Nominum has moved to make its DNSSEC easier to deploy with a virtualised offering.

It claimed that introducing DNSSEC adds many new complex functions that must be implemented flawlessly or internet sites disappear. These complex multi-step manual operations require expert intervention and frequent repetition can now be executed with a few keystrokes, once, by existing staff.

John Pescatore at Gartner Group, said: “Since the Kaminsky vulnerability, a lot of progress has been made in DNSSEC deployment with various top level domains signed or committed to be signed. The next battleground in DNSSEC adoption will be in getting brand (domain) owners to sign their data.

“Tight integration of key DNSSEC automation functions into the DNS infrastructure will reduce cost and complexity for domain owners. Robust validation solutions eliminate barriers for service providers. Together these capabilities will promote DNSSEC adoption that will ensure internet stability.”

The new solution allows complete integration of functions that are needed to successfully deploy DNSSEC at any scale without costly proprietary appliances. In addition, automation of DNSSEC processes eliminate operational overhead and errors that could cause internet sites to disappear.

Paul Mockapetris, chief scientist at Nominum and inventor of the DNS, said: “Deploying DNSSEC is a major undertaking that is going to take many years, with growing pains along the way. There is a pressing need to make it easier for brand owners to protect their domains and provide the best protections to users for unsigned domains during and after this migration.”

Bruce Van Nice, director of product marketing at Nominum, said: “There is no question that a complete ecosystem that has better tools is needed and a better process is needed to enable domain owners to use it. No one can afford the cost of a mistake.

“Anyone who has concerns can outsource to the skye division of Nominum and we are seeing investment in that as people realise that it is suitable for them to do.”