IPAM

Signing DNS data with DNSSEC enables an organization to authenticate its web addresses and other published DNS information, i.e., to secure its namespace. DNSSEC also protects against DNS cache poisoning attacks when DNSSEC validation is enabled on DNS recursive server resolvers. As such DNSSEC is a critical component of a comprehensive DNS security strategy which should also include use of functional and port access control lists (ACLs), transaction signature keys to sign updates and transfers among servers, detection of DNS anomalies, and possibly domain name filtering or firewalling to restrict communications among malware-infected devices and corresponding command and control centers. BT Diamond IP is sponsoring a DNSSEC survey to gather input from DNS and network administrators regarding their opinions about the value of DNSSEC, potential obstacles to implementation, and relative priority of deployment. And you are hereby invited to participate! The survey consists of twelve que

When you think of an Internet firewall, you likely think of a gateway device which examines IP packets flowing through it and which selectively blocks or redirects those packets meeting certain criteria. Such criteria may include filtering parameters such as IP addresses or ports such that when an IP packet under inspection matches such parameter settings, the packet is blocked or otherwise handled according to policy settings. A DNS firewall performs similar examination and policy handling functions for DNS queries to prevent unwelcome DNS and subsequent data traffic. Another common assumption associated with Internet firewalls is that they are deployed on the perimeter of a network with the intention of protecting the network from attacks originating external to the network. DNS firewalls however protect the network against attacks that originate within the network. Why worry about internal attacks if morale is sky high and IP firewalls are seemingly impervious? With the proliferat