While organisations adapt to an increasingly cloud-first, hybrid environment with multiple applications spread across several cloud providers and data centres, it is important to remember that high performance, security, and resilience cannot be ensured without visibility across all applications. By Ronan David, Chief Strategy Officer at EfficientIP
Today, access to an application is initiated by a DNS (Domain Name System). As the digital directory for all the names of domains and the associated IP addresses, DNS is integral to the network and every single app and device connected to the Internet. DNS associates and maps device names and IP addresses, essentially working as the Internet phone directory. It is the backbone of business access to data and performance. Without DNS, the entire application world would simply fall apart. Without DNS, every time you wanted to get to something on the internet, you would have to type in a series of numbers called an IP address.
Not all businesses know that DNS can be used as the first link in their digital transformation strategy. This means that DNS can be used to improve things like network security, application access control, application zoning, stopping malware from spreading laterally, and reducing the attack surface.
Bringing intelligence to the network edge
Every organisation depends on data, which is one of their most valuable strategic assets. Businesses can gain a competitive advantage by fully utilising the data potential via DNS.
As part of their ongoing digital transformation strategies, organisations have either already implemented, or are in the process of adopting, SD-WAN. A software-defined approach to managing the wide area network, the purpose of SD-WAN is to find the best way for users to access an application quickly from any given location and connect it to the most advantageous network, data centre, or cloud location. However, while it enables speedy connections, it is unable to indicate whether the application works in the most optimal way for the user.
This is why, beyond its critical mission as a network directory, DNS, when combined with the SD-WAN, can provide additional context that not only enables it to constantly monitor user activity, such as access times and various levels of permission, but ultimately enhances the overall user experience and better access control across the network.
For instance, DNS will be able to see if a user based in Paris is requesting to use an application and then intelligently assess whether the user will be able to access it faster from a data centre located in New York or one in Paris. It means the analytical intelligence of the DNS is located as close as possible to the user, so it can easily direct him to the best destination without having to go back to a distribution service.
Thus, DNS enables organisations to analyse performance from the users’ point of view andmake intelligent decisions regarding how to better direct users to the appropriate application, service, or website. Combined with SD-WAN, it is possible to direct the user to the perfect location in terms of faster and secure access.
A more resilient infrastructure
In the same way, we can control application traffic at the DNS level: if a server is no longer available, the search for a new machine in another data centre could be easily done via DNS. This is where DNS GSLB comes in. DNS GSLB provides a simple and efficient way to load balanced traffic from the network edge, taking into account geographical dispersion and the availability of resources. It means traffic could be immediately redirected to the server with the best possible performance. DNS has an essential role in delivering secure and resilient infrastructure. Because of its crucial role in coordinating all Internet and application traffic, DNS is frequently the focus of threats to IT infrastructure management and application delivery. By restricting access to a domain or manipulating DNS to re-route traffic to malicious sites, attackers can cause damage to the organisation.
DNS is also instrumental in preventing threats at the application layer and foreseeing a recovery plan that has better control and is easier to implement, considering all the possible risks. Such a plan can be tested on a restricted perimeter, such as a specific site or application.
DNS as the first link in the security chain
Organisations often disregard that DNS could be a perfect tool to monitor unusual behaviour to prevent attacks, although it is a crucial topic given the rise in cyberattacks directed at them. The DNS layer provides a lot of knowledge towards recognising and preventing cyberattacks. By integrating DNS with monitoring and reporting systems, companies can more easily observe DNS configuration changes and shifting traffic patterns, which will reveal key indicators of compromise. This visibility into application and network traffic allows companies to better monitor DNS configuration changes. DNS may also provide a fence to shield websites from traffic coming from untrustworthy sites or domains.
It is also possible at the DNS level to control the organisation within by monitoring the resources a user or machine may access, to prevent a threat in a timely manner. By letting the DNS server see what each corporate device is used for, it can spot any strange behaviour from corporate devices that could be a sign of malware or other cyber threats.
At the security level, knowing that hackers have understood the pivotal role of DNS to develop their attacks, it is necessary that DNS and other security technologies and policies are adapted and upgraded, to have a better view of traffic and detect threats through behavioural analysis and be able to prevent attacks.
By bringing and utilising the intelligence provided by the DNS and edge network, companies can improve security, performance, and resilience. DNS should no longer be considered by its simple role as a network directory, especially since it is the first point of providing access to all the applications and its ability to analyse data anywhere it is generated. DNS is a pivotal and foundational point of the entire digital transformation strategy.
