IBM NS1 Connect Reviews

We use Managed DNS to steer traffic for our API. It handles customer-facing records and the upstream selection logic. 

Managed DNS enabled us to build what we have built. No other DNS solution could do what NS1 is doing as efficiently and developer-friendly as needed. When we chose NS1 in 2014, we were selecting from a bunch of other vendors and potential solutions. We were about ready to give up and develop a homegrown DNS solution because we were not happy with everything that existed. By that, I mean every possible DNS provider around the world. No other solution could handle our load, so we were thinking about building our own when we were introduced to NS1. 

Our use case is customized. They developed custom features for us like Managed DNS features filter-chain technology. NS1 has a logic that isn't possible to express with other filter chains. They created a filter that merges using custom logic. It improved our DNS response times in general. We migrated from Route 53 to NS1, and the response time works pretty well for us.

We leverage two things from Managed DNS that we couldn't do with any other solution. One is their filter chain technology, which allows us to shift some of the intelligence we need for the traffic steering to the DNS. The second one is data sources, which enables us to manipulate multiple records simultaneously using NS1's internal message DOS. In our case, we are trying to direct the traffic in over 150,000 different NS1 records to an arbitrary set of repeating responses. 

If we have about 1,000 endpoints, that translates to around 150,000 records. Assuming there's an even distribution, so every time a server fails or an endpoint goes on a level, we would have 150 updates. With NS1, we have one, so this had an even more significant effect. There are situations where we have thousands of specific records sharing the same responses. In that case, there is one update instead of thousands and thousands.

When we chose Managed DNS in 2014, it was the only solution that could do what we wanted, but I'm not sure about the current state of the market. The NS1 API is an API on top of a managed DNS. It's not an afterthought. It's not like the solution existed. 

Someone was sending updates by email. Then a product manager came along and said, "Hey, there is this cool thing. It's called an API. Maybe we should do it?" And they are like, "Okay. Let's do it."  In the case of NS1, they thought about how to use an API to manipulate and retrieve the stuff. It's supposed to be API-driven. Also, NS1 doesn't have hidden features that would not be available over the API. Even their dashboard is built on top of the API. You can leverage all the functionality programmatically. That's what we do.

We don't use their native integrations because we have been customers before these integrations and real-time telemetry existed. Our solution isn't leveraging either of those. Instead, we leveraged their API integration, which was the first thing that existed. Indeed, the API is at the core of how we use Managed DNS. No one goes to the dashboard or manually clicks anything. Everything goes via the API, and we perform hundreds of changes every minute. The API automatically drives everything, so that's the integration we leverage.

We don't use the Pulsar Active Steering feature because we don't have a website. Our solution is being used as an API for other solutions. You can put the Pulsar agent on the website and feed NS1 the information. In our case, we are integrating into third-party sites. We cannot put our JavaScript on their websites for NS1 to provide the data, so we don't.

We've been using NS1 Managed DNS since late 2014, so it's been more than seven years.

NS1 has built advanced solutions for how to stay up during DDoS attacks. I can't recall a situation where NS1 has been unavailable in the last 24 months, and we have very precise monitoring of NS1 availability. Any downtime that might occur would be highly localized and quickly mitigated.

We launched on Thanksgiving and didn't realize it because we were all sitting in Europe. We had to wake up the founders of NS1 with an issue on Thanksgiving Day. They remember it to this day, and every single time it comes up, they always mention that I'm the one who woke them up on Thanksgiving. It was terrible, so I would say you need to plan deployment and keep the NS1 team in the loop because they can help. Their support is excellent. They can help you roll it out. Just don't go crazy and work with them.

NS1 had only four to six people in their company at the time. Today we have 650 employees, but at the time, we had only eight, so NS1 was roughly the same size as us, and we were willing to pay them a lot of money. 

When we first deployed, we flipped the switch, and it didn't work as well as we expected. It wasn't a complete outage, but we had issues in some places with some customers. The NS1 team went out of their way to resolve it on Thanksgiving. We have a post about it on our blog. We called it "Black Thursday."

If you go on our blog and search for "Black Thursday," you can find a post from November 28th, 2014, describing in detail how we shot ourselves in the foot during the transition and how we managed everything. We didn't mention NS1 a lot in the process because we didn't want to. It was completely our fault. 

We migrated, and it was terrible, but they went above and beyond. They even called operators worldwide to tell them to flush their DNS caches because we messed up. It was a great experience but also a massive incident for us. NS1 assigned us a customer success manager and an account manager, and I'm part of the customer advisory board because we are long-term customers. 

