Secure, highly available DNS at the edge
Built on aglobally distributed anycast network, it can be implemented as a primary or secondary DNS service, replacing or augmenting existing DNS infrastructure as needed.
Uses: Edge DNS
Primary or Secondary DNS
Deploying a few DNS servers in corporate or cloud data centers might work well for small organizations but is not a sound approach for enterprises whose businesses rely on the Internet. Edge DNS can be used to replace existing DNS infrastructure or to augment primary DNS with a cloud-based DNS that combines high availability, scale, and security.
Simplify Data Center/IaaS DNS Visibility and Threat Protection
Your business applications may be accessing malicious external resources. Simply redirect your application DNS traffic to Enterprise Threat Protector for 100% visibility, increased security, and improved compliance.
Highly Available Websites and Applications
Backed by a 100% uptime service-level agreement (SLA), Akamai’s globally distributed anycast network, consisting of thousands of servers deployed across 195 points of presence (PoPs) in 26 countries, practically assures 24/7 availability of DNS resources, regardless of where and when end users are connected.
Improving End-User Experiences
Reduced latency, resulting from the likelihood that an Edge DNS server is deployed close to your end users, leads to reduced page load times and better overall performance.
Features such as zone apex mapping and vanity names also improve DNS lookups and tie in nicely with Akamai Web Performance solutions.
Features: Edge DNS
Provide a decentralized DNS service to end users that enables the creation of a logical name server comprising multiple physical servers deployed across multiple networks and continents.
24/7 Availability, 100% Uptime SLA
Deliver around-the-clock DNS availability for users throughout the world through Akamai’s globally distributed authoritative DNS platform. Akamai’s SLA guarantees DNS service availability for users even in the event of natural or man-made disasters.
DNSSEC with Edge DNS Secure Option
Guard against DNS data forgery or manipulation with Akamai’s Domain Name System Security Extensions (DNSSEC) option for Edge DNS. Options include Serve DNSSEC for organizations wishing to manage their own keys, or “sign and serve” DNSSEC for organizations that would prefer to fully outsource their key management process.
Protect against DDoS reflection attacks from spoofed IP addresses by only serving content to a list of well-known name servers, updated continuously based on the total web traffic delivered across the Akamai Intelligent Edge Platform.
Powerful Management and DevOps Integration
Manage your DNS configurations from your Akamai Control Center portal or through the Akamai CLI. Leverage Edge DNS application program interfaces (APIs) to automate the integration of Edge DNS with your existing management tools, workflows, and processes. Utilize Akamai’s Terraform integration to help provision and manage properties and DNS zones as code.
Unlike other DNS solutions, Edge DNS is not based on Berkeley Internet Name Domain (BIND) software. Rather, Akamai’s DNS implementation is based on years of development experience with DNS protocols, resulting in an implementation protected from attackers looking to exploit vulnerabilities that have been exposed in BIND.
Zone Apex Mapping
Leverage the mapping data available from the Akamai Intelligent Edge Platform to reduce the overhead associated with CNAME chain lookups. Enable use of Akamai web acceleration solutions for DNS records at the zone apex for which CNAMEs cannot otherwise be used.
Suppress traffic from any IP address exhibiting suspicious behavior. Edge DNS monitors the level of DNS traffic from every IP address and automatically throttles traffic when it detects anomalies — an effective technique for mitigating DNS amplification or volumetric attacks.
Flexible Usage and Administration
Implement Edge DNS as either primary or secondary DNS. Add professionalism and security by using vanity names to rebrand Akamai name servers using your own domain names. Integrate IPv4 and IPv6 addressing as your organization transitions to IPv6. Initiate zone transfers using an intuitive GUI through the Akamai Control Center.
Business Benefits: Edge DNS
Edge DNS features 24/7 availability and comes with a 100% uptime service-level agreement (SLA), providing you with confidence that your customers and employees are always able to access your website and application servers.
Faster Web Experiences
Close proximity to the Akamai Intelligent Edge Platform, along with features such as zone apex mapping, often reduces DNS lookup times, translating directly to faster performance, particularly for websites also using Akamai Web Performance solutions.
Whether replacing or augmenting existing DNS, Edge DNS can be used for primary or secondary DNS. Support for features such as vanity name servers, IPv6, an intuitive user interface, and use of Akamai’s APIs make it simple to integrate and begin using Edge DNS.
Akamai’s global anycast network, distributed throughout 28 countries, accelerates DNS resolutions for users connecting to your sites and applications from anywhere in the world, providing the ultimate in DNS availability and response times.
Between the massive scale offered by the Akamai Intelligent Edge Platform, traffic throttling for devices exhibiting suspicious behavior, DNSSEC, and a trust-based implementation model, Edge DNS is an effective mechanism for protecting your online business from the effects of DNS-based DDoS attacks and other threats.
What is Edge DNS?
The importance of DNS reliability and availability cannot be overstated. When your DNS is attacked or goes out of service, your website and applications become unreachable, and that’s bad for your business. This is why relying solely on your own DNS servers, or on a single provider, makes your DNS — and by extension, your business — vulnerable.
Edge DNS is an authoritative DNS service that moves your DNS resolution from your premises or data centers to the Akamai Intelligent Edge. Edge DNS is architected for nonstop DNS availability and high performance, even through the largest DDoS attacks.
Edge DNS can be deployed as a primary or secondary solution with optional DNSSEC support to protect against DNS forgery and manipulation.