DNSBOX300 - ApplianSysDNSBOX300 is a hardened Linux-based appliance optimised for performance,...
Transcript of DNSBOX300 - ApplianSysDNSBOX300 is a hardened Linux-based appliance optimised for performance,...
DNSBOX300DNS MANGEMENT MADE SIMPLE
DNSBOX300 is a master appliance for DNS Management. It is a central management server for controlling unlimited remote DNS servers and enabling integrated administration by a team of any size, distributed anywhere.
Administering DNS using BIND or Windows servers can create lots of unnecessary headaches. In large or growing networks it can involve many man-years of tedious work. A lot of this could be saved with better tools:
Administering DNS is complex, repetitive and time-consuming:
• EditingDNSrecordsinvolvesinefficientworkflows–withlotsofrepetitionandcopying–anderrorsareeasytomake.Thedataisnothuman-friendly.
• NowDNSSECandIPv6arecreatingevenmoreworkandcomplexity.• Controlling,maintainingandadministeringmultiplelinkedDNSserversindividuallycreatesmoreinefficiency.
Enforcing administrative procedures is challenging. It’sdifficulttosharetheworkamongmultipleadministratorswithouttoolsforcontrollingdelegatededitingrightsorviewing history
Protecting your core DNS services from security threats and service failures:
• DNSisatopsecuritytarget.BINDandWindowsDNSarevulnerabletointrusion,DoSattacksandcachepoisoning,withnewvulnerabilitiesoftenemerging
• Configurationiserror-prone:asinglemistypedcharactercouldbringdownyourentirenetwork, with disastrous business consequences
• ADNSserverfailurecouldbecausedbyapplicationoroperatingsystemsoftware,hardwareoroperatorerror.RobustDNSarchitecturesneedredundancy,whichitselfiscomplicatedtogetright
DNSBOX300 overcomestheseissuesbyradicallysimplifyingDNSadministration,makingiteasytodelegateworkloadamongstaffandprotectingyourDNSservicefromattackorfailure.
DNSBOX300 isusuallydeployedwithDNSBOX200serverstodeliveracompleteDNSarchitecture. It can also be integrated with other DNS and DHCP servers. Customers choose the DNSBOX300 model when:
• ManagingandservingexternalDNSdomains–thiscouldbeinanenterpriseoraserviceproviderenvironment.TypicaluserangesfromquitesmallscaleDNSmanagementsituations,withrelativelyfewfairlystaticzones,uptoquitelarge,changeable DNS datasets. Whatever the size, a robust, secure master-slave solution to guarantee the DNS service is business critical.
• RunningDNSandDHCPservicesacrossamedium-sizeorganisation’snetwork.
• TheyhavealargernetworkwithsomeseparationofDNSsystems.TypicallytheywanttouseWindowsDNS/DHCPtolookaftertheirPCpartsofthenetwork,arelookingforasolutionforthe*nixsideofthenetwork(whichisprobablyusingBINDDNS),andwanttokeepthetwosidesquiteseparatewithminimumintegrations.
IfyoupurchaseDNSBOX300andlaterwanttohandleanexpandedscope,whereintegratedIPaddressmanagement(IPAM)wouldbehelpful,youcanupgradeyourmasterappliancetoaDNSBOX400.
