DNS is key to connected customers

Telecoms.com periodically invites third parties to share their views on the industry’s most pressing issues. In this piece Lori MacVittie, Principal Threat Evangelist at F5 Networks, talks up the importance of the domain name system in telecoms.

DNS remains one of the least appreciated application services in existence. Its role is so important, that its failure is considered catastrophic. If every DNS system stopped answering queries, it would bring the digital economy to its knees within minutes.

Without the ability to translate domain names to IP addresses, apps would simply stop working. The system was designed, after all, because we simply can’t remember IP addresses as easily as we do “something” dot com.

When we look at responses from the State of Application Services 2019, it is no surprise to find DNS threatening to enter the top five application services deployed today. When we narrow that view to telecommunications providers, we find a 10 point increase in deployment rates, rising from 68% of other industries to 79% of telecom providers.

The prominent role of DNS in telecom is no surprise since many other industries – and most consumers – rely both directly and indirectly on service providers for their DNS services.

DNS is provided to customers by their service providers. That includes both mobile and cable operators. I’m assigned DNS entries by my service provider whether wired or mobile. It is those DNS services that make it possible for you to turn off the lights after you’ve left, or peek out the front door when someone approaches, or order up some dinner. Without DNS, the digital economy is dead in the water, unable to access the critical back-office apps that enable connected experiences – everywhere.

DNS and Application Performance

DNS is also a critical component of application performance. Because 80-90% of applications today rely on third-party components or are comprised of APIs that require server-side processing, fast DNS resolution is vital to maintaining application performance. Every component that accesses a third-party resource requires a lookup, which means time on the wire and time to process. Slow responses can hinder performance and frustrate customers.

As noted in the 2018 Global DNS Performance Benchmark ReportIn general, users in regions with decent Internet connectivity should expect a response in tens of milliseconds, rather than hundreds of milliseconds (ms). An overall delay of even 250 ms for a site to begin loading will be noticeable to most users. 

There is virtually no connected experience that is not impacted by the availability and speed of DNS. None. Not your toaster, not your navigation system, not your social media, and not your Netflix fix.

That’s why it’s always disconcerting to find such a dearth of attention paid to DNS. That’s particularly true when you consider the importance of SaaS to business today. According to the aforementioned report, nearly half (44%) of the top 25 SaaS providers rely on a single DNS provider. That means both their primary and secondary nameservers are hosted and managed by the same provider.

That could spell disaster, as it did in 2016 when Dyn DNS experienced a series of DDoS attacks against its infrastructure. The attack left a significant number of prominent sites and services suffering poor performance and outright outages.

DNS and the Digital Economy

While DNS hijacking and cache poisoning are commonly mentioned as security risks, the reality is that the nature of DNS puts it at risk. It is – and must be – a publicly accessible service. It cannot be hidden behind access controls or other security services. That means DNS should garner a bit more attention from both infrastructure and security teams when considering how to defend the business from attack.

Don’t forget about DNS. Make it a point to evaluate its security and architecture on an annual basis and take steps to protect it. That includes securing against the latest DDoS attacks and protecting DNS query responses from cache-poisoning redirects. Look into how to better distribute DNS responsibilities across more than one provider and consider the role global server load balancing plays in keeping your digital presence alive in the face of an attack.

You can’t afford to ignore DNS if you want to succeed in the digital economy.

 

Lori-MacVittieLori MacVittie is the Principal Technical Evangelist at F5 Networks Inc. since June 2014. Lori is responsible for education and evangelism of application services available across F5’s entire product suite.

F5 makes agile move with $670 million NGNIX acquisition

App security outfit F5 is buying open-source application platform specialist NGINX to augment its multi-cloud offering.

F5 is hardly the first to notice the importance of the cloud in the evolution of the entire tech industry, nor is it unique in realising that open-source is a great way of making a multi-cloud environment work. But for a company of its size (revenues of $563 million in 2018) this certainly qualifies as putting your money where your mouth is.

“F5’s acquisition of NGINX strengthens our growth trajectory by accelerating our software and multi-cloud transformation,” said François Locoh-Donou, CEO of F5. “By bringing F5’s world-class application security and rich application services portfolio for improving performance, availability, and management together with NGINX’s leading software application delivery and API management solutions, unparalleled credibility and brand recognition in the DevOps community, and massive open source user base, we bridge the divide between NetOps and DevOps with consistent application services across an enterprise’s multi-cloud environment.”

“NGINX and F5 share the same mission and vision,” said Gus Robertson, CEO of NGINX. “We both believe applications are at the heart of driving digital transformation. And we both believe that an end-to-end application infrastructure – one that spans from code to customer – is needed to deliver apps across a multi-cloud environment. “I’m excited to continue this journey by adding the power of NGINX’s open source innovation to F5’s ADC leadership and enterprise reach. F5 gains depth with solutions designed for DevOps, while NGINX gains breadth with access to tens of thousands of customers and partners.”

