Name Server DDoS Protection

Name Server Protection is an always-on service, guaranteed to mitigate DDoS attacks targeting Domain Name Servers (DNS).

How DNS DDoS Protection works

How it works

The Imperva Incapsula service is deployed in front of your DNS server, becoming the first destination for all DNS queries. Acting as a secure proxy, Imperva prevents illegal DNS queries from reaching your server while masking it from direct-to-IP network layer attacks.

From the Imperva dashboard you can whitelist specific queries and for additional peace of mind, you can also set a threshold to rate-limit the queries your server receives.

Finally, with Name Server Protection in place you will still be able to manage your DNS zone files outside of the Imperva network.

Precise DDoS mitigation

Precise mitigation

Name Server Protection uses a combination of reputation and rate-based heuristics to inspect incoming queries and filter out malicious packets without impacting legitimate visitors.

Robust content delivery network

Improved DNS performance

Legitimate queries are cached for a set period of time. During that time, all subsequent queries are resolved directly from a nearest location on Imperva network. This accelerates performance and lessens the load on your own DNS server.

Complete DDOS protection

Comprehensive protection

Name Server protection works in synch with our Infrastructure Protection and Website Protection services. Together they shield Imperva customers against all type DDoS attacks.

Related Content

Key Resources

Protecting Cryptocurrency from DDoS Attacks

White Paper
Read paper ›
DDoS Protection Analytics

Enhanced Infrastructure DDoS Protection Analytics

Read blog ›