SBN

Akamai Drives New Standards and Enhances Authoritative DNS and Load Balancing Services

For more than 20 years, Akamai’s customers have trusted our global edge platform to deliver their content, secure their web applications, and accelerate end-user experiences. As the basis for our mapping functions, Akamai DNS has always been essential to the reliability and performance of our platform and our services, and our popular authoritative DNS services — Edge DNS and Global Traffic Management (GTM) — are a direct result of the significant investments made by Akamai in our DNS infrastructure.

The Akamai October 2020 Platform Update demonstrates Akamai’s ongoing commitment to solving customer problems through the development and implementation of new DNS standards and through enhancements to Edge DNS and GTM that are designed to increase agility, security, and quality for our DNS customers.

Simplifying/Securing Multiprovider DNS Through Service Binding

Offering potential benefits for both performance and privacy, and to simplify DNS administration, Edge DNS introduces two new DNS resource record types, SVCB and HTTPS, as defined in an IETF draft standard co-authored by Akamai and Google. The standard aims to simplify and standardize zone apex workflows for customers that employ a multiprovider approach to DNS.

SVCB and HTTPS records make it possible for endpoints to map to specific services, including additional parameters (e.g., TLS encryption keys) that are used by the service, and allows them to do so using multiple DNS providers, assuming both providers support the standard RR types. It also enables CNAME-like functionality for shorter, easier-to-remember domain names. Previously, for short domain names (e.g., example.com), DNS providers had been forced to implement such functionality using proprietary techniques. Customers can now use different DNS providers to map to the same service, reducing exposure to security threats and outages.

Integrating DNS Traffic Management and Name Services

This integration of Edge DNS and GTM simplifies workflows and enables use cases such as active/active configurations or multiprovider global server load balancing.

Until now, load balancing between Edge DNS name servers as part of an overall traffic management design wasn’t possible without complex configuration. This new capability simplifies that through the configuration of a static property type within GTM that allows for static record sets such as NS, A, and TXT.

Enhancing Akamai DNS Automation and User Experience

Trends such as migration to cloud infrastructure and increased use of SaaS have led to increasingly complex DNS workflows. With DNS practitioners looking to simplify these through coded routines that access APIs, Akamai has stepped up its DevOps support and certificate automation capabilities for Edge DNS with support for OctoDNS as well as plugins used to generate certificates within Let’s Encrypt automation workflows. These include a new Edge DNS Plugin for Posh-ACME (Automated Certificate Management Environment) clients, and an Edge DNS provider for LEGO (Let’s Encrypt, written in GO) ACME Clients.

Security_Blog5_pic3_Day4.png

Akamai plugin for Posh-Acme

OctoDNS, created by GitHub, is an infrastructure-as-code tool that allows customers to deploy and manage DNS zones across multiple providers using standard software development principles, including version control, testing, and automated deployment.

Let’s Encrypt is a nonprofit certificate authority run by the Internet Security Research Group (ISRG) that provides certificates for Transport Layer Security (TLS) encryption. ACME is a protocol used by Let’s Encrypt to automate certificate transactions.

Additionally, Akamai has introduced a new Health Status page for Edge DNS and GTM, from which customers can quickly surmise operational status and general performance information.

For further specifics and background on Edge DNS, GTM, and these new capabilities, please visit www.akamai.com/edge-dns or www.akamai.com/gtm.

There will be more opportunities to engage with us on this and more at Edge Live | Adapt. Sign up to see how customers are leveraging these improvements, engage in technical deep dives, and hear from our executives how Akamai is evolving for the future.


*** This is a Security Bloggers Network syndicated blog from The Akamai Blog authored by Jonathan Zarkower. Read the original post at: http://feedproxy.google.com/~r/TheAkamaiBlog/~3/RE-88utnzTs/akamai-drives-new-standards-and-enhances-authoritative-dns-and-load-balancing-services.html