Open source and DevOps are often referred to in the same breath as part of a broader narrative around ‘agility’. One of the main benefits of the move to the cloud is the far greater choice, efficiency and flexibility it promises, but without a culture geared towards exploiting those opportunities they’re likely to be wasted. With this acquisition F5 is positioning itself as a partner for telcos heading in an agile direction.

Here’s a diagram outlining the rationale of the move.

F5+NGINX

Telecoms.com Annual Industry Survey 2018

Welcome to the 2018 edition of the Telecoms.com Intelligence Annual Industry Survey report. The findings from our signature survey continue to provide insights and foresight into the dynamic telecoms industry.

Once again well over 1,000 industry professionals from a broad array of backgrounds responded to the survey with their first-hand experience as well as their perspective views on the current status and future trends of the industry. As our customary practice, the report started with an overall industry landscape before we delved into six key areas pertinent to today’s telecoms industry: NFV, 5G, IoT, Digital Transformation, Security, and Test & Monitoring.

A few key findings from the survey:

  • 75% felt positive about the telecoms industry’s business outlook for 2019
  • 79% believed NFV is critical to their companies overall strategy
  • 61% believed emerging technologies and services are critical to telecom’s long-term success
  • 75% saw digital transformation as very important

Fill in the short form below to download your free copy now.

By downloading a copy of this report the information which you provide will be shared with the sponsor(s) for informative purposes and your mutual interest in the subject matter or similar subject matter (including initial follow-up regarding the content of this report).

Conquering video: overcoming the congestion conundrum

Telecoms.com periodically invites third parties to share their views on the industry’s most pressing issues. In this piece Raffaele D’Albenzio, Solution Architect at F5 Networks, looks at ways CSPs can counter the challenges posed by increased video consumption in a cost-effective way.

Video is fast emerging as the Holy Grail for mobile operators and the numbers don’t lie. Facebook users consume eight billion videos a day and 82% of those active on Twitter view video content. Significantly, 90% of Twitter video views and 60% of YouTube views are now from users on mobile devices.

The video bonanza is partly fuelled across the industry by ambitious service providers offering zero rating approaches or aggressively priced unlimited data plans. For example, mobile network Three announced in July plans to include unlimited video streaming for free as part of some contracts. This has been further complicated by ethical debates about the management of network traffic by major operators, as regulators seek to uphold net neutrality. In this context, intelligent traffic management is key for mobile network operators adapting to a landscape with no scope to relax customer service standards.

The majority of mobile video has two main characteristics: encryption via SSL (or similar protocols) and the fact that it is based on Adaptive Bit Rate (ABR) technology, which changes video resolution depending on available bandwidth. Although encryption is a key security feature, it can hinder the ability of operators to maintain a high-quality user experience, as the encryption protocols used by video providers such as Netflix and YouTube can prevent data optimisation using standard traffic management tools. To counter the challenges posed by increased video consumption in a cost-effective way, service providers must look to improve the way Transmission Control Protocol (TCP) works on the mobile network.

TCP is the key transport protocol of internet infrastructure; the glue which, together with Internet Protocol (IP), ensures that all applications connect smoothly to our devices. It allows us to share resources with billions of people all over the world at the same time. It also establishes and manages traffic connections and congestion while taking care of transmission errors.

Today, the ability to detect video streams and manage them using TCP-Proxy-based bandwidth controls or Shaping Capabilities for User Datagram Protocol-based video streams can have a profound impact. It enables service providers to adapt and reduce the amount of bandwidth used by video streams, while continually safeguarding the user experience. Looking ahead, TCP optimisation will become increasingly important to service providers by significantly improving download performance by signal strength on faraway networks

Furthermore, TCP optimisation also allows mobile operators access to radio-centric congestion control algorithms, that adapt to the idiosyncrasies of specific networks. These algorithms are vital conduits to improve traffic flow and the overall user experience. Techniques such as these can also decrease the time between client and TCP termination, enabling both sides to react quickly in the instance of isolated losses or congestion events in the network. Furthermore, it is possible to decrease retransmissions to improve radio resource efficiency.

TCP has many moving parts, with new ones being added every day. Making sense of it all without proper fine-tuning is ill-advised. It is crucial for decision-makers to choose a TCP stack that encompasses high goodput and minimal buffer bloat, as well as allowing for fairness between flows. In the era of mass video dissemination and usage, the TCP must be more than a static bolt-on. Integration with other functionalities — including deep packet inspection, traffic steering, and load balancing — is essential.

 

Raffaele low-resRaffaele D’Albenzio is a Solution Architect at F5 Networks. He specialises in IP networking and network security, with over 15 years of experience in the enterprise tech and service provider markets.