Knowledge Base

Why do we need DNSSEC?

The DNS works on a concept of “implied trust”. When you click on a website link, your computer will take you to whatever first reply it receives, and does not check whether it is getting reliable information on where to go on the Internet. This insecure system is used not only by your local computer, but by all servers and by all Internet Service Providers (ISPs) on the Internet. This creates a giant security hole in the Internet which made it possible for attackers to do a “cache poisoning”. This would result in any of your customers who click on a web link to reach your website automatically being redirected to some other location where their information may be stolen, compromised or used for criminal and other malicious purposes. Adding DNSSEC to your domain name can help reduce the chances of traffic hijacking. When properly maintained, DNSSEC zones provide extra security by preventing man-in-the-middle attacks and hijacking of traffic.

Was this article helpful?