IBM NS1 Connect Reviews

We use it for all our external DNSs. We wanted to get away from maintaining our own servers and were looking for the ability to filter records to "steer" DNS requests.

The solution is hosted by NS1. All DNS records are there.

NS1 has reduced DNS maintenance work in our organization because we don't need to manage DNS servers. In addition to not maintaining our own servers, we don't have to update operating systems and handle patches. Those are big savings.

The solution also has a lot of security features to help protect us from DDoS attacks and the like. We don't need to manage that ourselves.

And the automatic steering of requests with the filtered records helps us to utilize our VPN boxes in a much better way. Now, people only need to use one name, whereas previously they had to use many different names to do this. That has helped us enormously.

Along those lines, the filtered records, with which you can build up rules to create load balancing, have improved things a lot, especially now with the pandemic that has resulted in a lot of people working from home. That has really helped the management of our VPN setup to be more flexible in a way that is easier to manage.

NS1 has also definitely improved our end-user experience. First of all, it has servers in different geographic locations. We didn't have that before, we only had them in Europe. And they use a technology called anycast so that a DNS request goes to the closest DNS server for that IP address. That speeds up the DNS resolution for people using the DNS from the internet. It improves performance a little bit for the end-user by minimizing the latency on the internet.

One of the features that is non-standard and that is very useful is the filtered DNS. We have set up our external VPN, which is what all our employees connect through, to use this feature. It's geolocation-aware. In that way, for India we set it up so that these are the servers that should be supporting things, and in the UK these servers, in the U.S. these servers, and in Sweden these ones. If a server is down, it will automatically use a server that is up instead. It's like a load balancer that manages the redirecting of traffic depending on where you are.

The filtered records mean we can set up the rules so that DNS requests are answered exactly the way we want them to be. For example, if my request comes from Sweden, we can have a rule in the filtered DNS setup to go to sslvpnsc.ourcompany.com if it's up. Otherwise, it uses another one. 

The solution has other features where you can import and export data, but we don't use them. We use the more fundamental things, but NS1 is a big help for us thanks to the filtered records.

Another reason we use it is that we use a management tool, where you can update DNS records called Micetro from Men&Mice. It has an integration with NS1 and, for us, this was the perfect combination.

NS1 Managed DNS also has a REST API which makes it easy to integrate things yourself. We collect some statistics by using the REST API. And even if we don't know if we will need it, from time to time we take a backup of all the data records by using that API. It is helpful for automation. The API also made it possible for Micetro to integrate with NS1. Men&Mice used it to integrate their management tool to update, manage, delete, and report, and do everything else you would normally do with DNS from within their platform. The NS1 API is good and flexible.

As for maintaining uptime during a DDoS attack, we haven't noticed anything, so it has been fine from our perspective.

We are in our third or fourth year of using NS1 Managed DNS.

The stability is good. I haven't seen any noticeable downtime.

It's scalable because they have the data in different data centers around the world. Even if one data center is down, a DNS query should be answered by any of the other data centers. That's how the architecture is built. NS1 helps us to meet SLAs and customer demands without adding complexity.

Also, we only use the external DNS, but they have more services that we don't use. So there is scalability from a service perspective as well. We could use it as an internal and external IPAM solution. For functionality, it's really scalable. And with the data centers in different places, I don't think there is a real limitation on the number of DNS records you can have. The scalability is good.

You buy the service with X number of DNS records and Y number of DNS queries. It's also very helpful that, when we see that we are coming close to the limits, we contact our salesperson and they fix it very quickly.

In terms of increasing our usage, we will probably add DNS servers but we will not buy extended services.

Overall, the solution works very well. We have absolutely nothing to complain about. When we have questions or an issue for support, we use email and we get very quick answers and help from the support team. That part works very well. The answers we get are correct. And there were times when I didn't know how to write an API and they did it for me and shared the results.

You always want people to help you quickly. If we compare NS1 to others, it's very good if you can get a correct answer from the others within the same day.

From time to time NS1 has webinars where they discuss different features and what's coming, and that is also good information to get.

In the past, we ran external DNS on our own platform, but we moved to NS1 instead of having our own servers. But we can still use the same management tool because it supports NS1. We configured everything that we migrated in that tool. Our team is still using that tool, Micetro, that they were using before we migrated. Of course, we also use the web interface from time to time, but we use Micetro to update and manage the more standard DNS records.