Positive

NS1 was the first solution that could express the logic we needed to be hidden behind the records, and we couldn't adapt any other solution to our needs. We tried Dyn and other solutions. Our main requirement was geo-steering, and we wanted to cover every record. We tried to assign the location of that endpoint. Depending on the location of the end-user, we wanted the end-user to be steered to the closest available endpoint. Currently, availability is precisely the issue with the data sources. You have to replicate it repeatedly thousands of times. NS1 simplifies the process.

The other reason we went with NS1 was the sheer expression power of the geo-steering. We struggled with Dyn for weeks, trying to configure their global geolocator to do what we needed. The precision was limited to the continent and a country, but we needed more. NS1 let us geo-coordinate, and NS1 was like, "Okay. We're going to steer it the same." 

The expression capabilities of NS1 and the possibilities of the filter chain were the decisive factors. That's what we wanted to build and what we needed from a DNS. NS1 had it built-in. 

We also previously used Route 53 from AWS. I'm not sure if it improved response times because you can't do much about that. NS1 or AWS manages it, so there is only so much you can complain about availability. It also depends on the level of telemetry that you have. Overall, I would say we saved money by migrating because we could not do what we wanted to do on AWS. On Route 53, we were unable to do it efficiently. We switched to NS1, and they probably saved us between $10 million and $50 million that we would have had to spend building it ourselves.

Setting up Managed DNS was straightforward. When we were migrating, we dumped everything from Route 53 and wrote a small script to import everything into NS1. Then we flipped the main DNS server records. That was our implementation strategy. 

The only preparation needed was to create a bunch of testing records, and we tested it from probes around the world to see how it behaves and performs. Once NS1 was chosen as our go-to solution, it was as simple as that. We eventually exported and pulled the API off Route 53 then pushed it directly to NS1.

Overall, the migration was seamless, but we had an incident in 2014 that we caused ourselves when migrating to NS1. It was our fault, and no one saw it coming. We kind of forget that IPv6 exists, so we created the problem ourselves.

We don't have DNS maintenance work. That's a term that no one in the organization knows, no one understands. If you asked someone in our company, "How much time do you spend on DNS maintenance?" People would say, "What are you talking about? What do you mean by DNS maintenance?" None of my engineers would be able to wrap their heads around it. We don't maintain anything in NS1 aside from the mess we cause with our records and our automation. Otherwise, we don't spend any time maintaining the platform.

If NS1 didn't provide this solution, we would've had to make our own. Once we discovered Managed DNS, we decided there was no way we were building it ourselves. It is now a core service for our product. Without them, I probably would have a massive team today and sink tens of millions of dollars into our custom DNS infrastructure. What's more, we wouldn't be able to do probably 10 percent of what they're doing.

It's fully automated, so it has cut down on manual processes associated with managing DNS by 100 percent. We don't have any manual processes, but otherwise, we would need staff to do something. All the manual processes are eliminated.

I rate NS1 Managed DNS 10 out of 10. If you're thinking about implementing the solution, my advice is to test this stuff and work actively with the NS1 team on the migration. 

My advice would be to talk to NS1, keep them in the loop, and plan it together. Don't try to do it all yourself. 

We use Managed DNS, and we also partially use functionality from some of their other products such as Pulsar. We generate a DNS map and upload it to NS1 using their API to propagate to their service. Then, we use Managed DNS to find the optimal route for our users to connect to the closest point of presence for them.

We use NS1 as software as a service. We are not having anything on-prem. It is a public cloud from our point of view. We are just using their cloud solution or their service. We are not installing it in our data center. They provide us with an API for us to talk to their cloud implementation.

Telemetry is something that we really care about. We care about the reliability of our edge network, and telemetry services are something we highly utilize. We use it through the NS1 API to make sure we have our dashboards and alerts configured correctly to have visibility in real-time over what's happening with our edge network. This way, we can easily and quickly react if needed or in some cases, act in advance to re-steer and re-adjust our traffic.

We're using Managed DNS with other functionality from NS1, so it improves the latency for our end users. So, we can steer traffic to better locations for users. It is not just based on geographical location closeness. It is based on real user metrics for these users. We also need fewer tools for DNS iterations in DNS management. So, we can have it fully automated by using our code and automation tools that we can build on top of NS1 API.

We actively use its Pulsar Active Traffic Steering feature. We cared the most about performance and latency for our users, and we have been getting significant improvements, especially for some of the corner cases at some of the unusual geographic locations where our users are. We have better performance with good efficiency. It did not reduce our costs, but our users have a better experience. It has resulted in better work.

In case of incidents or events for our points of presence, we are able to steer our users to a better location with RUM DNS, which is a part of the Pulsar product. So, we can provide better latency for them in comparison to simple anycast or geolocation traffic.

