ISP DNS Hosting
Garrett
dns at spiraltull.net
Sun Apr 11 05:40:11 UTC 2004
I am now working for a company who does not do their own DNS hosting.
For whatever reasons, they feel it is better to host their DNS servers
at their ISP rather than in our own DMZ. They believe that their DNS
servers would be more reliable if they are hosted off-site. I have
reservations about that. It seems unnecessary, less manageable, and to
have greater security risks as well as longer resolution time, at
least for hosts in our DMZ that would use those servers. I would like
to get the opinions of this group about the pro/cons of this.
Isn't it more difficult to react to security issues?
How can you know that your ISP is keeping up with patches, or is
managing your namespace securely? What about zones or IP addresses
that you would prefer to keep private, aren't they more vulnerable?
More information about the bind-users
mailing list