F5 DNS Solution for Communications Service Providers

2

Key Facts

F5 Provides Communications Service Providers with a Carrier-Grade DNS Solution that Delivers:

• High speed authoritative DNS responses

• High volume query rates

• Secure DNS transactions

• IPv4 and IPv6 integration

• Attack impact mitigation

3

Why DNS? Every Second Counts…

A one-second delay means:

• 7% loss in conversions

• 11% fewer page loads

• 16% decrease in customer satisfaction

If your site earns $100,000 a day, this translates to millions lost per year!

4

The F5 Service Delivery Network Dynamic & Unified Service Intelligence

Data Services

Video Services

Voice Services

Core Strategic Point of Control• Traffic steering & policy enforcement• Load balancing • AAA scaling• Connection brokering• Optimization & acceleration

Edge Strategic Point of Control• Traffic steering & policy enforcement• Network Address Translation (NAT)• IPv6 interworking• TCP optimization• Caching

End-to-End Session Awareness

Video

Data

Voice

BIG-IP VIPRION BIG-IP VIPRION

5

F5 Carrier-Grade DNS Solution

• Dimensional DNS traffic scaling - ScaleN

• Destination service high availability – global server load balancing

• Attack mitigation – IP Anycast

• DNSSEC

• Performance – DNS Express, DNSSEC Key Management

• Flexibility – iRules, iApps

• IPv6 – DNS64, integration with NAT64

Solution

6

Scaling and Distribution

Features

• Virtualization of authoritative DNS servers and multisite load balancing

• Transparent monitoring and route health injections

• DNSSEC with signed responses

• Layer 7 DoS and brute force attack protection (ASM)

• Location based services

Benefits• Distributes user application requests based

upon policies, data center conditions and network conditions

• Carrier-class availability and scalability to support millions of subscribers

• Enables multi-site redundancy for disaster recovery

• Simplified implementation and reduced management

Solution

IP AnyCast

Client Services

DNS Servers

DNS 64

Data Center 1

DNS Servers

DNS 64

Data Center 2

7

DNS Express• Ability to manage tens of millions of records

• Fast response times for multiple authoritative responses

• Increases scalability

• Mitigation of DoS/DDoS Attacks

• Consolidate DNS servers

DNS Express in TMOS

DNS Server

ManageDNS

Records

NIC

OSAdminAuth.Roles

DynamicDNS

DHCP

AnswerDNS

Query

AnswerDNS

Query

AnswerDNS

Query

AnswerDNS

Query

AnswerDNS

Query

Managing High Volume Requests

8

DNS Attack Mitigation

• Same IP address for multiple devices• Geographically separate the DNS request load for all requests• Scale DNS infrastructure up and out per BIG-IP • Revenue and brand are protected

9

Hardware Designed for Service Providers

• Industry’s best performance – up to 72 Gbps

throughput

• Hot-swappable components; on-demand

performance

• Flexible deployment options – NEBS, DC power