How it works
Our service is deployed in front of your DNS server, becoming the first destination for all DNS queries. Acting as a secure proxy, Imperva prevents illegal DNS queries from reaching your server while masking it from direct-to-IP network layer attacks.
From the Imperva dashboard you can whitelist specific queries and for additional peace of mind, you can also set a threshold to rate-limit the queries your server receives.
Finally, with DDoS protection for domain name servers in place you will still be able to manage your DNS zone files outside of the Imperva network.
Precise mitigation
DDoS protection for domain name servers uses a combination of reputation and rate-based heuristics to inspect incoming queries and filter out malicious packets without impacting legitimate visitors.
Improved DNS performance
Legitimate queries are cached for a set period of time. During that time, all subsequent queries are resolved directly from a nearest location on Imperva network. This accelerates performance and lessens the load on your own DNS server.
Comprehensive protection
DDoS protection for domain name servers works in sync with our DDoS protection for websites and DDoS protection for networks services. Together they shield Imperva customers against all types of DDoS attacks.
Related Content
Key Resources
-
FlexProtect Plans
Learn more › -
DDoS Protection for Websites
Learn more › -
DDoS Protection for Networks
Learn more › -
The Forrester Wave™: DDoS Mitigation Solutions, Q4 2017
Get report ›
“We now spend less time on issues such as software changes and can direct more energy on protecting our members’ data and company information.“
Sharon Black
Sr. Manager of Information Security,
BlueCross BlueShield of Tennessee
“Increasing the visibility into threats allows us to make informed decisions into securing our environment.”
Edward Messina,
IT Security and Risk Manager,
Monash University