DNS hyperscales and secures your infrastructure during high query volumes and DDoS attacks, making sure apps are highly available—even between multiple instances and across hybrid environments.

See buying options   Read the datasheet

Scaling, Securing and Optimizing DNS

Secure DNS is critical

Secure DNS is critical

Total security is necessary for every application because applications are the center of attention for both bad actors and legitimate users. A poorly secured network can have damaging consequences, costing customers and revenue. BIG-IP DNS services provide DevOps-friendly agility with the scale, security depth, and investment protection needed for both established and emerging apps.

  • DNS Firewall/DDoS - Can be combined with BIG-IP AFM to provide extensive security, including shielding DNS from volumetric DDoS attacks such as UDP floods or amplification DDoS attacks.
  • DNSSEC - Protect LDNS servers from cache poisoning and man-in-the-middle attacks with real-time DNSSEC.
  • DoH/DoT - BIG-IP DNS decrypts and resolves DNS queries over HTTPS (DoH) without impacting RPS. DNS over TLS (DoT) ensures that DNS requests and responses are not tampered with or forged via on-path attacks.

Simplify DNS network management

Simplify DNS network management

Networks are growing, both in scale and traffic demands, driving the need for improved availability for users and better access and management for administrators. BIG-IP DNS affords easy visibility and programmability, ensuring network architectures are easier to maintain.

  • Integration with current infrastructure - Communicate and integrate with network devices like SNMP agents, third-party caches, servers, routers, and load balancers to diagnose network endpoint health.
  • Flexible site options - Enable flexible site options including Active/Active, Active/Passive, or Active/DR Only.
  • Failover that ensures availability - Failover whole data centers or individual apps/servers to ensure users have uninterrupted access to the apps they need.

Product Overview

BIG-IP DNS diagram

Hyperscale and protect DNS while optimizing global app delivery

DNS enables users to access services, making it one of the most important components in the network infrastructure. If DNS is unavailable, services won’t function properly. Service providers and enterprises need to build an optimized and secure DNS infrastructure with the ability to rapidly scale and deal with millions of service names and IP addresses. Improve the performance and availability of your global applications by sending users to the closest or fastest endpoint—whether that be a physical, virtual, or cloud environment with F5 global server load balancing (GSLB).

Available in cloud-native format as a CNF, F5 application services work the same way in the public and private cloud as they do in the data center.

BIG-IP VEs have the same features as those that run on F5 hardware—and you can deploy them on any hypervisor or select cloud provider.

Both the BIG-IP family of devices and the VELOS chassis are purpose-built, powerful hardware that F5 software runs on.

Core Capabilities

The F5 hyperscale and secure DNS solution provides faster web browsing and reduced latency, improving user experience and leading to reduced churn and increased revenues. Visibility into DNS and these applications mean that their health, optimization, and protection can be maximized.

Manages query responses with multicore scalability, handling spikes in DNS query volumes.

Validates query requests, mitigates malicious communications, absorbs DDoS attacks, encrypts end to end with SSL, and more.

Logging, reporting, and analytics - detailed DNS and GSLB data, statistics, and graphs for in-depth analysis.

Supports application requirements across data center and cloud environments while keeping apps available.

Gives you the flexibility to shift traffic to a backup data center and fail over an entire site, or just control the affected apps.

Out-of-the-box health monitoring support for applications. 

Supports NAPTR DNS nodes and services to drive faster service instantiation.

Translates traffic for consumption by either IPv4 or IPv6 endpoints.

Platform Support and Integrations

Technology alliances

F5 application services integrate with major cloud providers and are available directly through marketplace offerings with variable PAYG or perpetual BYOL consumption options.

Private platforms we support

F5 supports co-location/interconnection providers when building out private clouds. A private cloud using F5 app services is ideal for speeding app deployments, enabling dynamic changes in the data center, and matching infrastructure services to workloads using a per-app model. 

Resources