We use several DNS maps for the traffic distribution between our points of presence in the edge network. For some of these cases, to decrease the load on our network in a location where we may have limited network capacity, we can actually distill some portion of traffic, but it is less important for us. In such a case, we can avoid potential reliability incidents and bring availability, which eventually can improve our uptime.

Pulsar has saved money on CDN optimization. For some of our use cases, we need to distribute a significant amount of content between our users. So, we can use this functionality by having several route maps to route this content to better locations.

It has absolutely improved our DNS response times. We have seen significant improvements for some corner cases with geolocations that have unusual network connections to magistral lines. For some of the use cases, we have seen more than 10% improvement in our latency after we started using the RUM DNS functionality of Pulsar. We have latency improvements of more than 10% in selected regions.

It has reduced the DNS maintenance work in our organization. We have fully automated tools around NS1 API. So, to do any maintenance, by using the NS1 product, we can easily drain traffic in our point of presence to quickly re-steer our users to other locations. It is fully automated on our site so that we do not spend a lot of engineering time preparing our edge network for maintenance. This preparation time counts towards maintenance time, so we can save a lot of time on this.

We automated the entire workflow on our site. Its automation has absolutely enabled us to assign staff to other work. Automation is always good, and we can reinvest the time of our engineers.

Managed DNS helped improve our end-user experience. It reduced our latency dramatically, and our users' experience is much better now. Latency is not the only metric that it has impacted. It has also impacted reliability. We didn't have any major incidents while using NS1 all this time. Our company's SLA is 99.99%, and we can easily maintain it with NS1.

The Pulsar functionality, map uploading, and real user maps around DNS are some of the valuable things for us.

Another valuable feature is how easily we can interact with their API. We run our infrastructure as a code, so it is really easy for us to describe the whole configuration of the NS1 service by using our service configuration and interact with their API. We like this functionality a lot.

Monitoring is really important for us. We really care about reliability, and we want to make sure that we can remove some points of presence in our sector and in our edge network really fast when we experience any problems. So, monitoring that NS1 provides for DNS is really important for us.

We care about monitoring and telemetry work, and NS1 provides a pretty good system for monitoring. We can monitor our endpoints and points of presence around the world. If there are any issues, we can easily remove them from our network, but this area needs some improvement because it is not always reliable in NS1. In the past, we had a number of false-positive cases when the monitoring system told us about some problems in our infrastructure that were not true. NS1 is improving the system, and we are constantly talking about this with them. I know that they are releasing a new version of their monitoring system, which is really important for us, but this is a different area where we would expect them to improve.

I joined the company two years ago, so this is when I started working with the product, but in our company, we have been using it for a longer period of time. We started using it several years ago. 

Managed DNS is very stable for us. In our company, our uptime SLA is 99.99%, and DNS is crucial here. If the DNS system is down, then there will be a significant availability hit for the whole organization. We have been using NS1 for a long period of time, and we have not had any major outages on the NS1 side that lead to any outage on our side.

We don't have any problems with scalability. Our edge network is growing. So, every year, we add more and more points of presence to our edge network. It means that we need to add more zones for us. So far, we didn't experience any problems with this. It is easy to scale the solution.

We never had any complexity with meeting SLAs and customer demands. We heavily utilize NS1 API, and we have automation on our site around this API. It has worked well so far, and there are no problems with it. Its non-complexity is super important because we want to have everything as smooth as possible and as automated as possible. It helps us to actually achieve these goals.

We have a whole traffic team in our organization that has seven people at the moment. So, we use NS1 within one single team in our company.

It is being used across our whole infrastructure. This is our main DNS provider, and an increase in usage would align with the organic growth of our user base. We don't have plans for any additional increase at this time.

We work with their customer success team. We have a dedicated person from their side with whom we can talk about our problems, our issues, or any proposals we might have. This is a really fruitful collaboration.

We are happy with the NS1 support. They are responsive and professional. They reply to all of our requests. They provide good updates about progress or status on their side, and we can even discuss the next steps. If there are some things that need to be improved, they always propose a good plan for improvement. I'm completely satisfied with their customer service team. I would rate them a 10 out of 10.

It was set up before I joined this organization. Its maintenance is done on their side. Because it is a software as a service, all upgrades and maintenance for NS1 services are done by NS1.

We have definitely got a return on investment because this is the core functionality for our company to operate our business, but I don't have any numbers.

To someone who says that they don't spend money on a solution like this because they have a free cloud provider or a basic DNS, I would say that they need to think about reliability and, of course, performance. Those are two main things on the users' side. On the company side or the engineering side, with NS1, it is really easy to have automation in place for management and monitoring.