The initial setup was straightforward. We got help but we didn't need it. We migrated everything ourselves.

We did it slowly so it took about a month. We have 10,000 DNS records in 300 different zones. We took a number of zones per week and migrated them, moving more slowly in the beginning and more quickly at the end. We saved the biggest zone, which is our .com site, to the end. By then, we had all the needed skills and experience for how it worked. We didn't have any problems during the migration.

There was zero downtime involved in the migration to NS1.

We are a team of 10 people who use the tools that are managing DNS records on NS1. And in total, in our company, there are about 350,000 users, including employees and customers.

There was a consultant that could help with the implementation and they explained how it works from the beginning. They helped us as much as we needed. And then we managed the rest ourselves. 

We don't really calculate ROI on this solution, but if we didn't go for NS1 we would have had to enhance our existing infrastructure of servers. Instead of buying new servers and having to build a new infrastructure, we went with NS1 and don't need to buy servers and keep them updated and patched, which is a very big thing for the moment. In that sense, it's a good investment. It's a kind of outsourcing.

Everything can always be cheaper, but as it is today the pricing is fair. No one in our organization who signs the purchase orders is complaining, and they know what it is and what we are using it for.

We didn't evaluate other options because another part of our company was already using NS1. We also looked at the fact that the tool we use, Micetro, was supporting NS1. That meant we could still use the skills we have on that tool and we could also reuse the part that our company was using and integrate everything together. They would get better support and they could also share their skills with us. That's why we did not look at other vendors.

If you need an external DNS provider, NS1 has been a really good provider for us, giving us exactly what we were looking for and with more functionality than we need for the moment, functionality that we can buy additionally. It gives us a type of fault tolerance because it has DNS servers spread around geographically, servers that support each other. NS1 is a very good way to go if you need to change your external DNS infrastructure.

If someone says they don't need to spend money on a solution like this because they have a free cloud provider or basic DNS, it's their choice. It depends on the need they have. In our case, if we didn't go for NS1, we would have had to replace hardware and set up a new infrastructure for DNS. It was a good choice for us together with the filtered records. That is something we couldn't implement ourselves.

When it comes to manual processes, NS1 has not really changed the amount of work we have. Creating a record is creating a record.

We use NS1 as an external DNS for our services. An external DNS is a simple name resolution for an IP address or other hosts. The cool thing about NS1 is that we can integrate our automation process. It automatically publishes new DNS records without having to look manually through a user interface as you would do with normal DNS providers.

It massively speeds things up. Today, we allow developers to deploy services and have externally facing DNS scrapers that are created automatically without the addition of human intervention.

The operational spectrum is somewhat simplified because there is less to manage. We don't have to manage internal and external DNSs, internally and externally. Instead, it is centralised by NS1 who takes care of upgrading and all the patching. 

They have always delivered within their SLA. It has been spot on. The service has been spotless. This is critical for us. If the DNS record didn't work, because it was under spec'd or capacity, then we would materially lose money as a company since our customers rely on our records to function and perform their financial activities.

The ability to automate DNS creation is definitely paramount.

The solution is an API-first platform for DNS and application traffic management. This is exactly what we needed it for since most DNS services don't come with an API. Whereas, being API-driven, NS1 allows us to create automation against it. We can create pipelines, deploy software, and automatically integrate with NS1 in an automated fashion, which is definitely great.

NS1 Managed DNS has helped improve our end user experience, which has sped up our time to market.

We are an external DNS and still maintain an internal DNS. I would like it to have the external DNS separate from the internal DNS. This would give us a sense of security. For example, if there is a problem with the internal DNS, it would not affect the external DNS.

The solution was in place before I joined two years ago. The head of platforms is a friend of mine, so we discussed this solution. It was implemented a full year before my time.

The company has been using it for three years.

The solution's stability is absolutely perfect.

We haven't experienced any downtime whatsoever in the past three years. I am very confident and happy with the service.

We have a platform engineer who maintains it on the client side. From a maintenance point of view, it probably takes a week of engineering's time a year.

It scales perfectly. It is all very transparent.

It is utilised on a weekly basis. Anytime there is a new deployment that requires an external DNS, that goes through NS1. So, records get updated automatically. 

