What is Secure64 DNS Authority?
Secure64 DNS Authority is an authoritative DNS server with the highest levels of security and performance of any name server software available today.

Is Secure64 DNS Authority based on BIND?
It is important to have genetic diversity in the DNS, to provide resiliency against attacks that attempt to exploit flaws in any particular implementation. Secure64 DNS Authority is adapted from NSD, an open source authoritative DNS implementation available through NLNet Labs. NSD was designed for performance and simplicity, and has been used in production for many years to power root servers and top level domains.

Is Secure64 DNS Authority a caching/resolving DNS server?
Unlike BIND, which is both an authoritative and caching DNS server, Secure64 DNS Authority is an authoritative-only server. By focusing on just the authoritative function, Authority is made more secure and higher performing than other name servers.

What hardware does Secure64 DNS Authority support?
Secure64 DNS Authority takes advantage of the unique security and performance characteristics of the Itanium 2 microprocessor, which allows it to become Genuinely Secure. Today, the Authority software executes on the HP Integrity rx2660 server.

Is Secure64 DNS Authority compatible with BIND and Microsoft DNS?
Secure64 DNS Authority can act as a master or slave server to other DNS servers running BIND 9, BIND 8, Microsoft® Windows® DNS (Windows 2000 Server and Windows 2003 Server), and NSD.

Does Secure64 DNS Authority support HIPPA/SOX reporting?
Secure64 DNS Authority helps organizations meet compliance requirements by improving DNS security and availability. Through syslog and SNMP integration, IT staff and auditors can view information about user access, denial-of-service attacks, and other event-related data. Authority does not offer pre-configured reports for specific compliance or audit requirements.

Are there limits to the number of zones or records supported?
The only constraint on the number of zones and records that may be served by Secure64 DNS Authority is available RAM. Authority has been successfully tested with hundreds of thousands of zones and millions of records. Contact a Secure64 sales representative for more information on hardware configuration.

Do you support dynamic updates?
Yes, Secure64 DNS Authority supports dynamic updates and can secure those updates through TSIG, if required.

Do you support DNS wildcards?
Yes, Secure64 DNS Authority provides answers for systems given a * (wildcard) name in the zone file.

Do you support a high-availability DNS architecture?

Yes. Secure64 DNS Authority supports a BGP-based anycast architecture that allows multiple DNS servers to share a common IP address. This architecture provides additional availability, resiliency, and performance compared to a traditional DNS architecture.

Can I change configurations, including adding or deleting zones, without downtime?
Yes. Secure64 DNS Authority continues to respond to queries while restarting with a new configuration.

As an authoritative-only server, does Secure64 DNS Authority support being a secondary (slave) name server?
Yes, Secure64 DNS Authority can be configured as either a master (primary) or slave (secondary) server. As either a master or slave, it is compatible with BIND 8, BIND 9, Windows DNS (2000, 2003), and NSD name servers.

Does Secure64 DNS Authority include IPv6 support?
Secure64 DNS Authority does not support IPv6 at this time.

Are there any reporting/logging/alerting features
in the product?
Secure64 DNS Authority uses a variety of mechanisms to report and log activity on the system including:

* Syslog records many different system events, including user logins.

* SNMP traps, in conjunction with syslog, alert and log abnormal conditions, such as when a network attack begins and ends.

* DNS statistics are available on demand or at regular intervals.

* Under attack, the system can provide details to help administrators set upstream router filters to protect bandwidth.

* System commands provide additional detailed information such as moving averages of attack statistics.

What type of management system does Secure64 DNS Authority offer?
Today, Secure64 DNS Authority is managed through a command line interface over an SSH2-secured connection. We provide a rich set of commands through this interface to configure and manage the server and the DNS data. Often, customers integrate their own provisioning system to our server using this interface.

Are system upgrades a manual or automated procedure?

Secure64 DNS Authority provides upgrade and rollback commands and a user role for upgrades. Normally, upgrades are a simple process of downloading the appropriate file and running the upgrade command.