DNS Traffic Management and Data Mining for Windows Server

Explore DNS traffic management and data mining capabilities in Windows DNS Server, including policy-based traffic controls, audit mechanisms, and security features. Learn about the anatomy of policies, location-aware responses, and DNS audit trails for enhanced server performance and reliability.

• DNS Management
• Data Mining
• Windows Server
• Traffic Control
• Security

bermudes_a Follow

Uploaded on Mar 11, 2025 | 0 Views

Download Presentation

Please find below an Image/Link to download the presentation.

The content on the website is provided AS IS for your information and personal use only. It may not be sold, licensed, or shared on other websites without obtaining consent from the author.If you encounter any issues during the download, it is possible that the publisher has removed the file from their server.

You are allowed to download the files provided on this website for personal or commercial use, subject to the condition that they are used lawfully. All files are the property of their respective owners.

The content on the website is provided AS IS for your information and personal use only. It may not be sold, licensed, or shared on other websites without obtaining consent from the author.

Presentation Transcript

1. DNS Traffic Management and DNS data mining Making Windows DNS Server Cloud Ready ~Kumar Ashutosh, Microsoft

2. Windows DNS Server Widely deployed in enterprises Fair presence in the DNS resolver space Standards compliant and interoperable Secure and scalable

3. Needs of DNS server in cloud Policy based traffic management Audit and billing mechanism for DNS service The DNS data mine and analytics Security and High availability

4. Policy based Traffic Management DNS Policy is Windows DNS Server construct that allows DNS administrators to control the DNS Query processing in order to achieve : Global Traffic Management, Application Load Balancing, Intelligent DNS responses based on communication protocol (IPV4 or V6) or transport protocol (UDP and TCP), Applying tenant specific filters for black holing, parental control etc. Split-Brain DNS Deployment and much more

5. Anatomy of a policy Any combination of Client Subnet, Server Interface IP, FQDN, Internet protocol (IPV4/V6), Transport Protocol (UDP/TCP), Time Of Day, Query Type Criteria ? If policy matches what action to take : ALLOW, DENY, IGNORE Action ? If Action is allow, what data to respond with and in what ratio. Content

6. Capabilities Location aware responses Time of day based policies Traffic Time of day Management Improve availability of critical applications by failover policies ? Split Brain DNS High Split Brain Availability ? Application Load Balancing based on the performance of host Black Hole and Filters Load Balancing Filters

7. DNS Audit Trail What changed? -Zone -Server -Record Who changed? -DC admin -Tenant admin -For Reporting -Audit Trails -diagnostics What? Who? When?

8. DNS Data mine Data collection Data Pattern discovery Actionable Information Preparation

9. DNS Data mine : Data Collection Collect data from every DNS server Centralized system for collection Real time collection with minimal performance impact Kinds of Data collected: All DNS transactions Queries/responses XFR Dynamic updates Server state Health indicators Performance counters

10. DNS Data mine : Data Preparation Cleaning the data Data transformation Creating relational databases for different purposes Related calculations like amplification factor, frequency etc. Collation of data across the server farm Correlation of data Across multiple servers Between single user Relationship with state of the server. Rolling over with knowledge transfer.

11. DNS Data mine: Pattern Discovery Domain name analysis, Amplification analysis User behaviour analysis Client subnet analysis Security analysis

12. DNS Data mine: Actionable Information User behaviour analytics Load model DDoS detection

13. Thank You