Advantages and disadvantages of cloud DNS
by Web Digital Media Group Web Digital Media Group Companies that are considering IT
infrastructure outsourcing should also consider moving public DNS services to
cloud service providers' managed DNS services. But before that, you have to
understand the advantages and disadvantages. Let's look at each one.
Benefits
of Cloud DNS
Resilience
Cloud DNS provides reliability and fault tolerance with a
fully redundant, geographically dispersed network and DNS server
infrastructure. A company's internal DNS infrastructure often lacks this
redundancy, especially because its own DNS servers do not share synchronized
distributed domain information. Businesses must implement redundancy in their
services. Failure of a DNS server without redundancy can have a significant
business impact. If the network fails in the corporate network without internal
and internet redundancy, connectivity to the DNS infrastructure is compromised.
If the redundancy of the DNS server you are using is not high, the cloud DNS
service will greatly improve resilience to the failure.
Companies often
maintain DNS servers on the Internet barrier network and make them reach the
world through TCP port 53 and UDP port 53. If there is only one authoritative
DNS server in the enterprise, and if we serve the world here, there will be
additional latency in query processing in remote areas. By leveraging a cloud
DNS service provider with many DNS servers geographically dispersed and using
anycast to deliver high availability and performance by directing traffic from
the destination group to the nearest location, have.
Cloud DNS
service providers use anycast to build a scalable and redundant DNS
infrastructure. Enterprises need to invest a lot of money to implement this
degree of redundancy using their own animate and BGP routing.
DNSSEC support
Domain Name
System Security Extensions (DNSSEC) authenticate DNS records with cryptography
and defend and protect many of the most common DNS security problems. However,
there are many companies that have not yet introduced DNSSEC, because they are
not familiar with the configuration and benefits. That's why it's easy to
configure DNSSEC and lack a DNS server that can automatically perform key
rotation and updates on a regular basis. A DNS administrator can cause a
serious problem if he makes a mistake that he forgets to rotate the key every
year. Cloud DNS service providers can automatically implement DNSSEC, implement
it very easily, and automatically rotate keys.
DNS DDoS Protection If a company deploys its own DNS server, the
capacity of this server can not defend a large DDoS attack against DNS servers.
Companies need to invest a lot of money to build a highly scalable
infrastructure that can absorb these attacks. Cloud DNS service providers can
greatly enhance resilience to DNS DDoS attacks. The ability to absorb attack,
expand to attack, and ability to quickly alleviate attacks are much better.
Cloud DNS service providers also have the ability to automatically scale
resources based on much more bandwidth links, diverse resources, and
transaction size.
Improving Security Because
DNS is a service that is connected to the
Internet, companies must continually monitor the security of the server,
maintain patching, and ensure that the DNS resolver is not open. Cloud DNS
service providers constantly patch, scan, secure, and monitor redundant DNS
servers.
Advanced Traffic Routing
In addition,
cloud DNS service providers offer advanced traffic routing capabilities that
may not be feasible in an enterprise's internal DNS servers. For example, AWS's
Route 53 Cloud DNS service supports several advanced traffic routing policies,
including simple failover, round-robin, latency-based routing, geographic DNS,
and proximity routing. To build this level of functionality for your
enterprise, you need to build a geographically dispersed DNS server, with
sophisticated load balancing at each location. In short, a lot of investment is
needed.
Potential Cost Savings By using
cloud-based
managed DNS services, you can save money by building multiple physical servers,
licensing the operating system, and investing human resources in DNS
maintenance and configuration. In particular, if you need DNS server hardware
and software upgrades, it may be better to use cloud DNS services instead of
spending capital on new DNS servers.
Better configuration / change tools
It can be
difficult to change DNS quickly with existing systems in the enterprise. It may
be difficult to automatically make software changes based on triggering events.
It also runs internal IT processes that require submission of support tickets
to DDI teams whenever changes or additions are required. Cloud DNS service
providers have software-programmable interfaces and scripts. Based on this, DNS
records are automatically generated and updated. You can dynamically add or
change DNS resource records using the service provider's API.
Better monitoring, visibility and
reporting
Many companies
do not know the importance of DNS servers. I do not fully understand the
'dependency' that the whole IT infrastructure relies on DNS. Existing
on-premises (internal) DNS systems may lack or lack the visibility and
performance monitoring and operational metrics. On-premises DNS servers may not
have useful reporting, useful insight (information) capabilities related to
resolving DNS. Cloud DNS service providers
monitor and maintain their infrastructure 24 hours a day to generate revenue.
Sponsor Ads
Created on May 26th 2018 06:44. Viewed 769 times.