More and more enterprises are moving to the cloud to take advantage of the numerous business benefits the cloud model offers, such as pay-as-you-go pricing, global scale, and reliable performance. Yet despite this embrace, many enterprises are migrating to the cloud while maintaining their legacy or in-house Domain Name System (DNS) service. This decision, while seemingly minor, could hold organizations back from reaching the full potential the cloud has to offer and expose them unnecessarily to the risk of cyberattacks.
Cloud-based DNS services provide an extra layer of security while facilitating cloud migrations and helping ensure cloud and customer-facing systems meet client and customer expectations.
Every user’s first interaction with a company’s online applications and services begins with a series of DNS queries. The DNS is a distributed internet database that maps human-readable names to IP addresses, enabling users to reach the correct destination when entering a URL. Example: when you visit http://www.dyn.com in a browser, your computer uses DNS to retrieve that website’s IP address of 184.108.40.206.
Well-performing DNS services are a major factor in helping to ensure websites and other cloud-based business assets stay online. Additionally, the DNS can help ensure customers, partners, and internal assets are connecting quickly and smoothly. Lastly, the DNS can help companies safely and strategically migrate to the cloud.
As customers access content and data from more devices, from more places, and at all times of the day, businesses need to make sure performance expectations are met to accommodate these needs.
Gartner notes that “DNS is mission-critical to all organizations that connect to the Internet. DNS failure or poor performance leads to applications, data and content becoming unavailable, causing user frustration, lost sales and business reputation damage.”
Downtime can be expensive. A single hour of downtime can cost an organization more than $100,000, according to Information Technology Intelligence Consulting research. This number becomes more stunning in light of the fact that 78% of enterprise websites suffer four or more disruptions per month, according to research by Aberdeen.
In-house DNS Constraints and Risks
Despite this importance, many businesses rely solely on in-house DNS servers that don’t deliver global reach, visibility or high-level availability and performance. Creating a DNS service that delivers performance, security, and scale requires time, money, and know-how that most businesses lack.
Most in-house DNS solutions consist of a relatively small number of DNS nameservers deployed in one or two data centers in a unicast delegation pattern. As a result, DNS requests for a given IP address will always resolve to a single physical location. While this is easy to implement, a company has no control over which location the DNS service selects. A user in Australia could be served by a nameserver in the United States creating a poor user experience. Trusting a single DNS solution with a small footprint is inefficient and risky.
Adding a redundant cloud-based DNS service provides extra protection. If an in-house DNS service is attacked or suffers an outage, the redundant service remains fully operational, preventing users from experiencing a service disruption. This is critical at a time when distributed denial of service (DDoS) attacks are on the rise (increasing by more than 125% between 2015 and 2016, according to data reported by content delivery network service provider Akamai).
While preventing an outage is important, a cloud-based DNS service provides other performance benefits, such as reduced latency and the ability to balance traffic according to region or between content delivery networks (CDNs). Unlike most in-house DNS solutions, which use a unicast network, cloud-based DNS services leverage a geographically distributed network known as “anycast.” An anycast network allows companies to use DNS to drive policies that automatically direct their users to the right location. For example, say you want all users in Germany to go to your Frankfurt data center. What happens if that data center goes down? Your company can use DNS to ensure German customers get routed to a London data center instead of to San Francisco. Since the internet is a volatile network that is constantly changing, being able to make strategic decisions based on real-time conditions gives companies a competitive advantage.
DNS As Part of Cloud Migration
The ability to use DNS to navigate in real time is crucial for enterprises migrating to the cloud. By using DNS, a company can start small and gradually migrate its systems. For example, a company could use a traffic steering policy in DNS, like ratio load balancing, to keep operations going while testing pieces of its infrastructure and service (by, for example, sending 1% of traffic to test integration), preventing a risky “cutover” day, which has an all-or-nothing outcome. This also allows the company to maintain control of its cloud assets. Loss of control is a common migration concern.
It is also important to note that few companies migrate to the cloud completely or choose only one cloud vendor. Most are operating a hybrid model. DNS can act as the control plane that allows you to navigate users between these different services, enabling you to optimize performance. This is beneficial not only to users, who get a better experience, but also to the bottom line. There are many benefits of migrating to the cloud for enterprises. However, to make the most of these benefits, organizations would be wise to pay attention to the important role DNS plays in the process.
Kyle York is the general manager and vice president of business and product strategy for the Oracle Dyn Global Business Unit.