Scalability is something that you can't underestimate with DNS.

We are halfway through the capacity of the service. We are planning to double our userbase by the end of the year, but that won't necessarily correspond to twice the number of requests. Therefore, I would expect an increase of DNS requests to be a third more than they are today.

Our account manager with NS1 has been very good. They are always available.

It has been quite hands-off. In the past two years, we have probably contacted the technical support once. They were spot on. I would give them an eight out of 10, which is conservative, given that I haven't had enough support tickets to really rate them.

Positive

Start with a code-first approach. Try to use the APIs as much as possible from the beginning, instead of being tempted to go through a user interface. Once it is done manually, it stays manual.

We use our client in our infrastructure to communicate with NS1. This client is a bit complex in the way that it is set up. NS1 has their own client solution that you can deploy into your platform to do this, but even that is a bit complex. So, I would like a very simple, thin, light API agent that we can deploy into our platform to communicate with NS1. That would be welcome.

We added another external DNS together with NS1.

On the automation side of things, if we had to manually create all the external entries, it would require a lot of effort, waiting time, and tickets being generated for blockages. 5% to 10% of our automation spectrum is handled by DNS records being generated automatically. Overall, as a company, we do approximately 10 releases a day. Of those 10 releases, if one or two need an external DNS record to be changed or created, then they would get stuck in a queue waiting for a person to create the record manually. So, the solution definitely speeds up our Software Development Life Cycle (SDLC).

Assuming 20 releases a month need manual intervention. If there are 240 releases that need an engineer spending about an hour on them, then I would say that the solution saves us 240 hours.

Look carefully at DNS security. In the last few years, there have been several DNS attacks that leveraged DNS protocols. Therefore, it is important that companies actually know what they are doing with DNS. 

I would rate NS1 Managed DNS as nine out of 10. There is room for improvement.

The product is a DNS as a service and we have automated the creation and deletion of all sorts of DNS records.

We needed to have the fastest and most secure and resilient DNS possible, and that's what we got. We don't worry about denial of service attacks on the DNS, as we've seen other large vendors go through. We have access to a significant and forward-thinking feature set that allows us to use things like DNSSEC fairly easily.

Our DNS response times have improved significantly. I have not compared data within the past year but at the time, we looked at a 99.9% evaluation and saw that NS1 was the most effective and fastest solution.

We have access to enterprise tooling that allows us to have a single pane of glass between our internal DNS solutions and our external ones. We also have the ability to use advanced routing techniques with the rules engine or the additional tooling that NS1 provides.

The application traffic management capabilities using the API are excellent. We orchestrate that API using Terraform, which means that there are no manual steps involved in bringing up a piece of infrastructure that needs a DNS record or maintaining hygiene in our DNS records because services are taken down. All of it is orchestrated with the use of the API with Terraform on top to achieve it. Overall, it's a very robust API and it meets our needs.

While it doesn't apply to the entire company, this product allows us to utilize automation through the API, which saves us a significant amount of time and eliminates manual changes that are error-prone.

We have been unaffected by major DDoS attacks because of the architecture.

This product has allowed us to reduce or eliminate DNS maintenance work. I can't estimate how much time this has saved us but being able to use an API versus manual maintenance means that we don't really have to do any maintenance. We've been given a solution that allows us to automate everything that we need to do.

The automation provided by NS1 means that we no longer have to focus on that work, which allows us to assign staff to other tasks. Time is saved because we don't really use manual processes with the DNS. We try to automate everything we do in the DevOps team, so this has been effective for us.

The most valuable features are the DNSSEC and the general reliability and speed of the service. We find that the low latency access to DNS queries has a direct effect on the customer experience. Visiting a site, whether it's an AdTech-based solution or marketing tech, the fact that whatever we're rendering on a page can be rendered better than the industry standard, in terms of time, ensures a better user experience.

The Application Telemetry feature is awesome. This includes latency detection and it allows us to detect where a customer may run into latency on the internet, giving us the opportunity to route around it. It contributes to providing the best user experience for our clients.

Using the Pulsar feature has certainly improved our user experience. Using Pulsar with telemetry monitoring between the customer and the endpoint, we are able to detect traffic and route it appropriately, which ensures the uptime of our applications and web properties. It also ensures that the lowest latency experience is possible.

