PDNS: DNS as a Service

PDNS: DNS as a Service

  • Complete Bind9 based solution
  • Recursive DNS-Firewall RPZ (Response Policy Zones) for endpoint security
  • Authoritative DNS for your Organization
  • WebUI and API for DNS
  • Antispoofing, Anti-DDoS and Cache Poisoning Controls
  • DNSSEC for increased security and brand protection

DNS is a critical component behind all Internet applications, websites, e-mail, messaging and e-commerce. We at Planisys have developed the PDNS platform for task automation and full control of the DNS Operation at Service Providers, Financial Institutions and other Organizations requiring a high level of security.


Read about DNS Attacks Read the PDNS Docs
What is PDNS ?
PDNS is Planisys' corporate platform for Domain Name System as a Service.
What is DNS ?
DNS stands for Domain Name System, which is a system that translates domain names into IP addresses so that computers can communicate with each other over the internet
What is a RPZ?
RPZ or Response Policy Zone runs in a DNS resolver to protect the user from malicious domains. Read more here
What is a DNS server?
A DNS server is a computer that stores DNS records and responds to DNS queries from other computers.
What is a domain name?
A domain name is a human-readable name that represents the IP address of a website. For example, www.example.com is a domain name that represents the IP address of the website hosted at that address.
What is a domain registrar?
A domain registrar is a company that manages the registration of domain names and the assignment of IP addresses.
What is a DNS record?
A DNS record is a piece of information in the DNS database that maps a domain name to an IP address or other resource record types.
What is a nameserver?
A nameserver is a DNS server that is responsible for storing DNS records for a particular domain name.
What is an IP address?
An IP address is a numerical label assigned to every device connected to the internet, which is used to identify and communicate with the device.
What is a TTL in DNS?
TTL stands for Time-to-Live and represents the length of time that a DNS record is cached by a resolver or nameserver before it needs to be refreshed from the authoritative DNS server.
What is a CNAME record?
A CNAME record is a type of DNS record that maps an alias (canonical name) to the true domain name of a server or website.
What is an MX record?
An MX record is a type of DNS record that specifies the mail exchange server responsible for handling email delivery for a particular domain name. A mail exchanger is involved in mail reception only and is being found by the MX record pointing to it.
What is a DNS zone?
A DNS zone is a portion of the DNS database that contains information about a specific domain name and its associated resource records.
How do I change DNS settings?
DNS settings can typically be changed through your domain registrar's control panel or in PDNS web application that is in fact a control panel.
What is DNS propagation?
DNS propagation refers to the time it takes for changes to DNS records to be propagated (or spread) across the internet and for cached DNS records to be updated with the new information. It depends on the TTL (Time-To-Live) in seconds of a record as they can be cached by resolvers everywhere in the world for the TTL duration.
What is DNS caching?
DNS caching is the process of storing DNS records in local memory or disk to speed up DNS queries and reduce network traffic. A caching nameserver is normally a recursive nameserver also known as resolver that caches a record for as long as its TTL (Time-To-Live) specifies it.
What is DNSSEC?
DNSSEC (DNS Security Extensions) is a set of security protocols designed to protect the DNS from attacks such as DNS spoofing and cache poisoning. PDNS fully supports DNSSEC, in the sense that it cryptographically signs the zone every time a new resource record is introduced or changed or deleted.
What is a DNS resolver?
A DNS resolver is a software program that converts domain names to IP addresses by querying DNS servers. It does not provide authoritative information, but instead uses recursion to query from the top of delegation chain up to the domain one wants to resolve.
What is a DNS query?
A DNS query is a request sent by a client computer to a DNS server to resolve a domain name to an IP address. The PDNS web application has tools to query authoritative and recursive nameservers, but you can still use console commands such as nslookup or dig in Windows, MacOS and Linux
What is DNS hijacking?
DNS hijacking is an attack in which a hacker redirects traffic intended for a particular domain name to a fake website or server, often for malicious purposes. PDNS uses hardened versions of Bind9 and takes a series of defense and cleanup to measures to avoid that.
How do I troubleshoot DNS issues?
Some common techniques for troubleshooting DNS issues include checking for typos in domain names, testing DNS resolution with the nslookup or dig command, flushing DNS cache, and testing connectivity to DNS servers. PDNS provides several tools for checking and even multi-checks to query different name servers.

