[news release] VeriSign On Track to Achieve a 1,000 Percent Upgrade in Capacity of its Infrastructure by 2010VeriSign, Inc. announced it has completed key milestones and is on track to expand and diversify the capacity of its critical Internet infrastructure by 10 times by the year 2010.When VeriSign announced the Project Titan initiative in February, it focused on expanding VeriSign’s critical infrastructure in scale, location, and investment in new engineering, monitoring and security systems to support the growth in Internet traffic. Since then, VeriSign has increased its capacity to 2 trillion DNS queries a day, continued to diversify its infrastructure globally and created new tools and processes to better monitor and manage traffic and to implement various system upgrades.Project Titan is a multi-year initiative to strengthen the critical Internet infrastructure. These upgrades are vital to managing the surge in Internet interactions and protecting against cyber attacks that are growing in both scale and sophistication.”If the Internet infrastructure is not continually fortified and strengthened, then we run the risk that it will be unable to support the growing and dynamic needs of users, businesses and governments that rely on that infrastructure every day for commerce, communications and operations,” said Ken Silva, chief security officer, VeriSign. “For the Internet to remain a trusted platform, there must be complete confidence that it can scale to meet the demands and protect itself against attacks by those who want to disrupt it.”VeriSign manages the critical infrastructure that handles registration and resolution traffic for the .com and .net systems. In doing so, VeriSign continues to experience heavy demand, processing a peak of more than 30 billion DNS queries per day in the second quarter. A DNS query occurs every time an Internet user clicks on a web site, checks email or engages a computer application that utilizes the .com and .net infrastructures. This does not include the vast number of computers that communicate with each other via automatically generated DNS queries. VeriSign additionally operates the “A” and “J” root servers, which serve as the central directory to route Internet traffic to other top level domains.Internet technology has transformed personal communications, banking and finance, government process, manufacturing — indeed, the economic, social and political life of industrialized economies. The growth of Internet users, broadband capacity and number of Internet-enabled devices has created an opportunity for hackers, organized criminals and even more serious terrorists to attack our networks.Cyber abuse — SPAM, spy ware, identity abuse, viral attacks, and denial of service exploits — often involve hijacked PCs and other devices, now linked through broadband connections, and the use of that bandwidth to launch attacks on the Internet infrastructure. A series of serious attacks in the last two years reflect how these incidents have grown in frequency and sophistication – some 100 times more threatening than attacks conducted just years before.Project Titan has several components, including:DNS query capacity and bandwidth upgrades. VeriSign has increased its daily Domain Name System (DNS) query capacity from 400 billion queries a day to roughly 2 trillion queries a day. VeriSign will continue to upgrade its systems to reach a query capacity of 4 trillion queries a day. VeriSign has also scaled its proprietary constellation of resolution systems to increase their bandwidth from over 20 gigabits per second (Gbps) to greater than 100 Gbps. This will be increased to more than 200 Gbps by the year 2010.Infrastructure diversification. VeriSign is distributing its infrastructure across the globe to improve redundancy and reduce latency. VeriSign has added Regional Internet Resolution Sites (RIRS) in Argentina, Bulgaria, Lithuania and South Africa and is negotiating with India, Germany and Chile to deploy infrastructure in those countries. These RIRS extend the .com and .net infrastructures across the world, which diversifies the systems, increases stability and improves resolution speed for end users. These widely distributed sites also direct region-specific DNS traffic to certain resolution sites to enable more effective quarantining of malicious traffic. VeriSign is now more than a quarter of the way through its goal of deploying RIRSs in over 100 locations globally by 2010.Expansion of existing infrastructure. VeriSign is expanding its existing registration and resolution infrastructure to manage the increasing demands on the .com and .net systems. VeriSign has deployed new infrastructure facilities in Miami, New York City, Chicago, Palo Alto and Washington, DC to upgrade its registry operations and enhance VeriSign’s domain name resolution sites and registration capabilities. These servers run specialized software in fault-tolerant architectures engineered by VeriSign to manage resolution traffic and registration transactions at ever-increasing rates.Development of new technologies and processes. VeriSign is developing next-generation monitoring and response services that will help better manage .com and .net traffic and better protect the systems against cyber threats. The monitoring systems will rapidly diagnose Internet traffic anomalies, which often appear in advance of a cyber attack, enabling pre-emptive action to minimize impact. VeriSign will also implement new DNS security protocols to better protect Internet traffic.VeriSign’s current financial projections include the costs associated with Project Titan.
VeriSign, Inc. operates digital infrastructure services that enable and protect billions of interactions every day across the world’s voice and data networks. Additional news and information about the company is available at www.verisign.com.This news release was sourced from www.verisign.com/press_releases/pr/page_042847.htmlAlso see:
VeriSign Flexes DNS Security Muscle
All might seem quiet on the DNS front since the February attack that crippled two of the Internet’s 13 DNS root servers. But inside VeriSign, which maintains some of those core servers, there have been plenty of skirmishes.”There have been a number of attacks on the DNS infrastructure over the last six months, but not to the extent of previous ones,” says Ken Silva, chief security officer at VeriSign, which said today that it’s ahead of schedule in Project Titan, its $100 million-plus DNS infrastructure security and capacity upgrade. “They haven’t gone quiet just because you’re not reading about them.”http://www.darkreading.com/document.asp?doc_id=134775