Reliable external DNS service
Easily manage cloud-hosted public DNS zone
Key takeawaysThis key takeaway was generated through LLMs crawling the page and coming up with an overview of the content.The article describes BlueCat Cloud DNS Service, a cloud-hosted external authoritative DNS solution integrated with BlueCat Address Manager that addresses the real-world problem of unreliable or single-provider public DNS resolution. In environments where organizations host public services, the offering reduces operational risk by providing a low-latency, Anycast-distributed network with DDoS mitigation and DNSSEC to improve availability, security, and performance. Key outcomes include centralized provisioning and management of public zones via Address Manager or RESTful API, authenticated updates, and global resiliency across 285 points of presence in over 100 countries.
How does BlueCat Cloud DNS Service improve availability and performance for public DNS resolution?
BlueCat Cloud DNS Service improves availability by hosting public DNS zones on an Anycast-enabled network with 285 points of presence in over 100 countries, which lowers DNS response times globally and increases resiliency. It includes out-of-the-box DDoS mitigation with static and dynamic rules applied upon detection to ensure service uptime during attacks. Together, the distributed Anycast footprint and built-in DDoS defenses raise availability of critical apps and services without additional cost, reducing the operational risk of DNS resolution failures.
What management and automation capabilities does the service provide for public DNS zones?
The service integrates with BlueCat Address Manager to provide centralized control: you can provision, update, add, remove, and manage public DNS zones from a single control panel or automate tasks via a RESTful API. Zone deployment supports dynamic updates and creation of new public zones directly from Address Manager or programmatically through the API, enabling a single source of truth for DNS management. This centralized approach saves time, ensures consistent and accurate zone data, and supports authenticated updates between primary and secondary servers using TSIG.
What security features protect DNS integrity and authenticated updates in Cloud DNS Service?
Cloud DNS Service offers DNSSEC to secure the integrity of DNS responses, defending against DNS spoofing, cache poisoning, and related attacks by automating the zone signing process. It also supports authenticated and secure updates using TSIG for trusted communication between primary and secondary DNS servers. Additionally, the platform applies DDoS mitigation techniques with immediate static and dynamic rules upon detection to protect service availability while maintaining secure resolution practices.
The solution: BlueCat Cloud DNS Service
For BlueCat Integrity users, BlueCat Cloud DNS Service is a cloud-hosted external authoritative DNS service integrated seamlessly with BlueCat Address Manager. Customers can host their public DNS zones in a reliable, low-latency, and distributed denial-of-service (DDoS) attack-resilient Anycast network to allow external clients to access them. It can be used on its own or in combination with existing DNS service providers or self-hosted external DNS servers. Cloud DNS Service ensures that external DNS is always resolvable, providing a dependable solution for organizations.
By using Address Manager and Cloud DNS Service, you can easily provision public DNS zones. Even better, you can manage public zones effortlessly by adding, removing, and updating all zones from a single source of truth. This centralized approach not only saves time and effort but also ensures accurate and consistent management of all public zones.
Figure: How Cloud DNS Service works
Features
Centralized control panel
With a single control panel in Address Manager, manage internal and external DNS zones for dynamic updates
Easy zone deployment
Deploy updates or create new public zones for DNS resolution right from Address Manager or via RESTful API
DDoS mitigation
Ensure service uptime when under DDoS attacks with mitigation techniques that allow for static and dynamic rules applied immediately upon detection
Secure DNS resolution using DNSSEC
Seamlessly automate the zone signing process with DNSSEC to authenticate the origin and integrity of responses
Authenticated and secure updates to Cloud DNS Service
Use TSIG for secure communication between primary and secondary DNS servers
BlueCat’s Intelligent Network Operations (NetOps)
BlueCat’s Intelligent NetOps solutions provide the analytics and intelligence needed to enable, optimize, and secure the network to achieve business goals. With an Intelligent NetOps suite, organizations can more easily change and modernize the network as business requirements demand.
