Transforming Jisc's domain name system (DNS)
Investing in Jisc’s core DNS to protect the .ac.uk namespace; strengthening resilience, ensuring high availability and introducing self-service.
This project finished on
3 years and 5 months
To stand up against emerging threats, enhance the customer experience and streamline operations, we are transforming our DNS infrastructure, registry software and customer interface that supports Jisc’s suite of DNS services.
Every Jisc member can apply for and manage .ac.uk domain names as part of their Jisc subscription. Approved registrars can register .ac.uk domains that they host on behalf of non-Janet connected customers. Jisc members are also able to take up related DNS services; primary nameserver, secondary nameserver and Janet network resolver services at no extra charge. Alongside the Janet network, DNS is one of our core service offerings.
Jisc has been responsible for the administration and registration of .ac.uk domain names since 1996 and over the past 25 years, the landscape of domain management has changed substantially, with DNS becoming a prime target for cyber-attacks.
What we are doing
Jisc is making an investment into the hardware, registry software and customer facing interface to provide service enhancements, increased resilience and security and hardening the DNS infrastructure and services against known and emerging security threats. The programme will have multiple distinct workstreams and will involve staff from many areas across Jisc; cyber security, trust and identity and network operations.
Over several years we aim to design, purchase and implement the necessary infrastructure, replicated across multiple geographically dispersed data centres for enhanced security and resilience. Securing support and maintenance contracts will allow us to run these services with little disruption and maintain the high availability expected of a core DNS service.
Jisc is investing in a training programme to ensure each team member are suitably qualified and able to demonstrate the necessary competencies required to operate a national service.
Alongside the overhaul of the supporting DNS infrastructure, Jisc we also are using this time as an opportunity to review and procure the registry service software – entering into dialogue with vendors in the market will enable us to move to an industry standard registry management system and employ industry best practices. Jisc will prepare a tender document in consultation with the Jisc Legal and Procurement teams and invite bids from the marketplace which will be assessed in response to our requirements and contract awarded.
Finally, we aim to provide an enhanced service to users by creating a self-service portal for domain registry and primary nameserver service users in the existing cyber security portal.
We aim to deliver:
- A more robust and resilient back-end system and replication across many data centres to protect service continuity and availability
- A better service to members – a modern user interface, allowing easier self service for DRS, PNS and SNS service users
- Less administrative burden for service desk staff, more automation of processes frees staff of manual tasks
- Support and maintenance provided by world-class vendors, acting as trusted Jisc partners
Meet the project team
Emma AthawesImplementation and delivery coordinator, Jisc
Andrew DavisInfrastructure and critical services manager
James McLoughlinSenior security engineering manager
Matt MasonSecurity engineer