t cht lk of an attack , an organisation may experience downtime or loss of productivity as a result of systems being taken offline . This can lead to revenue loss , reputational damage , and regulatory fines . Long-term impacts include damage to brand reputation , loss of customers , and decreased market share .
t cht lk of an attack , an organisation may experience downtime or loss of productivity as a result of systems being taken offline . This can lead to revenue loss , reputational damage , and regulatory fines . Long-term impacts include damage to brand reputation , loss of customers , and decreased market share .
With the emergence of each new threat and the technology to counter it , organisations have traditionally responded by deploying a new security product to remediate the immediate threat at hand .
Slow performance
Some of the newer DNS technologies , such as DNS over HTTPS , DoH and DNS over TLS , DoT require TLS decryption , encryption processing , which is highly CPU-intensive . However , DNS servers were not originally designed for such processing , therefore adding DoH , DoT can lead to a severe slowdown in overall performance .
Unsuitable for hybrid cloud
Over time , this has led to the deployment of many security devices in the network , resulting in the following challenges :
Increased complexity
With many security devices in the network , the task of deploying , managing , and troubleshooting has become increasingly complex . Each device has its own separate management interface and configuration commands that require specialised knowledge to deploy and troubleshoot .
Increased cost
Upgrading DNS infrastructure to meet growing traffic needs requires upgrading most , if not all devices . This results in the need to buy multiple different products , resulting in high purchase and licensing costs .
All these problems are further compounded by the growing adoption of hybrid cloud . This is because many of the legacy security products that have been deployed in private data centres may either not be available or may not be optimally suited for such a deployment . This leads to adoption of cloud-specific offerings , adding to the complexity and cost of deployment .
DNS is also susceptible to a range of attacks and unfortunately no single security method can prevent all the different types of attacks . Therefore , an allencompassing approach is needed , including DNS load-balancing , DNSSEC , DoH , DoT , and DNS caching to ensure DNS infrastructure is constantly available and performing optimally .
Only with a comprehensive set of DNS security solutions can organisations secure and simplify their DNS infrastructure without compromising on performance or the user experience . p
Terry Young , Director of Service Provider Product Marketing , A10 Networks
www . intelligentcio . com INTELLIGENTCIO MIDDLE EAST 77