Nov, 2009 : Nominum Announces DNSSEC Made Easy Solutions
📅 - Company's latest software release integrates functions needed to deploy DNSSEC at any scale without costly proprietary appliances.
Nominum, a provider of network naming and addressing technologies, today announced new capabilities that eliminate barriers to DNSSEC deployment. The company states that its latest software release completely integrates functions needed to successfully deploy DNSSEC at any scale without costly proprietary appliances. In addition, automation of DNSSEC processes eliminates operational overhead and errors that could cause internet sites to disappear. It claims that coupled with unique layered defenses, it now has the possible protections for internet users relying on both signed and unsigned DNS data.
The company adds that these new features are available in its DNS servers (ANS, ANSP, and Vantio), or with SKYE, its secure and reliable hosted service offering for service provider and enterprise customers worldwide. It explains that its authoritative DNS servers - ANS and ANSP - support the industry's only solution that integrates all DNSSEC functions into the DNS server. The solution simplifies network architectures, improves reliability, and reduces capital and operational expenses. Online or offline deployment models for DNSSEC are supported with all of the automation features. The company avers that signing DNS data is compute-intensive and its new software maximizes performance by dedicating additional processors in multiprocessor platforms to signing. This approach maintains its industry leading performance and 100 percent availability, even as DNS data is being signed.
"Deploying DNSSEC is a major undertaking that is going to take many years with growing pains along the way," said Paul Mockapetris, Chief Scientist at Nominum and Inventor of the DNS. "There is a pressing need to make it easier for brand owners to protect their domains and provide the best protections to users for unsigned domains during and after this migration."
"One of the grand challenges the Internet faces is: How do we make security scale? With over 61 percent of compromises being traced to authentication flaws, we clearly have a big problem. DNSSEC is the big solution that we need to fix authentication," said Dan Kaminsky, the security researcher who identified a key flaw in DNS security in 2008. "And there is progress. I have been proud to see, in the wake of my DNS vulnerability finding, a steady drumbeat towards signatures at the Root and TLD layers. But large organizations need it to be easier and less disruptive to deploy DNSSEC before they can reasonably be expected to secure their own domain names. That is why I am happy to see Nominum adding comprehensive DNSSEC support to their DNS server platforms - and even happier to see DNSSEC almost entirely automated within it. DNSSEC can, should, and must "just work", and Nominum has done an excellent job making that so."
"Since the Kaminsky vulnerability, a lot of progress has been made in DNSSEC deployment with various top level domains signed or committed to be signed. The next battleground in DNSSEC adoption will be in getting brand (domain) owners to sign their data," said John Pescatore, Vice President and Distinguished Analyst, Gartner Research. "Tight integration of key DNSSEC automation functions into the DNS infrastructure will reduce cost and complexity for domain owners. Robust validation solutions eliminate barriers for service providers. Together these capabilities will promote DNSSEC adoption, ensuring Internet stability."
Nominum, a provider of network naming and addressing technologies, today announced new capabilities that eliminate barriers to DNSSEC deployment. The company states that its latest software release completely integrates functions needed to successfully deploy DNSSEC at any scale without costly proprietary appliances. In addition, automation of DNSSEC processes eliminates operational overhead and errors that could cause internet sites to disappear. It claims that coupled with unique layered defenses, it now has the possible protections for internet users relying on both signed and unsigned DNS data.
The company adds that these new features are available in its DNS servers (ANS, ANSP, and Vantio), or with SKYE, its secure and reliable hosted service offering for service provider and enterprise customers worldwide. It explains that its authoritative DNS servers - ANS and ANSP - support the industry's only solution that integrates all DNSSEC functions into the DNS server. The solution simplifies network architectures, improves reliability, and reduces capital and operational expenses. Online or offline deployment models for DNSSEC are supported with all of the automation features. The company avers that signing DNS data is compute-intensive and its new software maximizes performance by dedicating additional processors in multiprocessor platforms to signing. This approach maintains its industry leading performance and 100 percent availability, even as DNS data is being signed.
"Deploying DNSSEC is a major undertaking that is going to take many years with growing pains along the way," said Paul Mockapetris, Chief Scientist at Nominum and Inventor of the DNS. "There is a pressing need to make it easier for brand owners to protect their domains and provide the best protections to users for unsigned domains during and after this migration."
"One of the grand challenges the Internet faces is: How do we make security scale? With over 61 percent of compromises being traced to authentication flaws, we clearly have a big problem. DNSSEC is the big solution that we need to fix authentication," said Dan Kaminsky, the security researcher who identified a key flaw in DNS security in 2008. "And there is progress. I have been proud to see, in the wake of my DNS vulnerability finding, a steady drumbeat towards signatures at the Root and TLD layers. But large organizations need it to be easier and less disruptive to deploy DNSSEC before they can reasonably be expected to secure their own domain names. That is why I am happy to see Nominum adding comprehensive DNSSEC support to their DNS server platforms - and even happier to see DNSSEC almost entirely automated within it. DNSSEC can, should, and must "just work", and Nominum has done an excellent job making that so."
"Since the Kaminsky vulnerability, a lot of progress has been made in DNSSEC deployment with various top level domains signed or committed to be signed. The next battleground in DNSSEC adoption will be in getting brand (domain) owners to sign their data," said John Pescatore, Vice President and Distinguished Analyst, Gartner Research. "Tight integration of key DNSSEC automation functions into the DNS infrastructure will reduce cost and complexity for domain owners. Robust validation solutions eliminate barriers for service providers. Together these capabilities will promote DNSSEC adoption, ensuring Internet stability."
Reads: 1898 | Category: General | Source: http://www.webhosting.info/news/1/nominum-announces-dnssec-made-easy-solutions_1118091241.htm
Want to add a website news or press release ? Just do it, it's free! Use add web hosting news!