Top 8 Domain Name System (DNS) Security

Cisco UmbrellaTitanHQ WebTitanInfoblox BloxOne Threat DefenseInfoblox Advanced DNS ProtectionF5 BIG-IP DNSPalo Alto Networks DNS SecurityEfficientIP DNS GuardianWebroot DNS Protection
  1. leader badge
    The primary advantage of Cisco Umbrella is its ability to safeguard our users no matter where they are working from - whether it's in the office or remotely, as per the new work model that has emerged globally. This integrated security solution has simplified our lives by combining all the necessary security measures in one product. Additionally, deploying the product is all it takes to protect all our users.
  2. Among the valuable features of WebTitan are the ability to white-label it, which is important for us, the fact that it is fully a cloud platform... and the ability to integrate with Active Directory
  3. Buyer's Guide
    Domain Name System (DNS) Security
    June 2023
    Find out what your peers are saying about Cisco, TitanHQ, Infoblox and others in Domain Name System (DNS) Security. Updated: June 2023.
    710,326 professionals have used our research since 2012.
  4. Infoblox BloxOne Threat Defense furthers the existing security posture rather than replacing or trying to replace any existing products.The most valuable feature is blocklisting. It's good at what I like to describe as the "silly side cases." We have this annoying security architecture that says we must do this, that, and the other, so we try to make it easier on ourselves.
  5. The most valuable feature of Infoblox Advanced DNS Protection is its performance and visibility.It is a stable solution.
  6. Stability-wise, I rate the solution a ten out of ten...Stability-wise, I rate the solution a ten out of ten.The most valuable feature of the solution is security.
  7. So, in general, it's very stable because the process to deliver new features and new releases in not so long...I rate the scalability a nine out of ten.
  8. report
    Use our free recommendation engine to learn which Domain Name System (DNS) Security solutions are best for your needs.
    710,326 professionals have used our research since 2012.
  9. You can run a DNS server directly from EfficientIP to help mitigate all DNS attacks from various sources. This is a very good feature.
  10. When compared with other products, Webroot DNS Protection is the best to secure the end users.The dashboard of the solution is a valuable feature.

Advice From The Community

Read answers to top Domain Name System (DNS) Security questions. 710,326 professionals have gotten help from our community of experts.
Netanya Carmi - PeerSpot reviewer
Netanya Carmi
Content Manager at PeerSpot (formerly IT Central Station)
Netanya Carmi - PeerSpot reviewer
Netanya Carmi
Content Manager at PeerSpot (formerly IT Central Station)
Dec 11 2022

What benefits does it bring your company?

Domain Name System (DNS) Security Topics

How does DNSSEC work?

Domain name system security (DNSSEC) adds a level of protection to the DNS by using two digital keys to authenticate any address retrieved by the DNS. One of the keys is held privately by the owner of the website and revealed to no one. The other key is present in the code of the web page where anyone can access it publicly. These keys attempt to verify the authenticity of a signature on the web page data that the DNS pulls up. A search for a web page prompts the DNS to retrieve and attempt to match the public key to a digital signature that stamps the data. If the key confirms that the signature is valid, then the information is returned to the person who issued the query. However, if the key is unable to verify the data as valid, then the data is rejected. The system will assume that it is under attack and will issue an error message.

What is the purpose of DNSSEC?

The reason that domain name system security is necessary is that by itself the DNS is not secure. It is possible for hackers to manipulate the DNS and send users to any web page that they desire. An unsuspecting person can be redirected to a site which can maliciously target them. Hackers have the ability to forge DNS data and make it so that the IP address appears to be anything that they want. The computer that launches the query ordinarily would not have any way to determine the true source of the data. The development of DNSSEC created a way of securing the DNS against data forgery.

What is the difference between DNS and DNSSEC?

A domain name system (DNS) is an object in itself. This is a program that takes domain names and transforms it into a format that computers are able to read. It exists as its own independent entity and requires nothing else for it to be meaningful. Domain name system security (DNSSEC) is a protocol that exists as an addition to DNS. DNSSEC provides a layer of security to the DNS which is otherwise pretty insecure. For this reason, DNSSEC only has meaning when seen as an add-on to the DNS.

DNSSEC Benefits

There are a number of benefits that come with the use of domain name system security (DNSSEC). It can:

  • Bring a greater level of peace of mind to computer users. Users do not have to worry as much that they are going to be receiving malicious data.
  • Make computers safer from attack by hackers than those not employing this DNS extension. With DNSSEC, non-authentic data is rejected and not allowed to infect the computer that it may be targeting.
  • Build a greater level of trust, which will allow for more services to migrate online in the future.


Buyer's Guide
Domain Name System (DNS) Security
June 2023
Find out what your peers are saying about Cisco, TitanHQ, Infoblox and others in Domain Name System (DNS) Security. Updated: June 2023.
710,326 professionals have used our research since 2012.