Learn about Zero Trust Architecture
Impenetrable cybersecurity without sacrificing usability
Gain detailed visibility into all your endpoints activities
Harden applications and hardware environments
Immediate and continuous response to incidents
Close the window of time your data could be exposed
Get your Comodo solutions setup, deployed or optimized
Control access to malicious websites
Defend from any internet based threats
Stop email threats before it enters your inbox
Preserve and protect your sensitive data
Keep your website running fast and malware free
Add encryption to your websites
Automated certificate mgmt. platform
Secure private intranet environments
Digital signature solutions for cloud apps
Encrypt emails for senders and recipients
Stay compliant with PCI DSS
Trusted authentication for IoT devices
Francisco Partners a leading technology-focused private equity fund, has acquired a majority stake in Comodo’s certificate authority business. Newly renamed from Comodo CA Limited to Sectigo Limited. Privacy Policies, Trademarks, Patents and Terms & Conditions are available on Sectigo Limited’s web site.
Meet the people behind the direction for Comodo
Get the latest news about Comodo
People are the key to achievement and prosperity
Stay up to date with our on-demand webinars
Worldwide: Sales, Support and General Inquiries
Schedule a live demonstration of our solutions
Need immediate help? Call 1-888-551-1531
Instantly removes viruses to keep your PC virus free
Experience true mobile security on your mobile apple devices
Secure Internet Browser based on Chrome
Chrome browser internet security extension
Submit a ticket to our support team
Share any product bugs or security flaws
Collaborate with research experts on data sets
Valkyrie Threat Intelligence Plugins
Valkyrie Threat Intelligence APIs
The Domain Name System is fundamental to the functioning of the internet and works so well that we rarely consider how it works. Most people do not even realize that we have options to choose from that can improve our internet performance and enhance our security.
Before I get to the choices, let’s review DNS.
What is the Domain Name System (DNS)
I’ll start with what you probably already know. The Domain Name System (DNS) is often compared to phone book. If I want to call someone I use their name to lookup their number.
To communicate with another computer on the internet your computer needs a numeric IP address, analogous to the phone number. However, when using email and the web your computer uses a registered domain name and the Domain Name System to lookup an associated IP address. For example, the domain name example.com is associated with the IP address 188.8.131.52.
How Does DNS Work?
DNS consists of a network with different types of servers that are organized in a hierarchy.
Root Server: A single server node that can provide the location of the 13 Domain Servers.
Root Name Servers: 13 server nodes that can provide the location of the Name Servers for specific domains (.com, .edu, .uk, etc). There are actually many more than 13 physical servers per node.
Authoritative Name Servers: These are servers where domain name/IP address association data have been obtained from an original source. The next step after registering a domain name is to provide the name to your web and/or email host to add the name to an Authoritative Name Server.
Other Name Servers: These are name servers that obtain their data by querying other name servers and storing the data in cache.
This is all important to understand because to use domain names your computer or network must be configured to connect to a specific name server to “resolve” a name to an IP address.
Choosing your own DNS Server
When you connect to the internet, most of the time you are setup with a name server provided by your Internet Server Provider. This is almost certainly an “Other Name Server” mentioned above. However, you actually use any name server that you have access to. This means you have choices.
Setup your own DNS? Maybe, maybe not
The first choice is to setup your own DNS server. It’s actually not very hard and the software is available for free. However, note the following:
o You cannot setup your own DNS for a web site on a shared server.
o It will only be as secure as your own network.
o To be available 24/7 your server has to be running 24/7.
It can be a fun and somewhat geeky thing to do to setup your own DNS server. However, it’s something to leave to large corporations with their own IT staffs. Even so, the company is assuming the risk of downtime. For most people, especially small and medium size e-commerce business it is way to risk. If your DNS is down, your site is down. Your business is down.
Managed DNS? A better idea!
A much better idea is to sign up with a managed DNS service to host your DNS. These are companies that have established their own network of DNS servers and add features to improve performance, security and protections. DNS performance can be very important in how fast a web page loads.
Using advanced routing technologies such IP Anycast and GeoDNS, they can improve resolution times by as much as .5 seconds. If a page has 3rd party content such as advertising, there could be multiple DNS resolution lookups to display the page. If 5 resolutions are needed you might save 2.5 seconds, an eternity when waiting for a page to display.
Managed DNS providers offer additional features that you do not get from your ISP:
o Security: Protection against malware, Denial of Service Attacks (DOS), phish blocking, blacklist prevention, etc
o Content filtering
o 100% uptime SLAs
0 Web interfaces for managing DNS and DNS records
Managed DNS providers, such as Comodo, charge a monthly fee for the services. Depending on the number of domains covered and the amount of network traffic it could be between $25 and $100 per month.
IT System Management
Tags: DNS,Domain Name System
Reading Time: 3 minutes The web is the #1 vector for a wide variety of threats—from garden variety malware, to phishing attacks, ransomware, and beyond. Your users may receive an email that appears to be from a company that they actually do business with, asking them to reset their password. The email may actually be from a cyber attacker…
Sign up to our cyber security newsletter
Comodo Cybersecurity would like to keep in touch with you about cybersecurity issues, as well as products and services available. Please sign up to receive occasional communications. As a cybersecurity company, we take your privacy and security very seriously and have strong safeguards in place to protect your information.
See how your organization scores against cybersecurity threats