Для посетителей из России доступен российский сайт. Перейти

Qrator.SecondaryDNS

A secondary authoritative DNS server built to maintain uninterrupted availability of your DNS infrastructure

Takes seconds to deploy with the unique Reverse Proxy feature

Truncate functionality protects enterprise DNS servers against IoT-based DDoS attacks

Qrator Labs anycast network reduces DNS query latency

Reliable DNS is the foundation for online business continuity

Why are attacks against DNS so dangerous?

Instead of attacking the website itself, attackers can target the availability and stability of a network’s DNS server containing IP addresses for every website on the Internet. In case of an attack against DNS, users' browsers might not be able to determine the target domain’s IP address, which will make a website unavailable. An attacker can constantly generate DNS queries for the DNS server in order to overload its resources. Without special protection, the only way to mitigate such an attack is to increase server power. However, a constant increase in capacity may result in leveraging the DNS server for carrying out further DDoS attacks on other resources. Failure of a DNS server can lead to partial or complete unavailability of a web resource.

Understanding the Risk and Importance of DNS hardening

Like many other Internet protocols DNS wasn’t designed with security in mind which makes DNS infrastructure vulnerable to a wide range of DDoS attacks. Yet despite being a vital component of business infrastructure DNS hardening often turns out to be overlooked.

Best-in-class Ultra-Fast DNS Protection

Distributed and reliable cloud DNS, Qrator.Secure.DNS is an integral part of our enterprise solution for business’s continuous online availability. DNS Qrator.SecondName provides minimal response time and a high level of protection against even the most complex and high-speed DDoS attacks.

Key advantages of QRATOR.SECONDARYDNS

Cloud solution based on Qrator Labs network

There is no need to install additional software or purchase hardware. Our global anycast network ensures high availability at no additional cost, and in case of an attack against DNS, at least one server remains up and constantly running.

Additional Qrator Labs DNS Server

It implements advanced mitigation techniques for attacks against DNS, and a special bot request processing logic working differently from the logic of handling legitimate user requests.

Easy to connect

Configure DNS security by choosing one of two implementation options: Qrator Secondary DNS (protection with full disclosure of a domain zone) or Qrator DNS Reverse Proxy (protection without full disclosure of a domain zone).

Built-in DNSSEC

The DNSSEC protocol is a DNS Security Extension created to increase the security level of DNS record authentication through the use of digital signatures. DNS Qrator.SecondName provides built-in support of DNSSEC to minimize risks of attacks and improve data integrity.

Detailed DNS traffic analysis

Advanced DNS traffic analytics is always available online in the Qrator Labs dashboard. Customers can generate detailed DNS statistics reports in their personal accounts filtered by response statuses, request types, etc.

How it works

How to connect
QRATOR.SECONDARYDNS

Step 1
Configure DNS Notify for the QRATOR secondary DNS server.
Step 2
Provide QRATOR with a list of zones to protect.
Step 3
Add the new NS server at your domain registrar and specify the dedicated QRATOR IP address.

QRATOR.SECONDARYDNS

capabilities for building a resilient authoritative DNS architecture
Continuous availability of authoritative DNS infrastructure
The global QRATOR filtering network, built on Anycast architecture, ensures guaranteed availability of QRATOR.SECONDARYDNS and enables complete isolation of the customer’s primary DNS server from external traffic. In the event of an attack or failure, at least one DNS server remains operational and continues processing DNS queries — regardless of the type or scale of the incident.
DNSSEC support
QRATOR.SECONDARYDNS supports the DNSSEC protocol — a security extension that protects the integrity of DNS records using digital signatures. DNSSEC minimizes the risk of DNS spoofing attacks and ensures the authenticity of transmitted data, while full control over records and signatures remains with the customer.
Detailed DNS traffic analytics
The QRATOR.SECONDARYDNS dashboard features advanced DNS traffic analytics with detailed reports filtered by response codes, query types, and other key parameters.
Easy integration
QRATOR.SECONDARYDNS requires no additional software installation or hardware purchases. The service is set up in three simple steps, and onboarding can take as little as 15 minutes.

Easy deployment with better performance and availability

Learn more
Your subscription successfully activated