We would really like them to become a DNS registrar.

I have been using NS1 Managed DNS for approximately seven years, since 2014, across companies.

I don't have any issues with stability.

Scalability-wise, I haven't had any issues with this product. It is being used wherever we're using DNS and as our business grows, it will be utilized more.

We have a DevOps team and an infrastructure team that uses NS1. The DevOps team mainly manages the automation of the cloud infrastructure and tools, whereas the infrastructure team manages our legacy on-premises data center.

This product provides the scalability we need to help meet SLAs and customers' demands without adding complexity, which is very important to us. Although it doesn't happen as often anymore, there can be significant changes in the demand for our service. This has the potential to overwhelm services, just like we see in denial of service attacks. However, the available capacity in NS1 has meant that we've never had a challenge with that.

I have worked with the customer success team and the experience was world-class. They're a customer-first team and they are always available. We reach out to them on Slack and they're always there for us. They're straightforward and transparent about any possible issues that they have on their side and overall, it's a wonderful experience.

The same is true for the product's technical support. They're always there for us and transparent about any challenges.

In the past, the company used Dyn, which is now by Oracle. I have also used UltraDNS.

There were several reasons that we switched. The number one reason is support and service, the second is the forward-thinking functionality and features, and the third reason is the cost.

At this company, the initial setup was very straightforward.

It was an import, and it was completed in a matter of hours or less.

Our implementation strategy was to import or migrate the zones from a previous NS1 account that was owned by another company, and then make the necessary registrar changes. During our migration, there was zero downtime.

I implemented NS1 Managed DNS at my current company. We completed the deployment in-house.

ROI is hard to quantify but in terms of application uptime and customer experience, we have seen a return on our investment.

The cost of this product is one of the reasons that we chose it.

There may be overage costs in addition to the standard licensing fees, although I haven't experienced them.

I looked at the Dyn and UltraDNS solutions. I also looked at Akamai Fast DNS and some of the cloud services. The two main reasons that we chose NS1 are the low-latency DNS, and a feature set that was unique and seemed to be beyond what anyone else was doing.

My advice for anyone who thinks that they don't need a solution like this because they have a free or basic DNS with their cloud provider is that they need to evaluate how DNS solutions may affect the customer experience. They should consider the global footprint of NS1, the network architecture, and where they implement Anycast. If these things don't matter then they're probably not running a business that relies on website revenue or has a website that represents their business.

The biggest lesson that I have learned from using this product is how easy it was to implement it, and that doing so probably reduces the risk of migrating to a new DNS solution.

This is a product that I have recommended to many different people. In general, I would say that this has been the easiest solution to manage and implement.

I would rate this solution a ten out of ten.

We use NS1 as the primary point of contact, the first point of contact for a client to reach us, to discover a DNS. We use NS1 in two ways: We use the Managed DNS product and the Dedicated DNS product, which gives us redundancy. Our primary use-case is for getting users to the CDN [content delivery network] one that is best suited for each user.

We have an automated deployment, so we use Terraform to deploy changes.

The managed solution is completely managed by NS1; it's not on-premises.

The integrations for monitoring events is helpful. Monitoring of events can change things in the Filter Chain. That helps our team receive alerts. Our team is kept in the loop about what is happening.

When it comes to maintaining uptime during a major DDoS attack, NS1 is very good. NS1's Dedicated DNS gives us redundancy. In addition, NS1 has worked closely with us to get us into the position we are in today. They do a good job in communicating problems and of looking forward with their solutions. They don't just address the current issue when it comes to DDoS and mitigation. These are continuous issues. It's not just a one-off that you handle once. They look for solutions that will solve future DDoS impact.

It has also improved our DNS response times. Because we have been using NS1 for quite a long time, it's hard to estimate how much response times have improved. But since we started with them we have definitely done better. The most critical thing that we look at, rather than the response time, is the time for propagation, and that's been very good.

The solution has also massively reduced DNS maintenance work in our company. The way we were set up a long time ago was that we would maintain things by ourselves, and now we don't do anything along those lines. For the external DNS, we do about 10 percent of the amount of work that we did previously. That's a huge improvement. The amount of maintenance has gone down significantly and our maintenance cost is down by at least 70 percent, for the external DNS.