My only advice is to keep it automated. It is easy to do. NS1 provides the whole platform to run their solution from your infrastructure as a code by using API. You can also use tools like Terraform or any other automated management system. 

I would rate Managed DNS a 10 out of 10. We don't have a lot of issues. Of course, it is a growing product, and there are some areas of improvement for NS1, but just based on our interactions with them and how this product works for our infrastructure, we are completely satisfied. 

NS1 holds all of our domains.

When we started using it, we didn't use it with API automation. Today, we do everything with automation and run everything with our automation, so that any change we run, all the data is backed up with GIT. Changes are done with an API so that there is no manual work. It reduces errors significantly and allows us to quickly roll back all the activities on the platform. It works flawlessly for us. Deployments are very fast. There's absolutely no complaint there.

We manage our internet facing traffic with it.

We use it for traffic optimization. I have optimized the traffic using this feature by 20%.

DNS obviously plays a major role in DDoS attacks. It's something that is under attack, but it's also a major player in its ability to defend. NS1 has been doing an amazing job with that.

It has improved our DNS response times as well. 

We've been using Managed DNS for the past 10 years. We moved from a different vendor a few years ago. Generally speaking, I would say that Managed DNS reduces the overhead. 

NS1's automation has enabled us to assign tasks to other work because we have very little DNS right now because it's all managed. It frees up SRE time to deal with actual internal system and application management, instead of managing the infrastructure that can be managed by a third party.

It helped to improve our end-user experience because users get better service by accelerating the response time.

We have also seen benefits when it comes to speed, time, and cost.

The ability to manage traffic, what's called Smart Domains or Smart Record, enables us to provide our customers the relevant, closest data center by providing the correct IP address according to geography or other logic. The ability to see real-time performance is also very useful. 

Everything we download into our observability platform so that we can also track any changes in traffic behavior or things like that is also something that we use quite a lot. I'd say traffic management, the speed of updates, and observability are the top three things that we use.

Observability means monitoring the API, the ability to see the traffic at the different levels, the ability to connect the right record to the right place, and then see everything within the platform or within our observability platform. It is really useful. The automation and the fact that they provide the connectivity into Terraform, for example, is very useful because it allows for ease of integration. I don't have to write the right API integrations myself. We can actually use industry standards that are available out there.

There could maybe be additional ways to manage traffic. There are no major improvements we're looking for. It's a very complete solution. 

I have been using NS1 Managed DNS for over four years. 

The platform itself is stable and highly available. We had very few incidents and never full downtime.

We have not found any scalability issues. We are running a pretty large operation ourselves, of around 100,000 requests per second, and we have never had any scalability issues with the platform. It's always scaled to the size that we need.

It provides scalability to help meet SOA and customers' demands without adding complexity. DNS is a basic part of any solution. And once you have 100,000 requests coming in and you need to make sure that the connectivity is there, the response time is there, the error levels are as low as possible, and every request actually gets an answer. If a third party can do this and I can take care of my actual application and not think about the path into my application, that is very useful.

The only time we used support was when we migrated the additional features around security. They were highly professional and available. They are very good at what they do.

Post-deployment their support was very good. I would rate them a ten out of ten. They are very knowledgeable, not only about their product but about general DNS protocols, from performance to global interconnectivity. They were able to look at the whole picture and the small details within the picture as well.

We switched from Akamai. It was slower and had fewer features.

The initial setup was very straightforward. Using the migration itself was easy. The ongoing monitoring and change for the service, the support that we got from NS1, was all very clear. They are all very professional. There was no downtime. It's very, very straightforward. It took a few weeks. It was very short. 

We kept a backup of the old service up and running, and moved 50% of the traffic into the new DNS and then into the new managed service. Then once we saw everything was running smoothly, we deployed the rest.

We were working with NS1's customer success team during our deployment. I was satisfied with their support. 

We have seen better performance. It's very hard to measure if there is an ROI here, but we have absolutely seen better performance, and that is the important part for us.

We also looked at Neustar. NS1 solution has many more features and it works faster than any of the other solutions. It was also that the pricing was clearer and much easier to work with in terms of the tiers of the pricing. It was really the full package.

For those who have a free cloud provider or basic DNS, I would say that the road into the application and the road into your infrastructure is part of the actual solution that you provide. DNS is part of that pavement. That is the road that end-users reach your application. The higher quality you can have there, especially if it's at a reasonable price means that you will be able to better serve your customers. And that is an important part of IT. Eventually, we are here to serve the business and if we can serve them better then it has an impact.

Once you have it side-by-side to your existing solution and the stability, speed, reduced error level, the easy connectivity into other platforms, observability, and automation are all worth the investment in engineering time and cost.

I would rate NS1 Managed DNS a ten out of ten.