WHAT IS DNS AND HOW DOES IT WORK?
DNS Monitoring - If you know a person's name but don't know their telephone number, you can look it up in a phone book. The Domain Name System (DNS) is like the phone book of the internet—it is how internet domain names are located and translated into Internet Protocol (IP) addresses. The DNS maps the name people use to locate a website to the IP address that a computer uses to locate that website.
Web browsing and other internet activities depend on DNS to provide the information essential for connecting users to remote hosts. DNS mapping is distributed in a hierarchy of authority. Access providers and enterprises, including universities, governments, and other organizations, typically have their own assigned ranges of IP addresses and an assigned domain name. They also typically run DNS servers to manage the mapping of those names to those addresses.
How DNS Works
A DNS process converts a hostname (such as www.example.com) into a computer-friendly IP address (such as 192.168.1.1). An IP address is given to each device on the internet so it can be found. When a user wants to load a web page, a translation must occur between what they type into their web browser and the machine-friendly address needed to locate the page.
Types of DNS Services
-
Authoritative DNS: An authoritative DNS service provides an update mechanism used by developers to manage their public DNS names. It answers DNS queries, translating domain names into IP addresses so computers can communicate with each other. Authoritative DNS has the final authority over a domain and provides answers to recursive DNS servers with the IP address information.
-
Recursive DNS: Typically, clients do not make queries directly to authoritative DNS services. Instead, they usually connect to another type of DNS service called a recursive DNS service, or a resolver. If a recursive DNS has the DNS reference cached or stored for a specific time period, it answers the DNS query by providing the IP information or source. If not, it passes the query to one or more authoritative DNS servers to find the information.
What is the relationship between a CDN and a DNS?
A Content Delivery Network (CDN) is the channel through which internet content is delivered. The primary goal of a CDN is to shorten the physical distance between the requester and the web server hosting the content. A CDN accomplishes this by implementing a distributed network of caching servers to quickly and reliably deliver content to users. When a user requests content from a CDN, the DNS gives the user the IP of the closest CDN server (known as DNS balancing) or a group of servers with the same IP, and then the CDN chooses the closest server (Anycast balancing). Additional benefits of a comprehensive CDN include security features that help minimize attacks, such as DDoS attacks, by balancing the load of such efforts across its network.
How Does DNS Increase Web Performance?
In order to boost efficiency, servers can cache the answers they receive for a specific time period. This permits them to respond faster the next time a request for the same lookup comes in. For instance, if all individuals in a particular office want to access the same training video on a specific website on the same day, the local DNS server will usually only have to resolve the name once, and then it can serve all the other requests out of its cache. The length of time the record is held is configurable. Longer values reduce the load on servers, and shorter values guarantee the most accurate responses.
Choosing a reliable CDN and DNS
There are many CDN and DNS offerings available, so choosing the right one for you can be challenging. Existing in the web world demands that you partner with a company that is able to keep up to date with the ever-evolving environment of the internet. Comodo is a company that has been keeping customers safe over the web for over two decades with its founders establishing itself as the primary global provider of the certificate authority business (SSL certificates). It continues its efforts in securing the online community with its cWatch Web security solution.
Comodo cWatch Web enables websites to leverage its secure Content Delivery Network (CDN) and the use of its Authoritative Domain Name Server to boost performance and increase traffic. The integration of both these services allows cWatch customers to experience:
- Smart Routing: Based on geographic proximity or network conditions, traffic is routed to the most optimal servers
- Instant Purge: Cache invalidation to remove content from cache in milliseconds. When you delete content from our CDN, it is immediately no longer served anywhere
- Remain Online: Higher uptime because our network can serve "stale" content from cache during a failure on the origin server
- Security: Built-in security, hardened by platform-wide features like DDoS mitigation
In addition, its centrally managed Security Information and Event Management (SIEM) system is hosted within both the CDN and the Authoritative DNS to monitor traffic and provide comprehensive visibility. The SIEM is capable of delivering early detection of breaches and threats, rapid incident response times, compliance reporting, and log management. This is executed with threat intelligence data from Comodo's 85 million global endpoints and more than 100 million validated domains to identify risks even before they occur.
The SIEM is considered to be the brain of the cWatch web security stack, sending alerts to the Cyber Security Operation Center (CSOC) team to identify and mitigate threats for a customer even before they can occur and enabling them to respond faster to attacks.
Comodo cWatch Web is the only solution available that offers a complete web security stack that includes more than just a managed CDN and DNS. It includes the following features in one affordable solution:
- Malware Monitoring and Remediation: Detects malware, provides the methods and tools to remove it, and prevents future malware attacks
- Secure Content Delivery Network (CDN): A global system of distributed servers to enhance the performance of web applications and websites
- Security Information and Event Management (SIEM): Advanced intelligence that can leverage existing events and data from 85M+ endpoints and 100M+ domains
- Cyber Security Operations Center (CSOC): A team of always-on certified cybersecurity professionals providing round-the-clock surveillance and remediation services
- Web Application Firewall (WAF): Powerful, real-time edge protection for websites and web applications providing advanced security, filtering, and intrusion protection
- PCI Scanning: With this scanning process, merchants and service providers will be able to stay compliant with PCI DSS
