The importance of DNS reliability and availability cannot be overstated. When your DNS is attacked or goes out of service, your website and applications become unreachable, and that’s bad for your business. This is why relying solely on your own DNS servers, or on a single provider, makes your DNS — and by extension, your business — vulnerable.
Edge DNS is an authoritative DNS service that moves your DNS resolution from your premises or data centers to the Akamai Intelligent Edge. Edge DNS is architected for nonstop DNS availability and high performance, even through the largest DDoS attacks.
Edge DNS can be deployed as a primary or secondary solution with optional DNSSEC support to protect against DNS forgery and manipulation.
Diversifying DNS is a key to optimizing Internet performance for end users. To do so, consider addressing delegation servers with a variety of network routes.Read our Blog Post
Using Edge DNS as a secondary DNS service is a quick way for organizations to ease into the benefits of a globally robust cloud-based DNS solution deployed at the edge.Read our Blog Post
DNS is critical to any organization with an online presence. Read how auditing your DNS should be the first step in protecting your online business.Read our Blog Post
Edge DNS features 24/7 availability and comes with a 100% uptime service-level agreement (SLA), providing you with confidence that your customers and employees are always able to access your website and application servers.
Akamai’s global anycast network, distributed throughout 28 countries, accelerates DNS resolutions for users connecting to your sites and applications from anywhere in the world, providing the ultimate in DNS availability and response times.
Faster Web Experiences
Close proximity to the Akamai Intelligent Edge Platform, along with features such as zone apex mapping, often reduces DNS lookup times, translating directly to faster performance, particularly for websites also using Akamai Web Performance solutions.
Between the massive scale offered by the Akamai Intelligent Edge Platform, traffic throttling for devices exhibiting suspicious behavior, DNSSEC, and a trust-based implementation model, Edge DNS is an effective mechanism for protecting your online business from the effects of DNS-based DDoS attacks and other threats.
Whether replacing or augmenting existing DNS, Edge DNS can be used for primary or secondary DNS. Support for features such as vanity name servers, IPv6, an intuitive user interface, and use of Akamai’s APIs make it simple to integrate and begin using Edge DNS.
Provide a decentralized DNS service to end users that enables the creation of a logical name server comprising multiple physical servers deployed across multiple networks and continents.
Unlike other DNS solutions, Edge DNS is not based on Berkeley Internet Name Domain (BIND) software. Rather, Akamai’s DNS implementation is based on years of development experience with DNS protocols, resulting in an implementation protected from attackers looking to exploit vulnerabilities that have been exposed in BIND.
24/7 Availability, 100% Uptime SLA
Deliver around-the-clock DNS availability for users throughout the world through Akamai’s globally distributed authoritative DNS platform. Akamai’s SLA guarantees DNS service availability for users even in the event of natural or man-made disasters.
Zone Apex Mapping
Leverage the mapping data available from the Akamai Intelligent Edge Platform to reduce the overhead associated with CNAME chain lookups. Enable use of Akamai web acceleration solutions for DNS records at the zone apex for which CNAMEs cannot otherwise be used.
DNSSEC with Edge DNS Secure Option
Guard against DNS data forgery or manipulation with Akamai’s Domain Name System Security Extensions (DNSSEC) option for Edge DNS. Options include Serve DNSSEC for organizations wishing to manage their own keys, or “sign and serve” DNSSEC for organizations that would prefer to fully outsource their key management process. You can learn more about DNSSEC here.
Suppress traffic from any IP address exhibiting suspicious behavior. Edge DNS monitors the level of DNS traffic from every IP address and automatically throttles traffic when it detects anomalies — an effective technique for mitigating DNS amplification or volumetric attacks.
Protect against DDoS reflection attacks from spoofed IP addresses by only serving content to a list of well-known name servers, updated continuously based on the total web traffic delivered across the Akamai Intelligent Edge Platform.
