The document discusses the evolution and benefits of efficientip's hybrid DNS engine, which integrates multiple DNS technologies to enhance security and performance against rising DNS attacks. It highlights the increasing threat of DNS vulnerabilities and provides a comprehensive overview of its features, including automated management and a unified architecture for simpler deployment. The company has established a strong presence with significant clientele across various sectors, leveraging innovative software solutions since 2004.

1. Confidential-Property of EfficientIP- All rights reserved-Copyright © 2014
Hybrid DNS Engine:
Strengthen the DNS Foundation

2. Confidential-Property of EfficientIP- All rights reserved-Copyright © 2014
Agenda
Page 2
Market Driver : BIND DNS Strengths and Weaknesses
Hybrid DNS Engine : Next Generation DNS Appliance
Hybrid DNS concept
Using the Smart Architectures to deal with HDE
Hybrid DNS Benefits
Demo

3. Confidential-Property of EfficientIP- All rights reserved-Copyright © 2014
DNS Security Risks Context
Page 3
DNS Attacks Are in Constant Growth: +200%
Source: Quaterly Global DDoS Attack Reports, 1st Quarter 2013

4. Confidential-Property of EfficientIP- All rights reserved-Copyright © 2014
Bind is the Most Popular & Deployed DNS Engine
Very flexible with the most comprehensive integration of RFCs
De facto a “standard”
Security Risks
Most popular means main DNS server target for hackers
Numerous security vulnerabilities (OS & DNS Service)
Authoritative and recursive are not separated
Performance Limitation
BIND performances are not enough to efficiently mitigate DoS attacks
Market Driver :BIND DNS Strengths & Weaknesses
Page 4
When compared with Q2 2012 (1.76 percent), Q1 2013 (6.97 percent), and Q2 2013 (7.25 percent), statistics indicate that DNS attacks are on the rise, both in the form of standard floods and Distributed Reflected Denial of Service (DrDoS) attacks. From Q2 2012 to Q2 2013, DNS attacks increased 5.49 percent. DNS attacks are usually directed at organizations with large infrastructures where oversight or misconfiguration of DNS services can cause severe impact to selected targets. Source: Prolexic Quaterly Global DDoS Attack Report

5. Confidential-Property of EfficientIP- All rights reserved-Copyright © 2014
Hybrid DNS Technology: 3 DNS Engines in One Appliance
DNS BIND (ISC), NSD and UNBOUND Cache (NLnetLAB)
One Active DNS Engine at a Time
The Hybrid DNS Engine is managed as a single entity: Automated synchronization
Hybrid DNS Engine: Next Generation DNS Appliance
Page 5
NSD

6. Confidential-Property of EfficientIP- All rights reserved-Copyright © 2014
Hybrid DNS takes advantage of SmartArchitectures
Integrated Best Practices
Configuration generated and pushed automatically
No need to be a DNS expert
Switching from one engine to another
Is controlled by the Administrator
Is done only if the underlying configuration is correct
Is done without any DNS service interruption
Dealing with Hybrid DNS : SmartArchitectures
Page 6

7. Confidential-Property of EfficientIP- All rights reserved-Copyright © 2014
3.Manage
2.Deploy
1.Design
Master-Slave
Template
Service
Master
Slave
Slave
Architecture setup
Slave
Slave
Master
Master-Slave Template
Master-Slave
Template
Management Appliance
Available servers
RR Zone Options …
Management of the SmartArchitecture as one “Virtual server”
Page 7
SmartArchitecture™ Deployment & Management Automation

8. Confidential-Property of EfficientIP- All rights reserved-Copyright © 2014
Hybrid DNS Engine for Hybrid DNS Architectures
Simplify DNS Architecture Design, Deployment and Management with SmartArchitecture Templates
The Hybrid DNS architecture is managed as a single entity
HDE For Next Generation DNS Architecture
Page 8
Master
Slave
Slave
Slave
NSD
NSD

9. Confidential-Property of EfficientIP- All rights reserved-Copyright © 2014
Block Zero-Day Vulnerabilities
Eliminate single point of failure (SPoF) following security alerts
Immediate remediation of security threats: Switch from a technology to another
Strengthen DNS Architecture Security Foundation
Baffle hackers with higher complexity of security footprint
Enhance Agility & Risk Management to Security Threats
No immediate need to update: Switch from a technology to another
Test and plan before updating
Improve Performances to Mitigate DoS Attacks
Up to 300,000 qps
Hybrid Technology Benefits
Page 9

10. Confidential-Property of EfficientIP- All rights reserved-Copyright © 2014
EfficientIP Company Overview
Americas Headquarters- West Chester, Pennsylvania
European Headquarters- Paris, France
Since 2004 – Innovative DDI Software Company
Smart DDI - SmartArchitecture, Hybrid DNS, Data Reconciliation, Compliancy Management, Unified Repository, VLAN & Device Management Integration
Coverage in 60 Plus Countries
Doubled Number of Employees in 2012 and Again in 2013
Solid Financial Foundation – Organic Growth& Private Funding
Full Value Add Services: Hardware Replacement & TAC access 24x7
Strong Technological Alliances
Page 10

11. Confidential-Property of EfficientIP- All rights reserved-Copyright © 2014
Customers
Telecommunication
Vodafone
Colt
T Mobile
SFR
Easynet
KPN
Telecom of Thailand
Qatar Telecom
Maskatel
Virgin Mobile
ONO
Energy Repsol EDF GDF Suez Air Liquide Education Leeds University Hamburg University Paris University Utrecht University Pais Vasco University
Banks & Insurances Allianz Zurich Financial Services Swiss Re Axa Wealth Standard Life Bank of France BRED Electronics-Defense Philips NXP Nokia Siemens Network Cassidian EADS Astrium
Page 11
Transportation
Norbert Dentressangle
SANEF
APRR
Metro of Madrid
Metro of Paris
Services
Cap Gemini
STERIA
Adecco
Sopra Group

12. Confidential-Property of EfficientIP- All rights reserved-Copyright © 2014
Page 12
Demo