News

Microsoft Taps Akamai for DNS Backup System

The fallout continues from last week’s embarrassing Web site outages, with Microsoft Corp. announcing it has partnered with Akamai Technologies to provide backup for its domain name service (DNS) servers.

Microsoft spokesman Adam Sohn confirmed Monday that Akamai will handle DNS requests if its own servers are down or under attack. Microsoft hosts its own DNS, and up until now, all DNS servers had been on the same subnet, making it a potential single point of failure and ripe for just such a breach.

“That’s one of the architectural lessons we learned the hard way,” Sohn says, referring to the denial of service (DoS) attacks that made a host of Microsoft’s chief Web sites unreachable by the outside world for much of last Tuesday and Wednesday, and parts of Thursday and Friday.

Given Redmond’s software expertise and army of engineers, it is fair to ask why it could not have seen this coming years ago, and taken steps then to avoid the single point of failure system it had in place. Sohn did not have an answer, only replying that Microsoft has learned its lesson.

“We’ve been serving up DNS fine for years, but with the hindsight of the last week we wish we’d done distribution in the past,” Sohn says. Under the new system, any in-house DNS outage will automatically roll over to the Akamai backup servers, keeping the sites running.

So what happens if both primary and backup systems are attacked, since hackers have always had a special affinity for Microsoft? Sohn is skeptical that such an orchestrated attack would work. “Is somebody going to launch an attack on two networks and be successful? We have think about how much distribution is necessary, how much makes sense.”

In the meantime, Microsoft continues its public relations offensive, attempting to minimize damage and shore up confidence in its products and the company itself.

Microsoft released a statement on its primary Web site Monday giving its side of the story. After describing Friday’s DoS attacks, CIO Rick Devenuti states that, “This attack was not related to the security or reliability of any Microsoft product. In fact, no Microsoft product was targeted as part of the attack. This attack was not an attempt at intrusion, and no customer data was compromised in any way.”

That explanation fits the profile of a DoS hack, which is simply meant to keep others from getting to a site, and not to damage a site or alter a site’s content. -- Keith Ward

About the Author

Scott Bekker is editor in chief of Redmond Channel Partner magazine.

Featured

  • Microsoft Releases Windows 10 Version 1909

    Microsoft on Tuesday announced the release of Windows 10 version 1909, a new operating system product that's also known as the "Windows 10 November 2019 Update."

  • November Microsoft Security Bundle Addresses 75 Vulnerabilities

    Of that number, 13 vulnerabilities are rated "Critical" to patch, while 62 vulnerabilities are deemed "Important."

  • The Future of Office 365 Pricing

    With a raft of new Office 365 features in the pipeline, Microsoft also seems ready to change the way it bills its subscribers. Will it replicate Azure's pay-per-use model, or will it look like something else entirely?

  • Microsoft Offers 1 Year of Free Windows 7 Extended Security Updates to E5 Licensees

    Microsoft is offering one year of free support under its Extended Security Updates program to Windows 7 users if their organizations have E5 licensing.

comments powered by Disqus

Office 365 Watch

Sign up for our newsletter.

Terms and Privacy Policy consent

I agree to this site's Privacy Policy.