Changes

===Managed DNS===

===Managed DNS===

Verisign's in-house [[DNS]] services are comprised of a globally-deployed constellation of sites offering cloud-based hosting solutions which enable organizations with critical online systems to confidently move support for DNS resolution outside of their internal teams. Given Verisign's expertise and scale, their services reliably optimize availability and performance at what would be a fraction of the combined costs for system administrator time, patching, hardware purchase, deployment, maintenance, and bandwidth required to support DNS management internally. Using a secure Web-based portal, Verisign Managed DNS customers maintain secure, exclusive, and direct control over their DNS data, which includes IP address, MX records, SOA values, aliases, PTR records, NS records, and text records. The portal also provides real-time record propagation, record-level control of time-to-live (TTL) settings, and zone file error-checking to reduce DNS outages from human error.<ref>[http://www.linkedin.com/company/verisign/verisign-managed-dns-483286/product?trk=biz_product Managed DNS, Products, LinkedIn.com]</ref>

Verisign's in-house [[DNS]] services are comprised of a globally deployed constellation of sites offering cloud-based hosting solutions which enable organizations with critical online systems to confidently move support for DNS resolution outside of their internal teams. Given Verisign's expertise and scale, their services reliably optimize availability and performance at what would be a fraction of the combined costs for system administrator time, patching, hardware purchase, deployment, maintenance, and bandwidth required to support DNS management internally. Using a secure Web-based portal, Verisign Managed DNS customers maintain secure, exclusive, and direct control over their DNS data, which includes IP address, MX records, SOA values, aliases, PTR records, NS records, and text records. The portal also provides real-time record propagation, record-level control of time-to-live (TTL) settings, and zone file error-checking to reduce DNS outages from human error.<ref>[http://www.linkedin.com/company/verisign/verisign-managed-dns-483286/product?trk=biz_product Managed DNS, Products, LinkedIn.com]</ref>

Verisign first launched managed DNS programs in 2003; however, in August 2010, its services were relaunched with a focus on large organizations that depend on optimized and reliable DNS. When announcing their DNS service launch, it was noted that the company's experience managing the large [[.com]], [[.net]], and other [[Root Zone|root zone]] files makes it a clear competitor in what was, at the time, a relatively small group of DNS service providers. Their DNS services are part of the larger package of iDefense and [[DDoS]] protection services.

Verisign first launched managed DNS programs in 2003; however, in August 2010, its services were relaunched with a focus on large organizations that depend on optimized and reliable DNS. When announcing their DNS service launch, it was noted that the company's experience managing the large [[.com]], [[.net]], and other [[Root Zone|root zone]] files make it a clear competitor in what was, at the time, a relatively small group of DNS service providers. Their DNS services are part of the larger package of iDefense and [[DDoS]] protection services.

Verisign is able to claim fast responses times given its globally deployed DNS servers, reliable content delivery networks, and directive location services. This is part of its Global Load Server Balancing (GLSB), which also enables automatic fail-over, which means that in the event that a server goes down, affected clients will then be redirected to an alternative server. Other features include split DNS for the maintenance of separate name spaces for internal and external clients.<ref>[http://www.networkcomputing.com/cloud-computing/verisign-enters-the-managed-dns-market/229501233?pgno=2 Verisign Enters the Managed DNS Market, NetworkComputing.com]</ref>

Verisign is able to claim fast response times given its globally deployed DNS servers, reliable content delivery networks, and directive location services. This is part of its Global Load Server Balancing (GLSB), which also enables automatic fail-over, which means that in the event that a server goes down, affected clients will then be redirected to an alternative server. Other features include split DNS for the maintenance of separate namespaces for internal and external clients.<ref>[http://www.networkcomputing.com/cloud-computing/verisign-enters-the-managed-dns-market/229501233?pgno=2 Verisign Enters the Managed DNS Market, NetworkComputing.com]</ref>

