Do you work in an enterprise using Microsoft Windows Server 2012 and are interested in either deploying DNSSEC validation to provide better security to your users – and/or securing your own DNS zones using DNSSEC?
If so, the good folks at Microsoft just recently released a new guide “DNSSEC in Windows Server 2012” that guides you through what you need to do to deploy DNSSEC in Windows Server 2012 and Windows Server 2012 R2. I’d note that it covers both the validation and signing sides of DNSSEC.
The document has four major sections:
- Overview of DNSSEC
- DNSSEC in Windows
- DNSSEC Deployment Planning
- Deploy DNSSEC with Windows Server 2012
as well as few appendices. The document goes into quite a deep level of detail with how DNSSEC is integrated into various aspects of Windows Server 2012. The “Deployment Planning” section seemed quite useful, too, as it explored some of the performance requirements and also suggested a process for staging a deployment.
In reading through the document, I was quite impressed by the “Deploy DNSSEC with Windows Server 2012” section that includes many different checklists to help administrators know precisely what they need to be doing. While I don’t personally work with a Windows Server 2012, the checklists seemed to be covering the areas that I would want them to cover.
As we look to get more enterprises doing DNSSEC validation and also signing their own zones, it is great to see this document come out of Microsoft! If you work with Microsoft Windows Server 2012, definitely do give it a look – and start deploying DNSSEC today!