How does it work?

DNS protection service is deployed prior to the client’s DNS server, making it the first target of all DNS queries. As a result, Imperva’s solution acts as a secure intermediary that prevents illegal DNS queries from reaching the server and masks it from direct-to-IP attacks on the network layer.

Imperva’s dashboard allows for whitelisting specific queries, and the threshold setting option that limits the number of queries to the server provides additional security.

Furthermore, once DDoS protection for Domain Name Server (DNS) is deployed, you can still manage DNS zone files outside of Imperva’s network

Proper defense against any DDoS attack

Precise protection

DDoS protection of DNS uses a combination of reputation and assessment based heuristics. It checks inbound queries and filters out malicious packets without affecting real users.

Improved DNS performance

Legitimate queries are cached for a specific period of time. During this time all subsequent queries are handled directly by the closest location, the so-called Imperva world network node. This solution improves performance and relieves the DNS server itself.

Comprehensive protection

DDoS protection for DNS works in conjunction with our DDoS protection services for websites and network services. Together, they protect our clients from all types of DDoS attacks.

Check how we can secure your data and internet applications.