Managed DNS is where a third-party hosts and optimizes your DNS resolution architecture to provide the fastest, most secure, most reliable experience.

Perhaps the easiest way to explain it is by looking at the opposite scenario: what if you don’t have a managed DNS service in place?

Every query in the Domain Name System (DNS) follows the same logic to resolve IP addresses. If the DNS records for sites aren’t found in the local cache, DNS will progressively query a series of servers until it finds the right answer from the authoritative DNS server associated with that domain.

If you’re running a website without a managed DNS solution, that means you’re directly responsible for answering every authoritative DNS query from around the world. It’s certainly possible to manage your own authoritative DNS, but there are some risks.

• Availability: DNS traffic patterns vary widely and are often unpredictable. If you’re directly answering all queries for your domain, you will need enough capacity to handle sudden spikes in volume. That usually requires sophisticated load balancing and failover systems.
• Security: Managing your own DNS means that when a direct denial of service (DDoS) attack hits, you must be able to answer all of those queries. If you don’t have the capacity, then your site goes down. To mitigate the effects of DDoS attacks, your DNS infrastructure needs the ability to absorb any queries that come in.
• Performance: DNS queries can come from anywhere around the world. To provide the type of site performance every user expects, you have to deliver answers within just a few milliseconds. Since internet queries can only travel so fast, delivering “standard” site performance requires a worldwide network of servers (called “points of presence”). These networks deliver answers to DNS queries at scale— a significant investment for most companies.
• Cost: It’s possible to deliver DNS on your own with enough availability, security and performance to get the job done. Yet for most organizations, it’s not worth doing on their own. Building a global network of data centers with enough capacity, security and resilience to meet the requirements of today’s internet requires a significant investment in both equipment and people.

Table stakes: What every managed DNS offering provides

Managed DNS providers deliver the highly available, secure system organizations need to provide peak performance at a fraction of the cost of building a DNS resolution network on your own.

Since the early 2000s, managed DNS providers have provided a standardized offering for organizations that don’t want to host their own authoritative DNS. Smaller organizations often purchased a basic managed DNS service through the domain registration process, while larger organizations sought out premium providers with more specific domain expertise.

Today, it’s a given that any premium managed DNS service offering will provide 100% uptime through a worldwide anycast DNS network. These systems are resilient and redundant, with strong DNS failover architectures to keep sites up and running. Every managed DNS platform provides control panels, dashboards and metrics so you can analyze performance over time and improve resilience by removing broken endpoints.

The pricing of premium managed DNS offerings is also fairly standardized and straightforward across providers. For the most part, it’s based on usage, allowing customers to pay only for what they use rather than for capacity.

The next evolution of managed DNS

Managed DNS continues to evolve, adding advanced functionality on top of the basic value of an always-on, performance-driven DNS offering. Here are a few additional features that anyone considering a managed DNS offering should consider. Some of these features are for advanced users, but as time goes on, they’re bound to become more commonplace.

Traffic management: Managed DNS now goes beyond basic load balancing to optimize performance, control costs and provide an optimal application experience. IBM® NS1 Connect®’s powerful Filter Chain[GG1]  technology optimizes DNS routing decisions based on specific use cases.

Infrastructure as code: Today’s networks are driven by DevOps, edge computingand serverless architectures, which require an API-first approach to infrastructure. NS1 turns DNS into an enabler of these systems (rather than a blocker) through REST APIs with pre-configured architectures that are easy to use. Integration with tools like Terraform makes connecting to existing systems even easier.

Dedicated DNS: Some organizations want to go the extra mile to ensure that their DNS is protected against wide-scale outages while still outsourcing their external DNS. NS1 offers a physically and logically separate dedicated DNS service for these customers, giving them an extra layer of redundant protection.

Data-driven: Real-time analytics dramatically improve the performance and responsiveness of today’s managed DNS offerings. NS1 Connect offers advanced traffic steering capabilities that use application data to determine the best routing for a specific point in time and specific application types. The result: significantly lower latency.

Performance in China: Delivering high-quality application experiences to users in the Chinese mainland presents unique challenges. To overcome the DNS latency impacts associated with the unique architecture of the Chinese internet, NS1 offers a specialized managed DNS service for customers in mainland China.

Learn more about IBM NS1 Connect