DNS is the address book for the Internet.
It's the way users, customers and partners find a company's online presence and communicate and transact with it. Without DNS - which stands for domain-name system - the Web, e-mail, hosted applications, IP phones and practically everything else done online would become unusable and inaccessible.
Many organizations, especially small businesses don't see DNS as mission-critical and/or lack understanding of its importance. They think that they won't be the target of an attack because they are too small.
Unfortunately, there really is no safety in being an obscure brand. Many Web sites are victims just because they are using the same provider as someone under attack.
Being down for just a short amount of time has big consequences for a small company. It affects their brand and image, making them look unreliable and appearing to have inadequate service. This is especially true for those small companies that are entirely Web-based, or rely solely on the Web for their revenue. For a traditional "brick and mortar" storefront, the financial consequences of being out of commission for even a few hours are easier to see. For example, blizzards in the Northeast during the past year harshly affected many businesses that became inaccessible to customers.
With an online business, not only does a company have to worry about being able to open the doors, but also to continually defend itself from natural disasters and attacks against its supporting infrastructure. If the service isn't available, it's easier for customers to go to a competitor's Web site to get what they want.
DNS is taken for granted mainly because it is and has been available free or in a bundled service with a hosting provider or registrar. However, as with most things, companies get what they pay for. John Kane, vice president for corporate services at Alilias, advises that "when looking for a managed DNS provider, companies should consider a few things to make sure the DNS they are getting is reliable and secure."
Kane offers these pros of a good DNS provider:
Capacity: Many smaller DNS networks use big buzzwords to sound larger than they are and oversell their capacity. A small network can easily be overloaded by extra traffic. Malicious attacks such as distributed denial of service (DDoS) attacks on a Web site or on a DNS provider, or even someone else who is using the same provider as the company, are becoming more common as cyber criminals find easier and less-expensive ways to overrun the DNS. In addition to actual attacks on the DNS, an underprovisioned DNS network could be overworked just by greater traffic than normal, such as a Cyber-Monday sale that lasts only a few hours, or a GroupOn promotion that goes really well. The DNS provider should be capable of handling queries during the highest traffic times, not just on an average day.
Diversity: The more diverse the architecture, the greater the availability. To avoid single points of failure in the DNS, companies should make sure that they, or their providers, have both geographical and hardware and software diversity built into their networks. This means having multiple locations across different power grids and continents, and using different brands of hardware and software. Providers that rely on only a single location for routing all of their traffic are leaving themselves, and the company, vulnerable. Any attack or even a natural disaster can easily take down their entire network and ability to route traffic to the company's Web site. The DNS network should easily be able to route and reroute traffic to other server locations allowing the quickest course in a way that maximizes capacity. In addition, relying on a single software or hardware provider will leave companies vulnerable when the next security exploit is found against them, and force them to take down their entire network in order to issue the required patches. The network should be able to switch to secondary software or hardware with no disruption to the service.
100% Up-time Guarantee: One of the best ways to ensure that a Web site is always available is to require a service-level agreement (SLA) for DNS service. Don't settle for anything less than 100% uptime.
- A 99% SLA uptime equates to 14.4 minutes of downtime per day, and 7.2 hours of downtime per month - almost an entire working day. Can the company afford to lose an entire day of sales?
- If the primary DNS provider is unable to guarantee 100% uptime, the company can guarantee availability instead by adding a secondary DNS provider that will be able to answer DNS queries should something happen to the primary service.
For more information on Afilias, visit http://www.afilias.info.