NS1's automation has also enabled us to assign people to other kinds of work. It saves us time so that we can concentrate on other things.

Overall, it has helped to improve our end-user experience. Knowing the DNS delivery part is taken care of is important; performance is very critical. Taking users to the right CDN or data center is very important for the end-user experience. NS1 is part of the set of tools we have to achieve that better user experience and to get them to the right place.

The Filter Chain is one of the most valuable features, for geo-load balancing and geo-fencing. The Filter Chain is the most useful because it allows us to do several things. With geo-fencing we can redirect a particular user to a particular answer. That's very valuable for us. Filter Chains with monitoring is our strategy to provide redundancy.

We also use the automation extensively, with Terraform.

From the get-go, we have used the API from NS1. We have hardly used the solution's UI. For any major changes, we use the API and that works brilliantly for us. As an infrastructure team and organization, we heavily value infrastructure as code, so this is a great approach. Any feature that comes into the Filter Chain gets exposed first to the API, before it even goes to the human resources. It works very well and enables us to adapt a complete infrastructure-as-code approach.

The real-time telemetry and ecosystem of integrations were also a key part for us when choosing among multiple vendors, because of geo-location. It's very crucial for us. Choosing which server to use, in case of an emergency, for example, we depend on NS1's monitors. It's reliable and hasn't caused us any trouble. Another advantage is that there are multiple regions for the telemetry collections so, even if one of them has an issue, we are confident that there is enough redundancy to let us sail through the problem.

The Filter Chain simulation is really good in the UI, but it would be nice to have something similar in the API so that we could simulate and test things before we deploy them.

And while it's not exactly a problem, a nice-to-have would be a faster API. If we have to make a change to many things, it would be nice if there were a bulk change operation. For example, if we want to change TTL, we would just issue one bulk operation. We can make the calls simultaneously, but there are limits, even if you do things in parallel. 

I have been using NS1 Managed DNS in this company for about five years.

The stability has been very good. We haven't really had major problems. Especially, since we have the Dedicated DNS as well, our setup of NS1, as a whole, the Managed and the Dedicated, is very stable.

We have confidence in NS1 that they will take care of our scaling needs. It's a hosted solution so we just send our traffic to them and, so far, there haven't been any issues.

The solution has helped us to meet SLAs and customers’ demands, without adding complexity. The scalability, when it comes to traffic, is very important because our traffic pattern changes. It's not a straight line on the graph. Scalability is a key feature for us.

When we got started with Dedicated DNS, the technical support worked with us and they were really good and helpful.

The initial was very simple and straightforward. Initially, sending the users to one of the data centers regions was the most complex part, but we had good help from support to understand Filter Chains and to set things up correctly. The process didn't take too long.

We didn't have any downtime when migrating to NS1 because we had external DNS as well.

Our experience with the NS1 customer success team has been good. We have worked closely with them on many occasions. Some of the problems were even new to them, because we had unique features. They were happy to engage and bring in people from their core engineering teams to help. It has been really nice working with NS1's customer success teams. That's one of the biggest advantages of NS1.

I believe we have seen ROI, and that's why we keep going back to them. We've been using them for five years and that is a long time. It's useful for us and it delivers.

We recently evaluated another solution, but the complexity involved with it was slightly high. With NS1, our Filter Chain is cleaner. Also, scaling would add a complexity factor with the other solution.

If someone says they can use a basic DNS, one issue is that it only works to a certain scale. After a certain limit you will have to pay exponentially more. You need to be aware of up to what scale a solution will work for you. Another issue to consider is the flexibility. An enterprise solution has features, such as the Filter Chain, to do complex things, and they might not be available in the free solutions. A third factor is support. That is one of the key features in evaluating these solutions, especially if you're building a product that is critical for a customer. I'm not sure that the free solutions provide that level of support. All of these factors are very good with NS1.

Engage as much as you can with their customer success team. Explain your use cases very well and they will suggest good solutions that are the perfect fit. Keep in touch with their team. NS1 is an evolving product. The more you stay in touch with the customer success and technical support teams, the more likely it is you will be successful.

Also, focus on automation. NS1 is API-driven. The fact that we are really focused on and invested in automation tools has really helped us.

NS1 holds all of our domains.

