1 / 4

DNSSEC in Windows Server

DNSSEC in Windows Server. DNS Server changes. Provide DNSSEC support in the DNS server Changes should allow federal agencies to comply with SC-20 and SC-21 security controls proposed in NIST 800-53. DNS servers support signed DNS records and return the signatures in response to queries (SC-20)

richardbishop
Download Presentation

DNSSEC in Windows Server

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. DNSSEC in Windows Server

  2. DNS Server changes • Provide DNSSEC support in the DNS server • Changes should allow federal agencies to comply with SC-20 and SC-21 security controls proposed in NIST 800-53. • DNS servers support signed DNS records and return the signatures in response to queries (SC-20) • DNS servers support recursive resolvers that authenticate and check integrity of secure records (SC-21)

  3. DNS Server changes • Highlights • Implement core RFCs 4033, 4034, 4035 • Support for RRSIG, NSEC, DNSKEY, DS • Tool for signing DNS zone files. • Enable verification of chain of trust • Authentication and Integrity check of records • Enable support for trust anchors • Policy to return only secure records to clients. • Other policies under consideration.

  4. Our plans • Planning currently in progress • Beta: middle of 2007 • RTM: late 2007 or early 2008 • General availability by first service pack of Longhorn Server.

More Related