CloudFlare Launches Virtual DNS For DDoS Protection

CloudFlare Launches Virtual DNS For DDoS Protection

Leading web security company CloudFlare has launched another way to make DNS more secure by implementing Virtual DNS , the authoritative DNS proxy service. Virtual DNS means that the host can get the benefits of a global, modern DNS infrastructure without having to contact every customer and get them to update their name servers.

With Virtual DNS, DNS queries for the provider's records are responded to by the nearest CloudFlare edge location. If the proper DNS response is available in CloudFlare's cache, CloudFlare will return the response to the visitor, saving bandwidth at the origin nameserver.


If the DNS response is not available in cache, CloudFlare will query one of the provider's nameservers in the background to fetch the DNS response and send it back to the visitor. Simultaneously, that response will be temporarily cached on CloudFlare to be automatically returned when the next query for that record comes along.

That way, the malicious requests to the nameservers will be identified and blocked at CloudFlare’s edge before those requests ever make it to the provider's DNS infrastructure.

TWO ADDITIONAL LAYERS OF SECURITY

CloudFlare's Virtual DNS also provides two additional layers of security : If the origin nameserver is offline and the DNS records are cached on CloudFlare, CloudFlare will keep the records in the cache and will continue to answer for them.

Virtual DNS also masks the true origin IP addresses of the provider's nameservers behind CloudFlare’s IP addresses.


CloudFlare Engineer Dani Grant said, "Over the past year, we've been testing the product with hosting providers, registrars and some enterprises with very positive results."

"Maintaining custom DNS infrastructure is hard and expensive, and Virtual DNS makes it more accessible. Any enterprise can use CloudFlare Virtual DNS to deliver answers to the edge, with high performance anywhere in the world, saving bandwidth costs by caching answers, and stopping malicious traffic," he added.

Stories related to DDoS :

No comments

Powered by Blogger.