Planisys PDNS
Hybrid Deployment


  • Based on Bind 9.16+ for Redhat and Ubuntu based systems
  • Bind9 servers on-premise, in Planisys Cloud, or Amazon/Azure/GoogleCloud/etc.
  • RPZ: Response Policy Zones for Government due access restrictions
  • Avoid noisy neighbors, cache poisoning, and domains involved in malware attacks to protect your endpoints
  • Response Rate Limiting to avoid DDoS attacks
  • DNSSEC for increased security and reputation
  • We provide DS information for your registrar's Chain of Trust
  • Real-time consistency controls of your domains between your Hidden Primary, your Authoritatives and Recursives.
Compant view of zone
Benefits

Benefits


  • Premium Technical Support - Ticketing system with Escalation Procedure
  • We help you migrate your DNS Zones to us
  • Permanent consulting on the use of DNS
  • Deploy servers wherever you like
  • Integrate with your CRM via API
  • Give access to your customers through PDNS-Web
  • We support any master-slave scenario
  • 24x7x365 DNS Monitoring and Alerts
  • Increased Security (anti-DDoS and DNSSEC)
  • Antispoofing and Antimalware

RPZ Endpoint Protection

RPZ workflow

RPZ endpoint protection workflow

Printscreens of PDNS Web

Newly created zone with automatic NS records

Newly created zone with automatic NS records

Add MX Record

Add MX Record

MX added and SOA Serial automatically increased

MX added and SOA Serial automatically increased

PDNS Reseller View

PDNS Reseller View

Multi-Check DNS Lookup Tool

Multi-Check DNS Lookup Tool

DNS Tool Lookup IDNA IPv6

DNS Tool Lookup IDNA IPv6

DNS Whois Information

DNS Whois Information

DNS Reverse Ipv4 Pre-filled Zone

PDNS Reverse Ipv4 Pre-filled Zone

Features

Web interface for DNS Resource Records

Intuitive, multi-tenant, responsive web interface for DNS Resource Records CRUD (Create Read Update and Delete). Consistency checks and alerts for changes in delegation , lame delegations or zone serial numbers out-of-sync. Prometheus and Grafana metrics and graphic dashboards.

DNSSEC and GeoDNS support

DNSSEC support for zone signing and root-of-trust in the delegation chain. GeoDNS support with graphical interface and authoritative traffic redirection depending on country and city.

Consistency monitoring and alerts

Consistency checks and alerts for changes in delegation , lame delegations or zone serial numbers out-of-sync. E-Mail and SMS alerts to keep track of dead zones and failures in zone transfers.

Recursive DNS Firewall RPZ

With a real-time feed of +1M of malware infected domains, DNS uses RPZ (Response Policy Zones) to protect all endpoints of your organization, from cellphones to desktop PCs and servers, by non resolving domains involved in Malware attacks such as C&C (Command & Control) servers.

SysDNS

SysDNS is a module to remotely manage resolvers and authoritative Bind and PowerDNS servers. As an extension of PDNS web interface, it permits management of different ACLs for zone transfers for different scenarios, with both trusted CIDRs and HMAC-MD5 keys.

2 way authentication

As DNS is a critical component of the organizations' Internet presence as well as for internal systems, logins to the PDNS platform are protected by two-way authentication with SMS messages.That way, there's more certainty about the users' identity, because a user owns its cellphone and knows its password.

Auditlog

PDNS keeps track of user modification by means of an encrypted auditlog that honours the privilege hierarchy, having a superadmin that can view all users' activity. Delegation events originated in other systems are also being timestamped and recorded together with manual interventions, to have a better understanding and forensics of DNS configuration history.

Domain and X509 expiration alerting<

PDNS provides ways to protect and alert administrators by e-mail and SMS before his domains are going to expire, by looking up their WHOIS information on a regular basis. X509 certs can also be uploaded as associated information to the domains, and keep administrators alerted about expiry dates.

Multi-tenant, white-label administration

PDNS' web interface is multi-tenant , with granular permissions to ensure proper access privileges and management of DNS resources according to superadmins, admins, resellers and final customers. PDNS can be deployed at customer's premises or as SaaS in the cloud. PDNS can also be implemented in the infrastructure of your company, in addition to being available in Software-as-a-service mode in the cloud.

Contact Us!

captcha
Planisys 2023 © All rights reserved.
Terms and Conditions   |   Acceptable use policy   |   Quality policy  |   Our Mission