A secondary authoritative DNS server built to maintain uninterrupted availability of your DNS infrastructure
Takes seconds to deploy with the unique Reverse Proxy feature
Truncate functionality protects enterprise DNS servers against IoT-based DDoS attacks
Qrator Labs anycast network reduces DNS query latency
Why are attacks against DNS so dangerous?
Instead of attacking the website itself, attackers can target the availability and stability of a network’s DNS server containing IP addresses for every website on the Internet. In case of an attack against DNS, users' browsers might not be able to determine the target domain’s IP address, which will make a website unavailable. An attacker can constantly generate DNS queries for the DNS server in order to overload its resources. Without special protection, the only way to mitigate such an attack is to increase server power. However, a constant increase in capacity may result in leveraging the DNS server for carrying out further DDoS attacks on other resources. Failure of a DNS server can lead to partial or complete unavailability of a web resource.
Understanding the Risk and Importance of DNS hardening
Like many other Internet protocols DNS wasn’t designed with security in mind which makes DNS infrastructure vulnerable to a wide range of DDoS attacks. Yet despite being a vital component of business infrastructure DNS hardening often turns out to be overlooked.
Distributed and reliable cloud DNS, Qrator.Secure.DNS is an integral part of our enterprise solution for business’s continuous online availability. DNS Qrator.SecondName provides minimal response time and a high level of protection against even the most complex and high-speed DDoS attacks.
Cloud solution based on Qrator Labs network
There is no need to install additional software or purchase hardware. Our global anycast network ensures high availability at no additional cost, and in case of an attack against DNS, at least one server remains up and constantly running.
Additional Qrator Labs DNS Server
It implements advanced mitigation techniques for attacks against DNS, and a special bot request processing logic working differently from the logic of handling legitimate user requests.
Easy to connect
Configure DNS security by choosing one of two implementation options: Qrator Secondary DNS (protection with full disclosure of a domain zone) or Qrator DNS Reverse Proxy (protection without full disclosure of a domain zone).
Built-in DNSSEC
The DNSSEC protocol is a DNS Security Extension created to increase the security level of DNS record authentication through the use of digital signatures. DNS Qrator.SecondName provides built-in support of DNSSEC to minimize risks of attacks and improve data integrity.
Detailed DNS traffic analysis
Advanced DNS traffic analytics is always available online in the Qrator Labs dashboard. Customers can generate detailed DNS statistics reports in their personal accounts filtered by response statuses, request types, etc.
Protection with full domain zone disclosure
Protection without full domain zone disclosure
A client allows the transfer of his domain zone from the current NS server to the Qrator Labs’ ns.qrator.net server.
A client specifies an IP address allocated by Qrator Labs as the authoritative server address for its zone.
Qrator Labs configures the transfer of a domain zone file from the main client’s NS server whose address is no longer known to attackers (Hidden Primary).
Applicable when a client does not have an opportunity to provide control for a domain zone.
A client reports Qrator Labs on IP address(-es) of authoritative servers (or a Hidden Primary DNS server) and specifies an IP address allocated by Qrator Labs as the address of an authoritative server for their own zone.
With this connection scenario, Qrator Labs NS server will act as a recursor server with a cache of data about a client's connected zone.
If the Qrator Labs server does not have information about a record, it will send a request to an upstream server and keep a response.
Backspace Technologies - Wholesale VOICE and APN solutions provider - improves real-time BGP anomalies detection to ensure better network performance and high availability of service with Qrator.Radar.
Qrator.Radar helps Dailymotion - Online video sharing platform - ensure high quality of video broadcasts with a primary focus on controlling and detecting network anomalies, which may cause a degradation of the video delivery service.
Cindicator - Crypto trading company - stops Denial of Service issues and mitigates infrastructural and reputational risks with Qrator Labs filtering network letting the platform run like clockwork 24/7.
Olymp Trade - Online trading company - reaches continuous availability of its resources and provides a secure trading environment for customers using Qrator.AntiDDoS solution
Qrator Labs helps Lazada - Ecommerce company - prevent targeted attempts to disable the system with sophisticated DDoS attacks ensuring uninterrupted business operations, and boosting website performance.
The Arab International Cybersecurity Conference & Exhibition shields against potential network attacks with Qrator.AntiDDoS and WAF solutions
