In the same week that the Internet’s root servers came under sustained attack, Verisign has announced an overhaul of the critical infrastructure on which some of these servers run.
The company has dubbed its $100 million investment program “Project Titan”, and claims it will see its current 20 gigabits/s capacity increase tenfold in the next three years, with the number of DNS queries it can process in a day rising from 400 billion to 4 trillion over the same period.
As importantly, the company says it will distribute its processing capacity to more sites around the world, known as Regional Internet Resolution Sites (RIRS), as well as opening more data centres generally. This will improve performance as increasing the number of sites that process the root DNS tables for domains such as .com improves throughput.
However, the deeper worry is less performance than alarm over security. The more of these centres exist, the easier it is to isolate “anomalous traffic” found in distributed denial of service attacks (DDoS) at their local point of origin in criminal hotspots such as Brazil and China, before they propagate to the wider Internet.
The company said it would invest in technologies to detect problem traffic, without being specific. It is likely to include some means of spotting botnets, nowadays the biggest traffic headache and generator of most of the Internet’s spam. Verisign has highlighted its concerns on DDoS attacks in the past.
Project Titan’s announcement at the RSA show by Verisgn’s CEO Stratton Sclavos, and CSO Ken Silva made extensive reference to the need to bolster security in the Internet’s core.
“Fortifying and strengthening our Internet infrastructure is very technical in nature, but its impact is not. Keeping the infrastructure reliable and secure keeps our economy working, our communications seamless and our government operations reliable,” said Silva. “We believe that the Project Titan initiative is an important part of keeping the Internet a trusted platform and tool that we all rely upon.”
The company currently hosts two of the thirteen root servers, “A” and “J”, that act as fundamental directories for the top-level domains used by Internet users, though one of these is the all-important .com domain. These were not among the servers attacked in last week’s attempt to probe this key layer of servers.