When we started using it, we didn't use it with API automation. Today, we do everything with automation and run everything with our automation, so that any change we run, all the data is backed up with GIT. Changes are done with an API so that there is no manual work. It reduces errors significantly and allows us to quickly roll back all the activities on the platform. It works flawlessly for us. Deployments are very fast. There's absolutely no complaint there.

We manage our internet facing traffic with it.

We use it for traffic optimization. I have optimized the traffic using this feature by 20%.

DNS obviously plays a major role in DDoS attacks. It's something that is under attack, but it's also a major player in its ability to defend. NS1 has been doing an amazing job with that.

It has improved our DNS response times as well. 

We've been using Managed DNS for the past 10 years. We moved from a different vendor a few years ago. Generally speaking, I would say that Managed DNS reduces the overhead. 

NS1's automation has enabled us to assign tasks to other work because we have very little DNS right now because it's all managed. It frees up SRE time to deal with actual internal system and application management, instead of managing the infrastructure that can be managed by a third party.

It helped to improve our end-user experience because users get better service by accelerating the response time.

We have also seen benefits when it comes to speed, time, and cost.

The ability to manage traffic, what's called Smart Domains or Smart Record, enables us to provide our customers the relevant, closest data center by providing the correct IP address according to geography or other logic. The ability to see real-time performance is also very useful. 

Everything we download into our observability platform so that we can also track any changes in traffic behavior or things like that is also something that we use quite a lot. I'd say traffic management, the speed of updates, and observability are the top three things that we use.

Observability means monitoring the API, the ability to see the traffic at the different levels, the ability to connect the right record to the right place, and then see everything within the platform or within our observability platform. It is really useful. The automation and the fact that they provide the connectivity into Terraform, for example, is very useful because it allows for ease of integration. I don't have to write the right API integrations myself. We can actually use industry standards that are available out there.

There could maybe be additional ways to manage traffic. There are no major improvements we're looking for. It's a very complete solution. 

I have been using NS1 Managed DNS for over four years. 

The platform itself is stable and highly available. We had very few incidents and never full downtime.

We have not found any scalability issues. We are running a pretty large operation ourselves, of around 100,000 requests per second, and we have never had any scalability issues with the platform. It's always scaled to the size that we need.

It provides scalability to help meet SOA and customers' demands without adding complexity. DNS is a basic part of any solution. And once you have 100,000 requests coming in and you need to make sure that the connectivity is there, the response time is there, the error levels are as low as possible, and every request actually gets an answer. If a third party can do this and I can take care of my actual application and not think about the path into my application, that is very useful.

The only time we used support was when we migrated the additional features around security. They were highly professional and available. They are very good at what they do.

Post-deployment their support was very good. I would rate them a ten out of ten. They are very knowledgeable, not only about their product but about general DNS protocols, from performance to global interconnectivity. They were able to look at the whole picture and the small details within the picture as well.

We switched from Akamai. It was slower and had fewer features.

The initial setup was very straightforward. Using the migration itself was easy. The ongoing monitoring and change for the service, the support that we got from NS1, was all very clear. They are all very professional. There was no downtime. It's very, very straightforward. It took a few weeks. It was very short. 

We kept a backup of the old service up and running, and moved 50% of the traffic into the new DNS and then into the new managed service. Then once we saw everything was running smoothly, we deployed the rest.

We were working with NS1's customer success team during our deployment. I was satisfied with their support. 

We have seen better performance. It's very hard to measure if there is an ROI here, but we have absolutely seen better performance, and that is the important part for us.

We also looked at Neustar. NS1 solution has many more features and it works faster than any of the other solutions. It was also that the pricing was clearer and much easier to work with in terms of the tiers of the pricing. It was really the full package.

For those who have a free cloud provider or basic DNS, I would say that the road into the application and the road into your infrastructure is part of the actual solution that you provide. DNS is part of that pavement. That is the road that end-users reach your application. The higher quality you can have there, especially if it's at a reasonable price means that you will be able to better serve your customers. And that is an important part of IT. Eventually, we are here to serve the business and if we can serve them better then it has an impact.

Once you have it side-by-side to your existing solution and the stability, speed, reduced error level, the easy connectivity into other platforms, observability, and automation are all worth the investment in engineering time and cost.

I would rate NS1 Managed DNS a ten out of ten.