Deploying DNS Security Extensions (DNSSEC)

Publication: octobre 2009

Mis à jour: octobre 2009

S'applique à: Windows Server 2008 R2

This section contains procedures you can use to deploy DNS Security Extensions (DNSSEC) on your network.

Deploying DNSSEC

DNSSEC adds an additional layer of protection to your network by providing validation of DNS responses. This allows client computers to trust that information they receive has not been modified or tampered with in any way.

A staged DNSSEC deployment is recommended so that you can carefully evaluate the additional administrative requirements and the effect that DNSSEC has on performance of your DNS infrastructure. For more information, see DNSSEC Deployment Planning.

DNSSEC introduces several new terms that are used in this guide. For a list of these terms with their definitions and references to the applicable Request for Comments (RFC) documentation, see DNSSEC Terminology.

For an overview of DNSSEC, see Introduction to DNSSEC.

For a description of how DNSSEC works in Windows Server® 2008 R2 and Windows® 7, see Understanding DNSSEC in Windows.

For information about DNSSEC and the Name Resolution Policy Table (NRPT), see Appendix B: The Name Resolution Policy Table (NRPT).

When you have reviewed this information, complete the applicable tasks in Checklist: Implementing DNSSEC.

Voir aussi

Ajouts de la communauté