Flexible Usage and Administration
Implement Edge DNS as either primary or secondary DNS. Add professionalism and security by using vanity names to rebrand Akamai name servers using your own domain names. Integrate IPv4 and IPv6 addressing as your organization transitions to IPv6. Initiate zone transfers using an intuitive GUI through the Akamai Control Center.
Powerful Management and DevOps Integration
Manage your DNS configurations from your Akamai Control Center portal or through the Akamai CLI. Leverage Edge DNS application program interfaces (APIs) to automate the integration of Edge DNS with your existing management tools, workflows, and processes. Utilize Akamai’s Terraform integration to help provision and manage properties and DNS zones as code.
Primary or Secondary DNS
Deploying a few DNS servers in corporate or cloud data centers might work well for small organizations but is not a sound approach for enterprises whose businesses rely on the Internet. Edge DNS can be used to replace existing DNS infrastructure or to augment primary DNS with a cloud-based DNS that combines high availability, scale, and security.
Highly Available Websites and Applications
Backed by a 100% uptime service-level agreement (SLA), Akamai’s globally distributed anycast network, consisting of thousands of servers deployed across 195 points of presence (PoPs) in 26 countries, practically assures 24/7 availability of DNS resources, regardless of where and when end users are connected.
Securing Your DNS
Between its distributed architecture, a secure implementation that doesn’t expose the vulnerabilities known to be present in open source DNS, and key features such as throttling and DNSSEC, Edge DNS offers superior defenses against DNS forgery and data manipulation, as well as against business-crippling DNS DDoS attacks.
Improving End-User Experiences
Reduced latency, resulting from the likelihood that an Edge DNS server is deployed close to your end users, leads to reduced page load times and better overall performance. Features such as zone apex mapping and vanity names also improve DNS lookups and tie in nicely with Akamai Web Performance solutions.
Designing DNS for Availability and Resilience against DDoS Attacks
Read how the combination of scale, architecture, and feature/functionality make Edge DNS resilient against the face of the largest DDoS attacks.Read the White Paper
The Otto Group protects its DNS servers and thousands of euros in revenue each minute with Akamai Edge DNS.Read the case study
Edge DNS for Games
The Domain Name System (DNS), which translates human-readable domain names into numerical IP addresses, is a critical component in delivering a faster online experience for your players.Learn More
Deployment Diversity for DNS Resiliency
Diversifying DNS is a key to optimizing Internet performance for end users. To do so, consider addressing delegation servers with a variety of network routes.Read the Blog
Edge DNS as a Secondary Implementation: Order of Operations for NS Zone & Registrar Records
Using Edge DNS as a secondary DNS service is a quick way for organizations to ease into the benefits of a globally robust cloud DNS solution.Read the Blog
Protecting Your Domain Names: Taking the First Steps
DNS is critical to any organization with an online presence. Read how auditing your DNS should be the first step in protecting your online business.Read the Blog
DNS Flag Day & Akamai
DNS “Flag Day” is an industry event that promotes compliance with DNS standards. Read about the 2019 theme, as well as Akamai’s participation in DNS Flag Day.Read the Blog
Domain Name Consolidation — Observations from the Field
The opportunity to migrate to brand-relevant domain extensions is creating both opportunities and challenges for DevOps and operational teams. Learn more about how Akamai can help.Read the Blog
Akamai Edge DNS supports Domain Name System Security Extensions (DNSSEC), which protects against the spoofing or hijacking of DNS messages by authenticating the origin of the DNS data. By safeguarding DNS messages and assuring data integrity, DNSSEC provides an additional layer of defense by helping end users avoid potentially harmful domains.Learn More
DNS Security and Services
Akamai’s comprehensive support for DNS spans enterprises, websites, ISPs, and network operators. This page represents a centralized wealth of information on DNS and Akamai.Learn More
"Akamai fast DNS is what we use day in and day out. It helps clear cache in few seconds rather than waiting for a while to be done. This has been such a useful tool and API akamai provides."Read Full Review