VeriSign announced an expansion of its Project Titan initiative to include additional security upgrades aimed at strengthening its global Internet infrastructure. When it initially unveiled Project Titan in February 2007, VeriSign announced plans to increase capacity of the .com and .net Domain Name Systems (DNS) by 10 times by 2010, and the development of new proprietary technologies and processes. Now, VeriSign is announcing the deployment of additional proprietary security upgrades and monitoring tools to identify, track and isolate malicious Internet traffic generated from cyber attacks.
Building on its initiative to expand and diversify the capacity of its global Internet infrastructure by 10 times by the year 2010, VeriSign announced it would expand its existing security by:
- Implementing next-generation monitoring and response services. Deploying these tools, developed by VeriSign as part of the Project Titan security initiatives, will improve the ability to detect, isolate, and stop security threats to protect the .com and .net provisioning and resolution systems. The tools are designed to assist in warding off threats at their early stages before they are able to damage and compromise networks, platforms and devices.
- Implementing new security and operational protocols to better manage traffic flow and increased protection against application-type attacks. Deployment of these enhancements are intended to mitigate the risk of service disruption from attacks that use the behavior of protocols such as TCP and HTTP that consume computational resources in order to overload critical systems.
- Implementing new tools to track, correlate and pinpoint security and network related events on a global basis. The ability to identify various attack vectors against the .com and .net infrastructure will assist in enabling early elimination of threats to reduce the potential for repeated incidents and threat of larger scale attacks.
- As announced during recent industry meetings, VeriSign is making enhancements to the root server infrastructure which will increase the security of DNS by authenticating the origin of DNS data and verifying its integrity while moving across the Internet. VeriSign will implement a DNS Security (DNSSEC) testbed for the root zone infrastructure to prepare for production systems. DNSSEC can help combat compromised data in name servers, which could then be used to launch damaging attacks against users, enterprises and the Internet core itself. As the publisher of the DNS root zone, VeriSign plans to launch this testbed to help enable the root zone to anchor a global chain of trust for TLD registry operators who implement DNSSEC within their TLDs and registrars who provide DNSSEC services for their customers.