1 / 7

Go Daddy ® DNSSEC Support

Go Daddy ® DNSSEC Support. PRESENTED BY: Wayne Thayer, Go Daddy CTO. TUESDAY, APRIL 3, 2012. About Go Daddy. 52 million Domain Names. 10 billion N ame Server Requests Daily. 2.7 million MySQL Databases. 1 billion W eb Server R esponses D aily. 12

martha
Download Presentation

Go Daddy ® DNSSEC Support

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript


  1. Go Daddy® DNSSEC Support PRESENTED BY: Wayne Thayer, Go Daddy CTO TUESDAY, APRIL 3, 2012

  2. About Go Daddy 52 million Domain Names 10 billion Name Server Requests Daily 2.7 million MySQLDatabases 1 billion Web Server Responses Daily 12 Worldwide Data Centers(100,000 sq. ft, in use) 10 millionActive Customers(through January 2012) 1.1 million WebSite Tonight®Accounts 5 million Hosted Accounts

  3. Security Services • Go Daddy offers a full array of site protection tools, including SSL Certificates, Website Protection Site Scanner and Premium DNS. • SSL Certificates • #1 in net-new SSL Certificates (according to Netcraft®) • Fastest-growing SSL Certificate Authority • Over 600,000 active SSL Certificates • Go Daddy was closely tied to the development of Extended Validation Certificates • Website Protection Site Scanner • Identifies Malware and website security gaps • Offers recommended solutions • Helps prevent Google® “blacklisting” • Includes free expert support SOME OF THE WORLD’S BIGGEST COMPANIES TRUST OUR SSLs

  4. Security Services cont’d Domain Name System Security Extensions (DNSSEC) • Addresses identified security risks and helps prevent cache poisoning, pharming and man-in-the-middle attacks. • Go Daddy is 1 of only 3 registrars currently supporting DNSSEC for .com as reported by ICANN • Two types of DNSSEC implementation: manual and automated. • Manual signing - ~1000 active DNSSEC records • Gives user complete control over DNSSEC • Can self-host DNS • Offers custom key-rollover schedules • Challenge: Requires technical knowledge – user creates own keys and updates the DNS zones • Automated signing - ~3000 active DNSSEC records • We control the full spectrum, so user errors don’t enter into equation • Automated key rollovers with notification • Insulates end user from specification changes at the registries • Challenge: Must use prescribed nameservers • Manages DS records for the following domain name extensions: • .com • .net • .org • .co, .com.co, .net.co, and .nom.co • .me • .in – added last week • .us • .biz • .eu • .se • .co.uk, .me.uk, and .org.uk

  5. Premium DNS Premium DNS accounts offer a higher level of support and advanced features, adding power, flexibility, and control to DNS management – all hosted on Go Daddy’s world-class infrastructure. DNSSEC is easily enabled and disabled through a simple radio button in DNS Manager Web UI. Supports domains registered at Go Daddy and elsewhere. Zone Signing Keys (ZSK) - 1024-bit RSA with 60-day automated rollover. Key Signing Keys (KSK) - 2048-bit RSA with 365-day automated rollover. DNSSEC zones are automatically re-signed when changes are made to them, with no additional input from the user. PREMIUM DNS MAKES IT EASY TO MANAGE AND SECURE DNS TO IMPROVE PERFORMANCE, ACCESSIBILITY AND SECURITY BY PLACING DNS INFORMATIONON OUR PREMIUM GLOBAL NETWORK.

  6. DNS Infrastructure Through Go Daddy’s global Anycastnetwork, Premium DNS offers faster, more reliable and more secure DNS resolution. Traffic is balanced across multiple Go Daddy data centers throughout the United States, Europe and Asia, eliminating a single point of failure and routing DNS activities for maximized performance. • Homegrown system • Handles 10 billion requests per day • Globally distributed • Employs IP anycastto route traffic • High levels of resilience at all tiers • Multiple types and levels of DDoS • protection employed

More Related