Microsoft Taps Akamai for DNS Backup System -- Redmondmag.com

Microsoft Taps Akamai for DNS Backup System

By Scott Bekker
01/29/2001

The fallout continues from last week’s embarrassing Web site outages, with Microsoft Corp. announcing it has partnered with Akamai Technologies to provide backup for its domain name service (DNS) servers.

Microsoft spokesman Adam Sohn confirmed Monday that Akamai will handle DNS requests if its own servers are down or under attack. Microsoft hosts its own DNS, and up until now, all DNS servers had been on the same subnet, making it a potential single point of failure and ripe for just such a breach.

“That’s one of the architectural lessons we learned the hard way,” Sohn says, referring to the denial of service (DoS) attacks that made a host of Microsoft’s chief Web sites unreachable by the outside world for much of last Tuesday and Wednesday, and parts of Thursday and Friday.

Given Redmond’s software expertise and army of engineers, it is fair to ask why it could not have seen this coming years ago, and taken steps then to avoid the single point of failure system it had in place. Sohn did not have an answer, only replying that Microsoft has learned its lesson.

“We’ve been serving up DNS fine for years, but with the hindsight of the last week we wish we’d done distribution in the past,” Sohn says. Under the new system, any in-house DNS outage will automatically roll over to the Akamai backup servers, keeping the sites running.

So what happens if both primary and backup systems are attacked, since hackers have always had a special affinity for Microsoft? Sohn is skeptical that such an orchestrated attack would work. “Is somebody going to launch an attack on two networks and be successful? We have think about how much distribution is necessary, how much makes sense.”

In the meantime, Microsoft continues its public relations offensive, attempting to minimize damage and shore up confidence in its products and the company itself.

Microsoft released a statement on its primary Web site Monday giving its side of the story. After describing Friday’s DoS attacks, CIO Rick Devenuti states that, “This attack was not related to the security or reliability of any Microsoft product. In fact, no Microsoft product was targeted as part of the attack. This attack was not an attempt at intrusion, and no customer data was compromised in any way.”

That explanation fits the profile of a DoS hack, which is simply meant to keep others from getting to a site, and not to damage a site or alter a site’s content. -- Keith Ward

About the Author

Scott Bekker is editor in chief of Redmond Channel Partner magazine.

Featured

Cisco Warns of Brute Force Attacks Targeting VPNs and Firewalls

Cisco has revealed that a global increase in brute force attacks targeting Virtual Private Networks (VPNs) and other devices is currently taking place.
What's Inside Microsoft 365's Security Toolbox?

Microsoft provides plenty of native tools to secure Microsoft 365. IT pros just have to know where to look.
Microsoft Kills 30-Day Data Retention Policy for Copilot in Fabric

Microsoft this week announced several usability improvements coming to Copilot in Fabric in preparation of its general availability release later this year.
Using Microsoft Office to Build a Network Diagram 2

Now that we've set up our process, let's dig in with the actual execution.
Microsoft Graph 'Activity Logs' Feature Goes Live

Microsoft announced the general availability of the "activity logs" capability in Microsoft Graph, giving administrators more options to track user activity and identify patterns of potential misuse.