Neustar UltraDNS recently experienced a major DDoS attack. Fortunately, UltraDNS stated it mitigated the attack, and that only a certain segment of their name servers experienced network saturation. However, unfortunately, the customers using that specific segment included Amazon.com, Salesforce.com, advertising.com and Petco.com. Some of these high profile websites were knocked off line for several hours. This is not good for Neustar, the company that offers UltraDNS. Neustar, like Prolexic, is also one of the leading providers of DDoS attack mitigation services. This incident would be like FireEye implementing its ATP security platform at a customer site, only to find out later it had a zero day vulnerability that enabled hackers to breach its system.
That leads to the question, are customers better off buying DNS services from a CDN like Akamai, EdgeCast or Limelight, than going with a service provider offering DNS services? All I know is that a DDoS attack against the DNS services of Akamai would have minimal impact, if any at all. More than anything, it would really be embarrassing for Akamai if this were to happen to them. In the the DDoS mitigation services game, I believe a CDN is better equipped to handle a DDoS attacks on its DNS services than a non-CDN. That’s just my opinion. The one big advantage that a CDN brings to the table is that it has thousands of edge servers located at POPs all over the world, that can absorb large scale attacks. Neustar UltraDNS vs Akamai DNS Services