Jonathan Zarkower

Blog Article: Akamai’s Leading Role in the DNS Renaissance

Blog Post created by Jonathan Zarkower Employee on Oct 12, 2017

In case you haven't been paying attention, an unlikely technology, the Internet's Domain Name System, or DNS, is experiencing a renaissance. For much of its existence, DNS has maintained a simple and singular function - to resolve Internet names to IP addresses. Over the past several years, however, DNS, or more specifically, the recursive DNS (rDNS) resolver, has assumed a number of new roles, made possible by the fact that it's used by almost every Internet-connected device. rDNS is now a services platform. It's a security agent. It's a tool for optimizing delivery of Internet content and offloading traffic from ISP backbone networks. In short, the people who best understand rDNS have not only figured out new ways to use it, they've figured out ways to monetize it.

 

DNS dates all the way back to 1983, when the initial standards were published. It became necessary when the file-based name/address resolution technique used by the initial developers of the ARPANET proved too unwieldy to perform the same role for the rapidly expanding Internet. By 1992, there were about 1 million hosts connected to the Internet, and the ARPANET no longer existed. As of this writing, according to industry analyst Gartner Research, over 8 billion "things" are Internet-connected, and Gartner is forecasting that number to grow to over 20 billion by 2020. As the Internet's stunning growth has continued, DNS has provided the same critical function - ensuring that end-users and devices of all kinds are able to reach the resources they need or want, 24 hours a day, 365 days a year. It's an inarguable fact that without DNS there would be no Internet, which, given Akamai's role in the Internet, has always made DNS an integral part of Akamai and the services our customers use. In fact, it's fair to state that DNS underpins just about everything we do at Akamai, and that's what returns us to the topic at hand.

 

Akamai began to notice additional uses for rDNS several years ago, when a rDNS-related submission to our annual "Wizards" idea competition, called "Secure Recursive DNS Services," took first-place honors. Six months later, Akamai acquired a small company called Xerocole, whose subscriber-intelligent recursive DNS software, AnswerX, quickly evolved to become a technology cornerstone within our enterprise security and carrier product portfolios.

 

Now, Akamai has kicked its commitment to next-generation DNS into overdrive, with the acquisition of Nominum, a company whose founders and top engineers both helped invent DNS, and contributed significantly to its becoming such a useful and multifaceted technology today. With Nominum now officially in the fold, Akamai fields perhaps the most compelling portfolio of security and service-enabling DNS products and technology in the industry. Considering that portfolio, alongside Akamai's authoritative DNS-based cloud service offers, it's safe to say that Akamai is poised to not only participate in, but lead the DNS Renaissance.

 

Akamai’s Commitment to DNS Through the Years

Despite all of the recent innovation in DNS, the majority of the rDNS software running on the Internet, including the version used by many carriers and ISPs, is still based on the open source Unix implementation commonly known as BIND, which was first developed back in 1984, a year after the DNS standards were published. Although it's quite reliable and has added many features over the years, BIND still functions primarily as a basic DNS resolver, meaning network operators and ISPs who use only BIND may not be able to leverage some of the newer capabilities found in commercial DNS solutions from Akamai (which now includes both the AnswerX and Nominum portfolios) and others.

 

DNS-knowledgeable network operators and ISPs, as well as IT organizations and InfoSec professionals, understand this and are therefore looking beyond BIND for a better solution. They understand, for instance, that the EDNS Client Subnet (ECS) extension to the DNS protocol enables more precise and efficient CDN mapping, which can improve service quality, reduce traffic on their network backbones, and even reduce the number of rDNS nodes needed to accomplish that. They understand that next-generation rDNS solutions are capable of protecting their businesses and customers from the recent epidemic of malware, botnets, ransomware, and other targeted threats. And they understand that, by working with a rDNS solutions provider like Akamai, they'll have full access to the benefits provided by these newer solutions. Here are some examples:

 

  • The DNS infrastructure and security solutions from Nominum, which are designed to shield networks, consumers, and small businesses from a range of malicious threats, as well as inappropriate or harmful content, now extend Akamai's ability to help its ISP and network partners as they look to increase ARPU, reduce costs, and boost customer satisfaction.
  • Akamai's Enterprise Threat Protector (ETP) is a rDNS-based service that enterprises use to protect their end-users and networks from a variety of advanced targeted threats.
  • Akamai's AnswerX supports ECS, making it the ideal companion to CDNs for helping accelerate web content and video delivery, and creating network efficiency.
  • AnswerX also breaks the mold for how carriers deploy rDNS infrastructure. AnswerX is the only commercial DNS resolver that can be deployed as a managed service (AnswerX Managed), or outsourced (AnswerX Cloud) entirely, without sacrificing capabilities found in the licensed software. These CapEx-friendly models are well-aligned with the desire of operators that wish to limit spending on new hardware.

This is all good news for the people and things that connect to the Internet, and especially good news for anyone who likes the idea of leveraging DNS, an already fundamental component of the Internet, for a safer, more secure, more cost-effective, and better performing Internet.

Outcomes