University of Cincinnati DNSSEC Vendor Analysis Senior Design

  • Slides: 18
Download presentation
University of Cincinnati DNSSEC Vendor Analysis Senior Design III – Spring 2010 Darryl Marsh,

University of Cincinnati DNSSEC Vendor Analysis Senior Design III – Spring 2010 Darryl Marsh, Patrick Stasko

Agenda • • • DNSSEC Recap DNSSEC Additional Information DNSSEC Burdens Project Description Intended

Agenda • • • DNSSEC Recap DNSSEC Additional Information DNSSEC Burdens Project Description Intended Use Deliverables Proof of Design Final Recommendation Conclusion

DNSSEC Recap

DNSSEC Recap

DNSSEC Additional Information • • Public Key Infrastructure Origin Authentication Integrity Checking Chains of

DNSSEC Additional Information • • Public Key Infrastructure Origin Authentication Integrity Checking Chains of Trust

DNSSEC Issues • Administrative Burden – Multiple tasks – Appliances makes administration easier •

DNSSEC Issues • Administrative Burden – Multiple tasks – Appliances makes administration easier • Overhead • Processor, memory and bandwidth • What DNSSEC Doesn’t Do • Records are not encrypted • Does not protect against specific attacks

Project Description • Research the DNSSEC technology • Independently evaluate DNSSEC appliance vendors •

Project Description • Research the DNSSEC technology • Independently evaluate DNSSEC appliance vendors • Blue. Cat Networks, Infoblox, Secure 64 and Xelerance “At this time we have limited resources in both man power and evaluation units to provide you with [a product demo]. ” - Xelerance

Intended Use • Implement DNSSEC on UCit’s external network • Provide a final recommendation

Intended Use • Implement DNSSEC on UCit’s external network • Provide a final recommendation to UCit – Aid in the purchasing decision

Deliverables • Business Scorecard – – • Blue. Cat Networks Secure 64 Infoblox Xelerance

Deliverables • Business Scorecard – – • Blue. Cat Networks Secure 64 Infoblox Xelerance Technical Scorecard – – Blue. Cat Networks Secure 64 Infoblox Xelerance • Recommendations – Business Recommendation – Technical Recommendation – Final Recommendation

Proof of Design - Process

Proof of Design - Process

Proof of Design - Photos

Proof of Design - Photos

Proof of Design - Photos

Proof of Design - Photos

Proof of Design - Photos

Proof of Design - Photos

Proof of Design – Comparison Blue. Cat Infoblox Secure 64 Xelerance HA Support -

Proof of Design – Comparison Blue. Cat Infoblox Secure 64 Xelerance HA Support - Gigabit Interfaces - NIST Best Practices - Revertible Deployed Changes - No Root Access - Keys Encrypted - DNS Software Core BIND NSD -

Proof of Design - Considerations • Trust Anchors / Islands of Trust – EDUCAUSE

Proof of Design - Considerations • Trust Anchors / Islands of Trust – EDUCAUSE ITAR – Others • Increased Packet Size – Firewalls – Reevaluate bandwidth needs

Proof of Design - Recommendations Blue. Cat Infoblox Secure 64 Technical 130 142 128

Proof of Design - Recommendations Blue. Cat Infoblox Secure 64 Technical 130 142 128 Business 5 5 0 Technical Recommendation Business Recommendation

Final Recommendation

Final Recommendation

Conclusion • • DNSSEC Recap DNSSEC Additional Information DNSSEC Burdens Project Description Intended Use

Conclusion • • DNSSEC Recap DNSSEC Additional Information DNSSEC Burdens Project Description Intended Use Deliverables Proof of Design Final Recommendation

Questions ?

Questions ?

Vendor rating Vendor Rating A vendor is anyVendor rating Vendor Rating A vendor is any
VENDOR MANAGEMENT CONTENTS Introduction Vendor development Vendor performanceVENDOR MANAGEMENT CONTENTS Introduction Vendor development Vendor performance
Cincinnati Life University Introduction to Cincinnati Life CopyrightCincinnati Life University Introduction to Cincinnati Life Copyright
Welcome to the University of Cincinnati Cincinnati 101Welcome to the University of Cincinnati Cincinnati 101
Survey of DNSSEC Lutz Donnerhacke DNSSEC Meeting 2008Survey of DNSSEC Lutz Donnerhacke DNSSEC Meeting 2008
Cincinnati Public Schools coles publiques de Cincinnati ConnaissanceCincinnati Public Schools coles publiques de Cincinnati Connaissance
Vendor Enablement Process Spend Analysis Obtain Vendor ListVendor Enablement Process Spend Analysis Obtain Vendor List
Vendor Enablement Process Spend Analysis Obtain Vendor ListVendor Enablement Process Spend Analysis Obtain Vendor List
Ghanaian Cincinnati Home Senior Design III Spring 2008Ghanaian Cincinnati Home Senior Design III Spring 2008
AE Senior Thesis 2004 University of Cincinnati AthleticAE Senior Thesis 2004 University of Cincinnati Athletic
UNCLASSIFIED CIO IT Acquisition Management Oversight Vendor VendorUNCLASSIFIED CIO IT Acquisition Management Oversight Vendor Vendor
ITSD Project Status Report Vendor Enter Vendor NameITSD Project Status Report Vendor Enter Vendor Name
2013 Spokane Vendor Training Vendor View of State2013 Spokane Vendor Training Vendor View of State
UNCLASSIFIED CIO IT Acquisition Management Oversight Vendor VendorUNCLASSIFIED CIO IT Acquisition Management Oversight Vendor Vendor
Dispatching Vendor Rebate Agreements Concept Dispatching Vendor RebateDispatching Vendor Rebate Agreements Concept Dispatching Vendor Rebate
Vendor Fair March 9 2017 VENDOR TRAINING ANDVendor Fair March 9 2017 VENDOR TRAINING AND
2013 Spokane Vendor Training Vendor View of State2013 Spokane Vendor Training Vendor View of State