Enabling DNSSEC in DigitalStakeout PDNS

DNSSEC (Domain Name System Security Extensions) is a security protocol that provides authentication for DNS data. It is used to protect the internet's global Domain Name System (DNS) infrastructure from various types of attacks, such as spoofing and cache poisoning.

DNSSEC works by adding cryptographic signatures to DNS records, which allows users to verify the authenticity of DNS data received from a server. These signatures are created using public key cryptography, and are stored in special resource records in the DNS.

When a client sends a DNS query to a server, the server can use DNSSEC to provide a digital signature along with the DNS response. The client can then use the public key associated with the domain to verify the authenticity of the response. This ensures that the client is receiving genuine DNS data, and not fake data that has been injected by an attacker.

DNSSEC also includes mechanisms for detecting tampering with DNS data. If an attacker tries to alter a DNS record or its associated signature, the client will be able to detect the tampering and reject the response.

DigitalStakeout PDNS supports DNSSEC by performing validation on queries sent from DigitalStakeout PDNS resolvers to upstream authoritative servers. When you edit a policy, find the "Require DNSSEC" option in the policy editor, and select "Enable" and then "Save" the policy to make the change active.

How to Enforce DNSSEC in DigitalStakeout PDNS

As a DigitalStakeout PDNS customer, you can access the Internet with confidence that DigitalStakeout PDNS is defending your organization from any cache poisoning or DNS spoofing attacks.

• Related Articles

• Using Multi-Factor Authentication with DigitalStakeout PDNS

  DigitalStakeout PDNS supports multi-factor authentication. You will require the Authy application on your mobile device that will be capable of generating  a time-based one-time password (TOTP) authentication code. Download Authy App First ...

• PagerDuty DigitalStakeout PDNS Integration

  Trigger DigitalStakeout PDNS alerts to PagerDuty, so you can remediate cyber security incidents faster. 1. Perform the PagerDuty Setup Process first. PagerDuty Setup Process Login to PagerDuty, go to the Configuration menu and select Services. On the ...

• DigitalStakeout PDNS URL Proxy

  DigitalStakeout PDNS URL Proxy analyzes web traffic for high risk URLs. It examines the domain and full URL of request to determine if it is a threat. The targeted proxy performs HTTPS security analysis of good sites that are exploited to deliver ...

• Threat Hunting with DigitalStakeout PDNS

  A cloud-based DNS firewall, such as DigitalStakeout PDNS, can be an effective tool for threat hunting by security analysts. Here is a step-by-step guide on how a security analyst can use PDNS for threat hunting: Set up PDNS: The first step in using ...

• Point Windows DNS to DigitalStakeout PDNS

  Getting started with Windows (Agent and Agentless) DigitalStakeout PDNS currently supports Windows 7, 8, 8.1, 10, Server 2008, Server 2012, Server 2016, and Server 2019 with .NET Framework 4.5+. Required Ports DigitalStakeout PDNS endpoints will ...