Since March 2011, Verisign's DNS services include full support for [[DNSSEC|DNS Security Extensions]] (DNSSEC) compliance features and Geo Location capabilities. It facilitates the process of managing DNSSEC by signing all zone files in a customer's account, continually checking the status of DNSSEC keys to ensure they are valid, and automatically publishing new keys after the existing ones expire, which is considered the most challenging component of DNSSEC. The Geo Location capabilities allow customers to differentiate responses to DNS queries and optimize network performance, which in turn allows Verisign's customers to deliver location-specific content, offers, and advertisements more relevant to potential customers.<ref>[http://www.marketwire.com/press-release/verisign-enhances-its-managed-dns-service-with-full-support-dnssec-compliance-geo-location-nasdaq-vrsn-1420929.htm Verisign Enhances Its Managed DNS Services, MarketWire.com] Retrieved 15 November 2012</ref>

Since March 2011, Verisign's DNS services include full support for [[DNSSEC|DNS Security Extensions]] (DNSSEC) compliance features and Geo-Location capabilities. It facilitates the process of managing DNSSEC by signing all zone files in a customer's account, continually checking the status of DNSSEC keys to ensure they are valid, and automatically publishing new keys after the existing ones expire, which is considered the most challenging component of DNSSEC. The Geo-Location capabilities allow customers to differentiate responses to DNS queries and optimize network performance, which in turn allows Verisign's customers to deliver location-specific content, offers, and advertisements more relevant to potential customers.<ref>[http://www.marketwire.com/press-release/verisign-enhances-its-managed-dns-service-with-full-support-dnssec-compliance-geo-location-nasdaq-vrsn-1420929.htm Verisign Enhances Its Managed DNS Services, MarketWire.com] Retrieved 15 November 2012</ref>

In order to maintain a position as a top-level Internet domain, Verisign's DNS network has to have a capacity 100 times the peak load it sees in a year.<ref name="ITWorld">[http://www.itworld.com/security/126672/verisign-service-shields-small-e-tailers-ddos-attacks Verisign Service Shields Small eTailers DDoS Attacks, ITworld.com] Retrieved 15 November 2012.</ref>

In order to maintain a position as a top-level Internet domain, Verisign's DNS network has to have a capacity of 100 times the peak load it sees in a year.<ref name="ITWorld">[http://www.itworld.com/security/126672/verisign-service-shields-small-e-tailers-ddos-attacks Verisign Service Shields Small eTailers DDoS Attacks, ITworld.com] Retrieved 15 November 2012.</ref>

===DDoS Protection Services===

===DDoS Protection Services===

Verisign's expertise with large-scale network infrastructure once again comes in to play with regards to its [[DDoS]] Protection Services, which use a proprietary filtering technology to stop distributed denial of service (DDoS) attacks in the cloud before they ever reach a customer’s network. The services are network and hardware agnostic, require no hardware installation, and are able to detect and filter malicious traffic away from enterprise websites.<ref>[http://www.linkedin.com/company/verisign/verisign-ddos-protection-services-483246/product?trk=biz_product DDoS Protection Services, LinkedIn.com] Retrieved 15 November 2012</ref>

Verisign's expertise with large-scale network infrastructure once again comes into play with regards to its [[DDoS]] Protection Services, which use proprietary filtering technology to stop distributed denial of service (DDoS) attacks in the cloud before they ever reach a customer’s network. The services are network and hardware agnostic, require no hardware installation, and are able to detect and filter malicious traffic away from enterprise websites.<ref>[http://www.linkedin.com/company/verisign/verisign-ddos-protection-services-483246/product?trk=biz_product DDoS Protection Services, LinkedIn.com] Retrieved 15 November 2012</ref>

Verisign's [[DDoS]] Protection Services began as an offering for large financial institutions, but in May 2011, as the frequency of DDos attacks on the Internet increased, Verisign began to also offer these same cloud-based services at small and midsize businesses as well. In addition to these proactive services, it also began offering reactive services that allow businesses, particularly small businesses, to call Verisign after an attack.<ref>[http://www.networkworld.com/news/2011/050911-verisign-ddos.html?page=2 Verisign DDoS]. Network World. Retrieved 16 November 2012.</ref>

Verisign's [[DDoS]] Protection Services began as an offering for large financial institutions, but in May 2011, as the frequency of DDoS attacks on the Internet increased, Verisign began to also offer these same cloud-based services at small and midsize businesses as well. In addition to these proactive services, it also began offering reactive services that allow businesses, particularly small businesses, to call Verisign after an attack.<ref>[http://www.networkworld.com/news/2011/050911-verisign-ddos.html?page=2 Verisign DDoS]. Network World. Retrieved 16 November 2012.</ref>

