IP anycast is a network addressing and routing methodology that allows IP addresses to be announced from multiple points on the internet. In the context of DNS, IP anycast describes how multiple nameservers will have the same IP address and respond to a DNS query made to that address, ensuring that the user always connects to the closest server for performance and availability.
Elevate your DNS security and performance using our powerful edge platform
How Edge DNS works
New Features
Akamai Shield NS53 is a reverse proxy solution that protects on-prem and hybrid DNS infrastructure — including GSLBs, firewalls, and nameservers — from resource exhaustion attacks. Customers can self-configure, manage, and enforce their own dynamic policies in real time.
Features
- Enable the use of a logical name server on multiple physical servers deployed worldwide
- Use a bidirectional reverse proxy service that protects your on-prem and hybrid DNS assets from resource exhaustion (NXDOMAIN) attacks
- Protect DNS from attackers exploiting vulnerabilities and risks such as source address spoofing
- Prevent attacks caused by DNS forgery with Domain Name System Security Extensions (DNSSEC)
- Allow developers to automate Edge DNS through APIs and existing management tools
- Prevent IP address spoofing attacks by prioritizing workflow for trusted recursive nameservers
- Leverage a unique architecture that segments DNS resources across non overlapping clouds
- Gain actionable insights and analytics on peacetime and under-attack DNS infrastructure performance
Customer Story
DNS Security Use Cases
Learn how Akamai’s DNS security assists with these specific needs.
End-to-end protection
Unified DNS posture
Secondary DNS
DNS analytics insights
DNS management
End-to-end protection
Comprehensive DDoS protection
Edge DNS provides you with the scale and capabilities for normal operation, even when high-volume incidents are occurring, delivering nonstop availability of web applications and APIs. It also provides zone apex mapping and integrated traffic management with a 100% uptime SLA.
Unified DNS posture
Unify your DNS security posture
Leverage the scale and power of Edge DNS as a cloud-based authoritative DNS solution or combine it with Shield NS53 to protect and intuitively manage your on-prem and hybrid DNS infrastructure to unify your DNS security. Additionally, utilize Edge DNS and Shield NS53 with Prolexic — Akamai’s purpose-built DDoS protection platform — to protect your digital infrastructure across all layers, ports, and protocols.
Secondary DNS
Secondary DNS
Get management of DNS secondary zones on internet-facing DNS infrastructure and added protection for primary DNS resources, with a highly available secondary resource.
DNS analytics insights
Actionable insights from DNS analytics
Get incisive insights from peacetime as well as under-attack traffic and performance of your DNS infrastructure to proactively plan and secure your online web presence.
DNS management
DNS code and traffic management
Simplify and automate DNS workflows by integrating Edge DNS with standard DevOps toolkits and resources through APIs. Edge DNS distributes DNS queries to optimize response times and maintain availability in response to data center/server health, providing operational simplicity, optimal app/API performance, and high availability.
Frequently Asked Questions (FAQ)
It is not uncommon for organizations to have some on-prem DNS nameservers and GSLBs for administrative or compliance requirements, and not be able to migrate all their zones to a cloud-based authoritative DNS solution. In such cases, Shield NS53, Akamai’s bidirectional reverse proxy service, offers comprehensive security from malicious attacks, and improves performance by enabling customers to self-manage policies, access control lists, and caching responses to alleviate the load on their on-prem DNS infrastructure.
Edge DNS does support DNSSEC. Customers that require support for DNSSEC should purchase the Secure Option of Edge DNS.
Edge DNS provides an availability SLA with guaranteed 100% uptime. Additionally, Edge DNS does not charge you any extra fees for DDoS-related traffic — which can be substantial, given the size of modern attacks.
Akamai understands that having a single solution for provisioning and configuration of both zone and traffic management can be important for our customers, which is why we are combining the capabilities of these two solutions into one. Now, with Edge DNS, you also have:
a. A way to simplify workflows to configure policies, such as geographic-driven answers
b. Convenient access to more extensibility and flexibility for DNS workflow
c. A low-cost way to handle unique addressing requirements such as compliance
Resources
Free trial: Try Edge DNS/Shield NS53 for 30 days
Discover the benefits of Edge DNS or Shield NS53 for yourself:
- Nonstop DNS availability, guaranteed
- Protect your on-prem and hybrid DNS assets
- chieve peace of mind with secondary DNS
Set up your 30-day free trial:
- Submit form
- Confirm your email
- Pass Akamai’s validation and vetting process
- Receive login instructions
- Log in and set up your instance of Edge DNS or Shield NS53
Terms and restrictions apply