Blocked?See Live ThreatsCommunity
Customer Portal Login
Spamhaus Technology and abuse.ch Logo
Solutions
Data
Email & Network
Cyber Threat Intelligence
Resources
About
Back to Previous Page

Case Study

Cloud provider, Rackspace, improves connectivity with DNS Firewall

Posted on
March 29, 2018 Author
Spamhaus Technology Team Read time
3 mins

Response Policy ZonesDNS FilteringBotnet C2DNS FirewallNetwork Security

In this guide

IntroductionThe challengeThe solution – DNS Firewall Threat Feeds delivered as a zone transfer feedThe results – improved customer protection and connectivity
Introduction

Introduction

Global managed cloud provider Rackspace is protecting customers and improving connectivity by using DNS Firewall Threat Feeds to block malicious domain traffic and botnet activity.

The challenge

As the leading provider of managed cloud services, Rackspace is always looking for ways to augment its multi-layered approach to security and stay ahead of the threats from Distributed Denial of Service (DDoS) attackers looking to exploit its global infrastructure and highly connected customer base.

High volumes of domain queries across the company’s infrastructure are an integral part of usual operations, but Rackspace was looking for ways to reduce traffic related to malicious domains and help ensure that the infrastructure wasn’t used by botnets to mount DDoS attacks. In addition to these security concerns, DDoS attacks were also parasites on their infrastructure, stealing bandwidth to carry out their malicious attacks.

The solution – DNS Firewall Threat Feeds delivered as a zone transfer feed

After a market analysis of different options, Rackspace worked with Spamhaus’ value-added delivery partner, SecurityZones, to fully deploy DNS Firewall. This included developing a pilot to ensure technical compatibility and delivery requirements with the monitoring of results prior to full implementation.

Rackspace chose to have DNS Firewall Threat Feeds delivered as a zone transfer feed to ensure domain queries were filtered on their own DNS servers to reduce latency and because they had the skills available to implement directly.

Rackspace uses industry standard BIND servers for DNS resolution and the zone transfer feed was test integrated.  Almost immediately it was delivering results; blocking malicious domains without the installation of any additional hardware.

The results – improved customer protection and connectivity

Rackspace’s customers rely on their users to have a uninterrupted online experience. For eCommerce customers that means a seamless experience from advertising through to the online store and final purchase. Underpinning this is multiple DNS resolution across different sites so any interruption would have an immediate business impact, therefore testing was a vital component to this deployment.

Following checks for technical compatibility with BIND servers and reviews of the volume of alerted traffic, DNS Firewall was made operational.

Related Resources

Response Policy ZonesDNS FilteringBotnet C2DNS FirewallNetwork Security
Spamhaus | abuse.ch Logo

Solutions

Email & NetworkEmail ProtectionEmail ComplianceDNS ProtectionEdge ProtectionCyber Threat IntelligenceThreat Intelligence EnrichmentThreat HuntingAll Solutions

Data

Malware IntelligencePhishingSpamInsight & ClassificationHistorical ContextAll Data

Email & Network

About Email & NetworkEmail ProtectionEmail ComplianceDNS ProtectionEdge Protection

Cyber Threat Intelligence

About Cyber Threat IntelligenceThreat Intelligence EnrichmentThreat Hunting

Resources

Resource CenterEventsCommunityMalware DigestBotnet Threat MapCompromised IP StatisticsFAQsStatus Page

About Us

About SpamhausSpamhaus-abuse.ch Alliance
Spamhaus | abuse.ch Logo
XLinkedInYouTube
Privacy PolicyCookie PolicyTerms and Conditions
Uicons by Flaticon