Enabling DNSSEC in Securd

DNSSEC (Domain Name System Security Extensions) is a security protocol that provides authentication for DNS data. It is used to protect the internet's global Domain Name System (DNS) infrastructure from various types of attacks, such as spoofing and cache poisoning.

DNSSEC works by adding cryptographic signatures to DNS records, which allows users to verify the authenticity of DNS data received from a server. These signatures are created using public key cryptography, and are stored in special resource records in the DNS.

When a client sends a DNS query to a server, the server can use DNSSEC to provide a digital signature along with the DNS response. The client can then use the public key associated with the domain to verify the authenticity of the response. This ensures that the client is receiving genuine DNS data, and not fake data that has been injected by an attacker.

DNSSEC also includes mechanisms for detecting tampering with DNS data. If an attacker tries to alter a DNS record or its associated signature, the client will be able to detect the tampering and reject the response.

Securd supports DNSSEC by performing validation on queries sent from Securd resolvers to upstream authoritative servers. When you edit a policy, find the "Require DNSSEC" option in the policy editor, and select "Enable" and then "Save" the policy to make the change active.

How to Enforce DNSSEC in Securd

As a Securd customer, you can access the Internet with confidence that Securd is defending your organization from any cache poisoning or DNS spoofing attacks.

• Related Articles

• Using Multi-Factor Authentication with Securd

  Securd supports multi-factor authentication. You will require the Authy application on your mobile device that will be capable of generating a time-based one-time password (TOTP) authentication code. Download Authy App First ...

• Threat Hunting with Securd

  A cloud-based DNS firewall, such as Securd, can be an effective tool for threat hunting by security analysts. Here is a step-by-step guide on how a security analyst can use Securd for threat hunting: Set up Securd: The first step in using Securd for ...

• Securd URL Proxy

  Securd URL Proxy analyzes web traffic for high risk URLs. It examines the domain and full URL of request to determine if it is a threat. The targeted proxy performs HTTPS security analysis of good sites that are exploited to deliver cyber attacks. ...

• PagerDuty Securd Integration

  Trigger Securd alerts to PagerDuty, so you can remediate cyber security incidents faster. 1. Perform the PagerDuty Setup Process first. PagerDuty Setup Process Login to PagerDuty, go to the Configuration menu and select Services. On the Services ...

• Point Windows DNS to Securd

  Getting started with Windows (Agent and Agentless) Securd currently supports Windows 7, 8, 8.1, 10, Server 2008, Server 2012, Server 2016, and Server 2019 with .NET Framework 4.5+. Required Ports Securd endpoints will require access to connect to ...