Code Dark Center Hero Image 1920x1080

Gain peace of mind by extending your DNS to the edge, with high availability and performance, and resilience against DDoS attacks backed by a 100% uptime SLA.

Edge DNS

Akamai has renamed our authoritative DNS service.
Welcome to Edge DNS!

What is Edge DNS?

Edge DNS Platform Diagram

The importance of DNS reliability and availability cannot be overstated. When your DNS is attacked or goes out of service, your website and applications become unreachable, and that’s bad for your business. This is why relying solely on your own DNS servers, or on a single provider, makes your DNS — and by extension, your business — vulnerable.

Edge DNS is an authoritative DNS service that moves your DNS resolution from your premises or data centers to the Akamai Intelligent Edge. Edge DNS is architected for nonstop DNS availability and high performance, even through the largest DDoS attacks.

Edge DNS can be deployed as a primary or secondary solution with optional DNSSEC support to protect against DNS forgery and manipulation.

High Availability

Edge DNS features 24/7 availability and comes with a 100% uptime service-level agreement (SLA), providing you with confidence that your customers and employees are always able to access your website and application servers.

Global Reach

Akamai’s global anycast network, distributed throughout 28 countries, accelerates DNS resolutions for users connecting to your sites and applications from anywhere in the world, providing the ultimate in DNS availability and response times.

Faster Web Experiences

Close proximity to the Akamai Intelligent Edge Platform, along with features such as zone apex mapping, often reduces DNS lookup times, translating directly to faster performance, particularly for websites also using Akamai Web Performance solutions.

Security

Between the massive scale offered by the Akamai Intelligent Edge Platform, traffic throttling for devices exhibiting suspicious behavior, DNSSEC, and a trust-based implementation model, Edge DNS is an effective mechanism for protecting your online business from the effects of DNS-based DDoS attacks and other threats.

Flexibility

Whether replacing or augmenting existing DNS, Edge DNS can be used for primary or secondary DNS. Support for features such as vanity name servers, IPv6, an intuitive user interface, and use of Akamai’s APIs make it simple to integrate and begin using Edge DNS.

IP Anycast

Provide a decentralized DNS service to end users that enables the creation of a logical name server comprising multiple physical servers deployed across multiple networks and continents.

Secure Implementation

Unlike other DNS solutions, Edge DNS is not based on Berkeley Internet Name Domain (BIND) software. Rather, Akamai’s DNS implementation is based on years of development experience with DNS protocols, resulting in an implementation protected from attackers looking to exploit vulnerabilities that have been exposed in BIND.

24/7 Availability, 100% Uptime SLA

Deliver around-the-clock DNS availability for users throughout the world through Akamai’s globally distributed authoritative DNS platform. Akamai’s SLA guarantees DNS service availability for users even in the event of natural or man-made disasters.

Zone Apex Mapping

Leverage the mapping data available from the Akamai Intelligent Edge Platform to reduce the overhead associated with CNAME chain lookups. Enable use of Akamai web acceleration solutions for DNS records at the zone apex for which CNAMEs cannot otherwise be used.

DNSSEC with Edge DNS Secure Option

Guard against DNS data forgery or manipulation with Akamai’s Domain Name System Security Extensions (DNSSEC) option for Edge DNS. Options include Serve DNSSEC for organizations wishing to manage their own keys, or “sign and serve” DNSSEC for organizations that would prefer to fully outsource their key management process. You can learn more about DNSSEC here.

IP Throttling

Suppress traffic from any IP address exhibiting suspicious behavior. Edge DNS monitors the level of DNS traffic from every IP address and automatically throttles traffic when it detects anomalies — an effective technique for mitigating DNS amplification or volumetric attacks.

Trust-Based Security

Protect against DDoS reflection attacks from spoofed IP addresses by only serving content to a list of well-known name servers, updated continuously based on the total web traffic delivered across the Akamai Intelligent Edge Platform.

Flexible Usage and Administration

Implement Edge DNS as either primary or secondary DNS. Add professionalism and security by using vanity names to rebrand Akamai name servers using your own domain names. Integrate IPv4 and IPv6 addressing as your organization transitions to IPv6. Initiate zone transfers using an intuitive GUI through the Akamai Control Center.

Powerful Management and DevOps Integration

Manage your DNS configurations from your Akamai Control Center portal or through the Akamai CLI. Leverage Edge DNS application program interfaces (APIs) to automate the integration of Edge DNS with your existing management tools, workflows, and processes. Utilize Akamai’s Terraform integration to help provision and manage properties and DNS zones as code.

Primary or Secondary DNS

Deploying a few DNS servers in corporate or cloud data centers might work well for small organizations but is not a sound approach for enterprises whose businesses rely on the Internet. Edge DNS can be used to replace existing DNS infrastructure or to augment primary DNS with a cloud-based DNS that combines high availability, scale, and security.

Highly Available Websites and Applications

Backed by a 100% uptime service-level agreement (SLA), Akamai’s globally distributed anycast network, consisting of thousands of servers deployed across 195 points of presence (PoPs) in 26 countries, practically assures 24/7 availability of DNS resources, regardless of where and when end users are connected.

Securing Your DNS

Between its distributed architecture, a secure implementation that doesn’t expose the vulnerabilities known to be present in open source DNS, and key features such as throttling and DNSSEC, Edge DNS offers superior defenses against DNS forgery and data manipulation, as well as against business-crippling DNS DDoS attacks.

Improving End-User Experiences

Reduced latency, resulting from the likelihood that an Edge DNS server is deployed close to your end users, leads to reduced page load times and better overall performance. Features such as zone apex mapping and vanity names also improve DNS lookups and tie in nicely with Akamai Web Performance solutions.

Resources