The need for and attention on these services increased after the 2009 holiday shopping season, when major attacks took down the sites of e-retailers such as Walmart, Amazon, Expedia, and Gap.<ref name="ITWorld"></ref>

The need for and attention on these services increased after the 2009 holiday shopping season, when major attacks took down the sites of e-retailers such as Walmart, Amazon, Expedia, and Gap.<ref name="ITWorld"></ref>

In February 2010, Agiliance Inc., a leading independent provider of Integrated Governance, Risk and Compliance (GRC) solutions, announced that its threat and vulnerability automation solution would be integrated with iDefense Security Intelligence Services.<ref>[http://www.agiliance.com/news/pr_20100223_VeriSign_iDefense.html Verisign iDefense], Agiliance.com. Published 23 February 2010.</ref>

In February 2010, Agiliance Inc., a leading independent provider of Integrated Governance, Risk and Compliance (GRC) solutions, announced that its threat and vulnerability automation solution would be integrated with iDefense Security Intelligence Services.<ref>[http://www.agiliance.com/news/pr_20100223_VeriSign_iDefense.html Verisign iDefense], Agiliance.com. Published 23 February 2010.</ref>

In 2012, Frost and Sullivan recognized Verisign's iDefense with the 2012 North American Frost & Sullivan Award for Product Differentiation; the decision was made based on its analysis of the vulnerability research market. Frost & Sullivan Research Analyst, Richard Martinez, noted that "Verisign iDefense Security Intelligence Services provide around-the-clock access to relevant and actionable cyber intelligence, supporting decision-makers with threat awareness, vulnerability management and incident management resources." It was also noted that Verisign created the iDefense Vulnerability Contributor Program with hundreds of expert vulnerability researchers from around the globe, to provide insight into the cyber underground, undiscovered vulnerabilities and global threats in more than 20 languages.<ref>[http://www.circleid.com/posts/20120730_frost_sullivan_recognizes_verisign_idefense_for_security_services/ Frost Sullivan Recognizes Verisign for Security Services], CircleID.com. Retrieved 16 November 2012.</ref>

In 2012, Frost and Sullivan recognized Verisign's iDefense with the 2012 North American Frost & Sullivan Award for Product Differentiation; the decision was made based on its analysis of the vulnerability research market. Frost & Sullivan Research Analyst, Richard Martinez, noted that "Verisign iDefense Security Intelligence Services provide around-the-clock access to relevant and actionable cyber intelligence, supporting decision-makers with threat awareness, vulnerability management, and incident management resources." It was also noted that Verisign created the iDefense Vulnerability Contributor Program with hundreds of expert vulnerability researchers from around the globe, to provide insight into the cyber underground, undiscovered vulnerabilities, and global threats in more than 20 languages.<ref>[http://www.circleid.com/posts/20120730_frost_sullivan_recognizes_verisign_idefense_for_security_services/ Frost Sullivan Recognizes Verisign for Security Services], CircleID.com. Retrieved 16 November 2012.</ref>

== Relationship with ICANN ==

== Relationship with ICANN ==

===Trademark Clearinghouse Model===

===Trademark Clearinghouse Model===

In October 2012, a coalition of the world's most prominent registries, [[Neustar]], [[ARI Registry Services]], Verisign and [[Demand Media]] jointly proposed two models for the mandatory new gTLD Sunrise period and Trademark Claims service involved in the [[Trademark Clearinghouse]] that differ from ICANN's. To excerpt their letter:

In October 2012, a coalition of the world's most prominent registries, [[Neustar]], [[ARI Registry Services]], Verisign, and [[Demand Media]] jointly proposed two models for the mandatory new gTLD Sunrise period and Trademark Claims service involved in the [[Trademark Clearinghouse]] that differ from ICANN's. To excerpt their letter:

"This proposed model simplifies the ICANN model by decreasing the coupling between the Trademark Clearinghouse (TMCH) and registries. The model is as follows:

"This proposed model simplifies the ICANN model by decreasing the coupling between the Trademark Clearinghouse (TMCH) and registries. The model is as follows: