We’re the DNSSEC Experts.

We are an active contributor to DNS(SEC) standards, and the ONLY commercial DNSSEC vendor consulted on signed root deployment.

Our corporation's expertise is in accelerating the design, development and deployment of usable secure systems, based on open protocols and standards based security.
Our products make DNSSEC compliance simple, simple, simple, with a GUI second to none.
Learn More >

What They’re Saying

“DNSSEC needs to be far more automated than it is today. The Xelerance DNSX appliances address this issue.”
-- Dan Kaminsky

Upcoming Event:

Xelerance

Xelerance DNSX Secure Signer: a staple in the new DNS secure world

Posted April 28, 2011 in news



VeriSign, which operates two of the Internet’s 13 root domain name service (DNS) servers, has called its deployment of DNSSEC in the .com TLD a “critical milestone to improve the integrity” of the Internet, the Inquirer reports.

According to the article, a key advantage with DNSSEC is DNS records can be verified because they are digitally signed using public-key cryptography: “This should, in theory, mitigate the possibility of DNS hijacking attacks, where users are unwittingly sent to the wrong website by having a domain name resolved to an incorrect quad-dot numerical Internet address.”

VeriSign’s move illustrates the importance of getting it right all the time in today’s DNS secure world in which losing a domain – even for a brief period – can be catastrophic for commercial organizations. And mistakes happen: In 2010, Puerto Rico (.pr) vanished from the Internet because the old digital signature was deleted before the new one became active. Recently, France (.fr) was down for 15 minutes because there was no monitoring capability on the software used for signing their DNSSEC key.

“The key to avoiding this is to implement good common practices and then automate those practices,” says Sergius Heifa, President of the Ottawa-based Xelerance Corporation.  “Implementing good practices for DNSSEC requires an in-depth knowledge of DNS plus the added in-depth knowledge of security extensions. There are a number of ways to achieve this: hire the talent, contract external consultants, or install automation tools with built-in best practices.”

Xelerance’s flagship product, the DNSX Secure Signer, is the world’s first and only pure DNSSEC appliance.  It provides a complete pro-active DNSSEC management and monitoring solution, handling not just the technical signing process but also the implementation of DNSSEC management and security policies mandated and recommended by the U.S. National Institute of Standards and Technology and the Internet Engineering Task Force.

A fully tamper-proof DNSSEC solution with Federal Information Processing Standards (FIPS) 140 Level 3 certification, the DNSX Secure Signer is the fastest product on the market in terms of key-generation and zone-signing speed.

About Xelerance

Headquartered in Ottawa, the high-tech capital of Canada, Xelerance offers products and services to secure the Internet. Its DNSX Secure Signer, which won the Best Security Hardware award at FOSE 2010, automates the complicated tasks of managing and maintaining the signature keys required by DNSSEC.

For more information contact:
Sergius Heifa
President
Xelerance Corporation

(647) 722-5653

Sergius@xelerance.com

Login