best serve network security in your particular context.

Tactical lessons

At a tactical level, BlueCat’s analysis revealed many insights that network teams can use to optimize performance and improve security.

Failure to optimize DNS query resolution paths

For example, BlueCat found that many organizations fail to optimize DNS query resolution paths. This adds significant latency to each query and unnecessary load to internal networks. The result is poor end-user experience, as queries are routed to a local external service that may actually be half a world away in the company’s primary data center.

One BlueCat customer found that 80% of all network traffic was being routed to external trusted services. They began routing it directly to the internet instead. As a result, they were able to optimally route network traffic, save on WAN costs, and improve user experience.

Leveraging DNS to improve network visibility

DNS can also be leveraged to improve network visibility. BlueCat’s researchers uncovered information surrounding cloud and application usage rates as well as what activities customers’ employees are performing online. Of the queries for non-business-related websites, roughly 54% of these domains were from social media sites. More than a quarter of the domains were for news sites.

When broken down by vertical, there were some noticeable differences. The education sector, for example, had higher use of social media than other sectors (accounting for nearly 61% of the vertical’s non-business activity). This same level of visibility can be used to determine what services and applications employees are using. In addition to determining worker productivity, knowing how regularly employees are using certain applications and services can help organizations uncover areas to improve for efficiencies and cost savings.

Driving NetOps 2.0

DNS underlies every action across the enterprise. It is a critical point of leverage for network administrators as they look to find their place in this new IT landscape. Using the right metrics and the right technology, NetOps teams can make DNS the common thread between security and DevOps teams. And it can help organizations maintain the speed and agility business operations demand.

Published in:

An avatar of the author

Mark is a Senior Product Marketing Manager at BlueCat Networks.

Related content

Detect anomalies and CVE risks with Infrastructure Assurance 8.4 

The Infrastructure Assurance 8.4 release features an anomaly detection engine for outliers and a CVE analysis engine to uncover device vulnerabilities.

Read more

Get fast, resilient, and flexible DDI management with Integrity 9.6

With Integrity 9.6, network admins can get support for new DNS record types, architect and configure multi-primary DNS, and automate IP assignments.

Read more

Deepen your security insight with Infrastructure Assurance 8.3

BlueCat Infrastructure Assurance 8.3, with an enhanced analytics dashboard, including interactive widgets and top 10 alerts, is now available.

Read more

Security, automation, cloud integration keys to DDI solution success

Only 40% of enterprises believe they are fully successful with their DDI solution. Learn how to find greater success with new research from EMA and BlueCat.

Read more

Our commitment to Micetro customers and product investment

From CEO Stephen Devito, a word on BlueCat’s ongoing commitment to supporting Micetro customers and Micetro’s evolution as a network management tool.

Read more

Seven reasons to rethink firewall monitoring and boost automation 

With BlueCat Infrastructure Assurance, you can better protect your network with automated alerts and suggested remedies for hidden issues in your firewalls.

Read more