During our first Cricket Liu live event in June, Cricket Liu, Chief DNS Architect at Infobox and Paul Vixie, CEO of Farsight Security have discussed the critical role DNS is playing to defend against cyber attacks as more hackers are using it as an attack vector.
During this event, there were a lot of technical questions on DNS and Response Policy Zones (RPZs). We convened Cricket and Paul to discuss these questions in the podcast presented below.
Sign up for our next Cricket Liu Live event in November 2017.
Here are the questions they discussed:
- DNS is no longer just an IT issue – it is quickly becoming a key component to every security program. Can you discuss this evolution?
- What is DNS RPZ? Isn’t RPZ just sinkholing with more options?
- Can you describe some applications of RPZ that you think are clever or especially useful?
- Have you thought about enhancing RPZ so that you can apply a different policy to each querier?
- Do you have any enhancements to RPZ in mind? What are they?
- How can you manage an internal RPZ feed? Does dynamic update work?
- Why is it important to run your own recursive name server?
- How does RPZ compare with DNS/Web filtering support that vendors like Palo Alto Networks, Fortinet provides in their products?
- How much overhead is introduced to the network when utilizing RPZ’s, if any?