CortexDNS
Enterprise DNS Management Platform
Unified DNS management platform with purpose-built components for authoritative serving, load balancing, threat filtering, and recursive resolution — all managed from a single pane of glass. Enterprise-grade DNSSEC management, DDoS protection with intelligent rate limiting, DNS filtering, role-based access control, SIEM integration, real-time analytics, multi-language support, and DNS over TLS.
Capabilities
Core Features
Complete DNS infrastructure management from a single, unified platform.
Unified DNS Management
Manage Cortex Auth, Cortex Edge, and Cortex Filter from one platform. Centralized zone management, record editing, and configuration across all DNS components.
DNSSEC & DDoS Protection
Automated DNSSEC key management and zone signing. Built-in DDoS mitigation with intelligent rate limiting, query throttling, and threat detection via Cortex Edge.
DNS Filtering
Cortex Filter provides network-wide ad blocking, malware domain filtering, and content categorization. Custom blocklists and whitelists with granular control.
RBAC & SSO
Cortex IAM provides authentication with OAuth2, OIDC, and SAML support. Fine-grained role-based access control for zones, records, and administrative functions.
SIEM Integration
Native integration with enterprise security platforms. Export DNS logs and events to Syslog, Elasticsearch, Splunk, and IBM QRadar for centralized security monitoring.
Real-Time Analytics
Cortex Analytics engine with query classification, response time tracking, geographic distribution, and trend analysis dashboards for complete DNS visibility.
System Design
Architecture
Purpose-built DNS components unified under a single management layer.
High-performance authoritative DNS engine. Handles zone serving, DNSSEC signing, ALIAS records, and supports all standard DNS record types with relational database backend.
DNS-aware edge gateway and traffic director. Provides rate limiting, query routing, DoT/DoH termination, and DDoS protection at the DNS protocol level.
Network-level threat and content filtering engine. Blocklist management, query logging, client group policies, and DNS sinkholing for security and content control.
Recursive DNS resolver with DNSSEC validation. Handles upstream resolution, intelligent caching, and serves as the backbone for internal DNS queries.
Enterprise identity and access management module. OAuth2/OIDC/SAML authentication, user federation, role management, and single sign-on for the management UI.
High-performance analytics engine for DNS query logs. Enables real-time dashboards, query pattern analysis, and long-term trend storage at massive scale.
Enterprise Deployment
High Availability Cluster
Production-grade 3-node active-passive cluster with automatic failover under 30 seconds. Zero single points of failure.
PostgreSQL HA
Patroni + etcd
Streaming replication with RAFT consensus. Automatic leader election and failover in under 30 seconds. Zero data loss with synchronous commit.
< 30s failoverDNS Replication
Master / Slave AXFR
Cortex Auth master-slave replication with AXFR zone transfers and NOTIFY propagation. Slaves continue serving DNS during master failure.
< 60s propagationVirtual IP Failover
Keepalived VRRP
Dual Virtual IPs for web and DNS traffic with health-check driven failover. Clients never notice a node going down.
< 3s failoverIAM Cluster
JDBC_PING Discovery
Cortex IAM instances form a cluster via JDBC discovery with distributed session caching. No multicast or external coordination required.
< 10s failoverRedis Sentinel
Quorum-based Election
Three-node Redis with Sentinel monitoring and quorum-based master election. Automatic replica promotion ensures cache continuity.
< 30s failoverFilter Sync
Orbital Replication
Cortex Filter blocklists and configuration synchronized across all nodes every 5 minutes. Consistent filtering policy on every node.
5 min syncHave a project in mind?
We're happy to talk — whether you need a product, consulting, or just want to bounce ideas.