Advantages of TCPWave
For Active Directory DNS Services
Although Windows Server
ships with the Microsoft DNS service, many network administrators use
a non-Microsoft implementation of DNS. TCPWave provides a powerful
platform to manage the active directory DNS records and zones.
Existing DNS Architecture
The TCPWave DNS Appliance
is based upon ISC's BIND, adopted as a global standard and widely
used across the public Internet and many large enterprises. Existing
AD deployments that rely on a BIND-based design can interoperate
easily with the TCPWave DNS Appliance.
configurations can be quickly imported and deployed to TCPWave DNS
Appliances using a powerful DIY (Do it Yourself) wizard.
The TCPWave DNS Appliance
contains an elegant and user-friendly interface for manipulating DNS
configurations and recording data. Powerful features found in most
applications include multi-level undo/redo, cut/copy/paste, and data
checking functionality that is not present in the Microsoft DNS
Changes are not visible on
the DNS appliances until the user has deployed the configuration. The
current implementation of the Microsoft DNS application applies the
changes to the DNS appliance. It creates issues for the applications
when simple typos are present in the configuration.
It is because records can be cached for a defined duration. It can lead to network
application/ service outages and stability issues. This issue is
because some applications do not respect DNS Time to Live (TTL)
values and will hold onto invalid data until restarted. Changes in
TCPWave can be staged so that a pre-staged change can automatically
occur at a scheduled time.
DNS security is often
overlooked for private networks because an internal network is secure
and separate from the outside world. The real problem lies with the
sheer volume of exploits in the Windows operating system that plague
network administrators. Worm viruses can unload payloads that attack
internal systems and replicate while bringing a network to its knees.
The SQL Slammer worm that exploited a known vulnerability in the
Microsoft Data Engine (MSDE) attacked available root servers by
generating bogus queries. These queries resulted in many ICMP packets
being sent out, which eventually rendered some of the root servers
offline. The internal DNS appliances got attacked in many
organizations. The TCPWave DNS appliance contains an integrated
firewall, IP packet spoofing, and a hardened Linux operating system
that resists these attacks. Indeed, it is common knowledge that
heterogeneous networks are more resilient to effective attacks since
only some of the servers will be vulnerable to system-specific
Total Cost of
The total cost of the
TCPWave DNS Appliance is considerably lower than that of a Microsoft
DNS server solution. Considering the volume of Windows updates,
vulnerabilities, and scheduled maintenance combined with the Windows
solution's simplistic management, the TCPWave solution offers a lower
cost of total ownership, even within the first year of deployment.