News & Events

This library contains downloadable materials including datasheets, whitepapers, lab reports, and presentations from past speaking engagements.

Datasheets

Secure64 DNS
Secure64 offers the most secure DNS application with the only built-in denial-of-service protection features to help ensure your Internet-dependent business is always accessible. Based on the genuinely secure SourceT® micro OS, Secure64 DNS remains highly available during network attacks and is immune to compromise from rootkits and malware.

Nixu NameSurfer Suite

NameSurfer Suite is the market-leading DNS, DHCP, and IP Address management solution that centralizes and simplifies the process of managing name and address information and the configuration of the servers themselves.

Whitepapers

Anycast DNS: The Secret to High Availability and Performance

Anycast is a networking and routing technique in which the same IP address is assigned to multiple hosts or servers that provide the same service. For authoritative name servers, anycast helps improve response times and provides automatic failover when a server goes down. In addition, anycast can improve load distribution and provide additional resiliency against DoS and DDoS attacks. This whitepaper explains the advantages of deploying anycast for DNS in environments where high availability and reliability is not an option.

Eliminating Malware and Rootkits: Six Essential Characteristics of a Genuinely Secure OS
Vulnerabilities in general purpose operating systems continue to force companies to invest in costly security equipment and complex system management processes, and yet the cycle of vulnerability, exploit, attack and patch shows no signs of letting up. This whitepaper explores the root causes of today’s security vulnerabilities, and describes the essential characteristics of a Genuinely Secure architecture that eliminates the vulnerabilities that fuel this vulnerability-exploit cycle, using Secure64’s SourceT micro OS as an example implementation.

Surviving DNS DDoS Attacks
DNS servers are vulnerable to a variety of denial-of-service attacks that can severely compromise their ability to perform their intended function. Conventional approaches to defending against such attacks are costly and often ineffective. This whitepaper introduces the concept of a self-protecting DNS server and shows how the integration of attack countermeasures into the operating system’s I/O stack can effectively detect and defend against these debilitating attacks.

The 5 Reasons You Should Worry Abour Your DNS (A Hurwitz & Associates whitepaper)

DNS servers are one of the most critical, yet most vulnerable, network infrastructure applications. Because of their exposure to the Internet, they are among the most vulnerable computers that an organization deploys. This whitepaper explains the top five DNS concerns in depth, providing technical details and background information. It then describes genuinely secure DNS server technology, explaining its approach to handling these important problems.

From denial-of-service attacks to poor performance, issues with your DNS servers effect your ability to do business efficiently. Find out how Genuinely Secure DNS servers from Secure64 addresses these issues.

Breakthrough Security for Internet-Connected Businesses (An Itanium Solutions Alliance whitepaper)

Built from the ground up for high security, the Secure64 DNS application is immune to all forms of malware and highly resistant to network attacks. It also serves as a model for a new generation of ultra-fast, Genuinely Secure Itanium 2-based servers that can be used for a wide range of business applications. (No registration required.)

Itanium 2-based Solutions and the X86 Architecture (An Intel whitepaper)

A number of advanced security capabilities were built into the Intel Itanium 2 microarchitecture, including support for four privilege levels, more than 16 million memory protection keys and the ability to compartmentalize memory. It also provides ultra-fast parallel throughput for encryption algorithms. These capabilities provide fundamental advantages for addressing many of today's security issues, and enable mainframe-class security on industry-standard Itanium 2-based servers. (No registration required.)

Independent Testing, Reviews and Surveys

Secure64 DNS Software: Performance and Attack Resistance Test Results
An independent test laboratory, ExtremeLabs, measured the performance, performance under attack, and security characteristics of the Secure64 DNS server under a variety of test conditions. Secure64 DNS was found to perform at over 100,000 queries per second, remain available under all network attack conditions up to the saturation point of a Gigabit Ethernet line, and present an extremely low attack surface which could neither be fingerprinted nor exploited.

Secure64 DNS Software: Availability Under Attack Test Results
ExtremeLabs measured the ability of both Secure64 DNS and Linux/BIND, running on the same hardware, to respond to legitimate DNS queries while under three common attacks: a reflected UDP flood, a direct UDP attack, and a TCP SYN flood. Secure64 DNS remained 100% available under attack until the Gigabit Ethernet line was saturated in both the UDP reflected flood and UDP direct attack. In the TCP SYN flood attack, Secure64 DNS showed high availability compared to BIND. Consistently, BIND became unavailable earlier under attack volumes that are ‘normal’ for the kinds of attacks simulated.

SourceT OS Security Evaluation
Matasano Security evaluated the architecture of the SourceT micro OS in order to validate Secure64’s claim that, for remote attackers, SourceT and its applications are “immune to rootkits and malware”. Matasano security experts could identify “no architectural flaws that would allow for the injection of foreign code in to the SourceT system”, and “methods which would directly lead to privilege escalation, or allow a remote attacker to alter the boot process, were also not identified.” Matasano evaluated the SourceT architecture against three areas of vulnerability: code injection, privilege level escalation, and alteration or subversion of the trusted boot process, as they comprise the strategy of typical malware such as worms, spyware or trojan horse applications to introduce arbitrary code into a computing system.

Study Shows Most Internet-Dependent Businesses Losing Costly Battle Against DNS Attacks

In early 2007, Secure64 commissioned Mazerov Research to conduct a survey of IT administrators to learn about their experiences and concerns with the DNS. The study of 465 IT and business professionals revealed that companies are having to deploy a costly and often complex mélange of security measures to keep their DNS (Domain Name Systems) protected from malicious attackers. Even so, many businesses remain vulnerable, as over half the respondents reported having fallen victim to some form of malware attack. Over one third had been hit by a denial-of-service attack while over 44 percent had experienced either a pharming or cache poisoning attack. Findings showed both external and internal DNS servers were equally vulnerable, as both types succumbed to attacks with roughly the same frequency.