Eliminate DNS downtime
• Datasyntaxvalidation
• Data logic validation
Streamline management with built-in automations
• Managemoredatawithexistingstaff
• Reallocateseniorstafftohighvalueoperation
• Assign routine tasks to junior staff
• CentralRecursiveManagement
DNS admin made easy
• AutomatedupdatingofDNSzoneserialnumbers and reverse DNS records
• ValidationofallentriestoDNSconfiguration
• FullsupportforIPv6andDNSSEC
• Automated zone signing and DNSSEC key rollover
Save Money
• Typicalpayback3-6months
• Minimalinstallation:1to3+days
• DNSadmintimesavings:50%+overall:• Addzone:10-20mins->30secs• Address record change: 10mins -> 1min• Eliminateerrors:1hr+perfix• BIND&OSupdates:save40-80hrs/yr
• Safely delegate to more junior staff
• Spendfreedtimeofmoreskilledstaffonmore value-added tasks
DNSBOX300 Benefits
FACTSHEET:DNSBOX300 Formoreinformationonourproductspleasevisit:www.appliansys.comorcalluson:+448454505152
Simplify DNS administration
• Built in automation and data validation
• SupportforDNSViews
• SupportforDNSSECinclwizardforsimplifiedzone signing
• ENUMsupportformappingtelephonenumbersto IP addresses
• SupportforIPv4andIPv6records
• Supportforanunlimitednumberofremotesecondary servers
• Agentless integration with Microsoft DNS & DHCP
• Performbulkchanges,includingTTLzones
• CentrallymonitorDNS/DHCPperformanceonall linked servers
Auditing & control
• Built-in local and centralised user authentication incl.forRADIUSandLDAP
• FullygranularUserGroupsfeaturetomaintaintight control over the rights of delegated users
• Supportforunlimitedconcurrentadministrators
• Transactionlogwithaudittrail(who,what,when); unlimited undo and redo
• Pre-populatedhostandzonetemplates
Appliance management
• ApplianceManagement
• Secure web interface
• FailoverreplicatesallDNSdatatoaHot-Standby unit
• Simplebackup,restoreandupgradefacility:firmwareupdatewithoptiontorollbacktopreviousversion
• Graphicalreportsonperformance,usageandsystem health
• Email, SMS and SNMP alerts for remote monitoring
• SupportsoutputtoremoteSyslogserver
DNSBOX300 - Key FeaturesSecure from the ground upWithDNSapopulartargetforattackbyhackersDNSBOX300incorporatesindustrystandardarchitectureandDNSsecuritybestpracticefromtheoutset.Byonlycommunicatingwithauthoritativeslavesitcanbecompletelyhiddenfromtheworld.
AllconnectionstotheUserInterfacearesecuredusingSSLandconnectionsbetweenDNSBOX300 and DNS and DHCP slaves are secured using combinations of SSH, IPSEC, TSIGandDNSSEC,preventingtheunauthorisedalterationofyourdata.
Controlled AdministrationAccessible remotely via a secure web interface, DNSBOX300offersfullsupportfor‘distributedadministration’.The‘UserGroups’featureallowsacentralsuper-administratorto maintain tight granular control over the rights of delegated administrators.
Inotherwords,it’sgreatfororganisationswithmultipleadministrators,ensuringthemanagementtaskcanbesharedinaveryefficient,controlledandcoordinatedway.
Scaling and availability for growing networksThere are no set limits to the amount of data DNSBOX300 can manage. Furthermore, itsupportsanunlimitednumberofconcurrentadministratorsandremotesecondaryservers.ItcanbeusedforcentralisedmanagementofanyRFCcompliantDNSserverwithadditionalbenefitswhenusedwithDNSBOX200 – tight integration means less administration work and enhanced security and redundancy.
DNSBOX300canbedeployedwithafailoverunitwhichiscontinuouslyreplicatedfromtheactivemaster.Intheunlikelyeventoffailurethiswillensurethereisnoimpactonnetworkavailability.
INTERNET EXTERNAL DMZ ADMINISTRATION(Firewalled)
INTERNAL LAN
Windows Server (DNS Only)
DNSBOX200
RFC Compliant DNS Server DNSBOX200
(DNS & DHCP)
DNSBOX300
If your network grows or you re-architect your network services, you may later want toincreasethescopehandledbyDNSBOX to include IP address management and implementafullyintegratedDDIsolution.Inthiscase,DNSBOX300canbeupgradedtoaDNSBOX400toincludeIPAM,throughasimplelicenseupgrade.
Rock solid applianceDNSBOX300isahardenedLinux-basedapplianceoptimisedforperformance,robustness,security and ease of management.
ThecustomLinuxOShasbeenbuiltfromthegroundup,supportingthecoreapplicationwith only the most critical network tools.
Akeyaspectisuseofsolid-statestorage,withnoharddrivesintheseappliances.Harddrives account for 90% of hardware failures, so DNSBOX300is10xmorereliablethanalternatives.Ifpowerfails,thereisnolossofdataorsettingsandrebootisimmediate.
DNSBOX320 DNSBOX330
Usage: Standard Duty Heavy Duty
Form Factor: 1URackMountable
Max IPs licenced: Unlimited
Ethernet: 2xGbENetworkInterface
Flash Memory: 1xOS/application,1xuser-data
OS: Linux
Dimensions: 19x1.75x17(ins);48x4.5x44(cm)
Technical Specifications
FACTSHEET:DNSBOX300 Formoreinformationonourproductspleasevisit:www.appliansys.comorcalluson:+448454505152