| |
Managed/Shared Community DNS Service |
Traditional DNS Approach (in-house) |
| Security |
- Super fast resolution for DDoS mitigation
- No Recursion
|
- Limited resolution rates
- Prone to DNS hijaking and spoofing
|
| Stability |
- Each DNS Operator controls its own zones and data
- AnyCast from multiple nodes, clustering and load balancing
|
- Grace and favour secondary service frequently limits DNS Operator control of its data and zones
- No load balancing making the system vulnerable to DDoS attacks
|
| Performance |
- Updates take less than 4 minutes between DNS Operator and Community DNS resolution nodes
- Fast disaster recovery - 1 million+ names per minute database reload
|
- Long time to load changes, round-robin selection of Name Server
- Limited and slow disaster recovery
|
| Quality of Service |
- SLA with 99.999% network uptime guarantee
|
- No SLA
- Best efforts support
|
| Scalability |
- Current system tested to 500 million names, and footprint expanding continuously
- Easy upscale path
|
- Limits on scalability, extended roll-out time
- DNS Operator must make ongoing financial and human investment to meet increasing demands
|