DNS Protection Tips and Tricks

Most people with personal computers disregard the aspect of Domain Name System DNS protection security hence making their web browsing experience complex. A sluggish DNS service can make your browsing slow, while changes to the DNS can also trigger the " Not Found page" that most people dread. There are various tricks to help you optimally utilize DNS services for your home network or business browsing.


DNS-based attacks are becoming more rampant and organizations need to adopt swift DNS protection services to be more secure. Follow these tips and tricks in building a secure and resilient DNS infrastructure.


Separate DNS service from DNS resolution


Understanding the difference between these two is very important. While DNS service refers to the name-to-address mappings that DNS service providers advertise locally or online, DNS resolution navigates the Internet for name servers to look up for the mappings. Therefore, it's critical to keep the two DNS functions separate.


Use DNS resolver to run DNS resolution on your networks, and aim for minimal configuration so as to reduce the cost of maintaining the servers. You can drop pairs of the resolvers in every security zone if your business premise has several security zones within one building, like internet and guests vs. internal users.


Active directory


When various workstations in a domain use the same server for name resolution and server, you should consider the Active Directory. As an IT manager, you should try to avoid getting out of the Microsoft comfort zone and the standardized configurations by not setting domain workstations to point to separate name resolvers away from the Active Directory DNS servers. This is what most IT managers do, instead of dealing with Active Directory and domains without separating.


DNS server speeds with Namebench


The viability of DNS service depends on various factors such as the distance between the network's router and your PC, the server used for domain lookup, and the DNS hosts of the sites that you're visiting from your computer. So, as much as the service providers keep touting their fast speeds, you ought to test the DNS server speeds with Namebench.


Remember, a DNS server may be faster on one user and slower for another user on the same network because the speed can be affected by the type of websites that an individual visits. Therefore the best option is running some speeds with the Namebench utility that is available for Windows, Mac OS X, and Unix. From the graphical results, you'll determine the best DNS server suitable for your computer depending on the speed improvement on your primary server. There are additional resources at www.bluecatnetworks.com are helpful and can provide you with more information.