In case you haven’t been paying attention, an unlikely technology, the Internet’s Domain Name System, or DNS, is experiencing a renaissance. For much of its existence, DNS has maintained a simple and singular function – to resolve Internet names to IP addresses. Over the past several years, however, DNS, or more specifically, the recursive DNS (rDNS) resolver, has assumed a number of new roles, made possible by the fact that it’s used by almost every Internet-connected device. rDNS is now a services platform. It’s a security agent. It’s a tool for optimizing delivery of Internet content and offloading traffic from ISP backbone networks. In short, the people who best understand rDNS have not only figured out new ways to use it, they’ve figured out ways to monetize it. But we’ll return to that shortly.
DNS dates all the way back to 1983, when the initial standards were published. It became necessary when the file-based name/address resolution technique used by the initial developers of the ARPANET proved too unwieldy to perform the same role for the rapidly expanding Internet. By 1992, there were about 1 million hosts connected to the Internet, and the ARPANET no longer existed. As of this writing, according to industry analyst Gartner Research, over 8 billion “things” are Internet-connected, and Gartner is forecasting that number to grow to over 20 billion by 2020. As the Internet’s stunning growth has continued, DNS has provided the same critical function – ensuring that end-users and devices of all kinds are able to reach the resources they need or want, 24 hours a day, 365 days a year. It’s an inarguable fact that without DNS there would be no Internet, which, given Akamai’s role in the Internet, has always made DNS an integral part of Akamai and the services our customers use. In fact, it’s fair to state that DNS underpins just about everything we do at Akamai, and that’s what returns us to the topic at hand.
Akamai began to notice additional uses for rDNS several years ago, when a rDNS-related submission to our annual “Wizards” idea competition, called “Secure Recursive DNS Services,” took first-place honors. Six months later, Akamai acquired a small company called Xerocole, whose subscriber-intelligent recursive DNS software, AnswerX, quickly evolved to become a technology cornerstone within our enterprise security and carrier product portfolios.
Now, Akamai has kicked its commitment to next-generation DNS into overdrive by agreeing to acquire Nominum, a company whose founders and top engineers helped invent DNS and who has contributed significantly to its becoming such a useful and multifaceted technology today. With Nominum in the fold (the acquisition is expected to close during the fourth quarter of 2017) and complementing the AnswerX products and technology, alongside Akamai’s authoritative DNS-based cloud service offers, it’s safe to say that Akamai is poised to not only participate in, but lead the DNS Renaissance.
Akamai’s Commitment to DNS Through the Years
Despite all of the recent innovation in DNS, the majority of the rDNS software running on the Internet, including the version used by many carriers and ISPs, is still based on the open source Unix implementation commonly known as BIND, which was first developed back in 1984, a year after the DNS standards were published. Although it’s quite reliable and has added many features over the years, BIND still functions primarily as a basic DNS resolver, meaning network operators and ISPs who use only BIND may not be able to leverage some of the newer capabilities found in commercial DNS solutions from Akamai, Nominum, and others.
DNS-knowledgeable network operators and ISPs, as well as IT organizations and InfoSec professionals, understand this and are therefore looking beyond BIND for a better solution. They understand, for instance, that the EDNS Client Subnet (ECS) extension to the DNS protocol enables more precise and efficient CDN mapping, which can improve service quality, reduce traffic on their network backbones, and even reduce the number of rDNS nodes needed to accomplish that. They understand that next-generation rDNS solutions are capable of protecting their businesses and customers from the recent epidemic of malware, botnets, ransomware, and other targeted threats. They understand that, by working with a rDNS solutions provider like Akamai, they’ll have full access to the DNS Renaissance and all its benefits. Here are some examples of how:
- Akamai’s Enterprise Threat Protector (ETP) is a rDNS-based service that enterprises use to protect their end-users and networks from a variety of advanced targeted threats.
- Akamai’s AnswerX supports ECS, making it the ideal companion to CDNs for helping accelerate web content and video delivery, and creating network efficiency.
- AnswerX also breaks the mold for how carriers deploy rDNS infrastructure. AnswerX is the only commercial DNS resolver that can be deployed as a managed service (AnswerX Managed), or outsourced (AnswerX Cloud) entirely, without sacrificing capabilities found in the licensed software. These CapEx-friendly models are well-aligned with the desire of operators that wish to limit spending on new hardware.
Now, with the addition of Nominum, Akamai’s DNS and security portfolios will be enhanced even further with a number of new capabilities, including advanced threat intelligence; a robust on-premise authoritative DNS solution; and value-add rDNS security for small businesses that could extend Akamai’s ability to help its ISP and network partners further as they begin to think about their DNS infrastructure as a potential way to increase ARPU, reduce costs, and boost customer satisfaction.
This is all good news for the people and things that connect to the Internet, and especially good news for anyone who likes the idea of leveraging DNS, an already fundamental component of the Internet, for a safer, more secure, more cost-effective, and better performing Internet. So, here’s to Nominum and Akamai, and of course, to the DNS Renaissance!