Encryption is the foundation for securing data on the internet. Encrypted HTTP (HTTPS) has one of the largest shares of traffic on the internet today and is now the de facto standard.
Domain Name Server (DNS) traffic, however, has been a clear-pass unencrypted channel on the internet. DNS, defined in the simplest terms, is used to resolve the address of an application on the internet. When the DNS traffic is unencrypted, it is vulnerable to manipulation and privacy exploitation via eavesdropping. Imagine driving an autonomous car and all your neighbors have visibility into and control over your destination.
DNS over HTTPS (DoH) enables additional layers of security for DNS traffic. It uses widely adopted technologies like HTTP and Transport Layer Security (TLS) to securely encrypt and transport DNS queries and to pass more control to the applications. DoH for Google Chrome is enabled, and Microsoft announced Windows 10 support in late 2019.
The challenge for service providers: retaining service offerings and compliance with DoHImage source: Potential ISP Challenges with DNS over HTTPS
Adopting DNS over HTTPS (DoH) will allow service providers to continue offering critical cyber security services like malware detection, parental control, and compliance with law enforcement. A10 Networks has been collaborating with large service providers to develop and deploy a native DNS over HTTPS (DoH) capability, based on a proposed standard published as RFC 8484 by the Internet Engineering Task Force (IETF).
A10 Networks’ Thunder® CFW DoH capability provides:
Learn more about enabling DNS over HTTPS:
Saurabh Sureka is director of product management at A10 Networks, where he leads the team developing the scope of the company’s multi-cloud product roadmap and solutions. He works… Read More