Internet DNS to Receive 3-Year, $100mn Overhaul
In preparation for the capacity of the entire Internet to double to 1.8 billion users in just three years' time, VeriSign -- which manages the registry for the .com and .net top-level domain names, as well as the root servers for the entire domain name system -- announced this morning it will commit three years' worth of humanpower and $100 million in resources to the overhaul and expansion of DNS.
VeriSign CEO Stratton Sclavos is expected to reveal details of Project Titan, perhaps his company's most ambitious effort to date, later tonight at a keynote address to the RSA Conference in San Francisco.
Based on early information, however, here's what we know: VeriSign has determined that, in order for the DNS system to keep up with what could be described as hyperbolic growth, its root servers will need to increase their operating bandwidth from 20 gigabits per second (Gbps) to 200 Gbps.
To accomplish this, the company will begin decentralizing its distribution of DNS servers worldwide, including new construction in India, Germany, Chile, and South Africa, managed through new network operations centers to be built in the US and Europe. By 2010, the company states, its goal will be to have multiplied its points of presence for DNS availability from its current level by a factor of 10.
In addition, the company will devote resources to creating a new kind of DNS threat monitoring system which aims to protect an expanded service from possible attacks, which theoretically could be orders of magnitude greater than the denial-of-service attack the DNS system reportedly sustained earlier this week.
Projected bandwidth requirements for handling security measures in the DNS infrastructure alone in 2010, the company said today, will be 10,000 times greater than what was required of it in 2000. So VeriSign's new protection system could take what it calls "pre-emptive action" against strikes, though details about what such action might entail may be reserved for tonight's RSA address.
It will be a tremendous commercial effort, the product of which will not generate revenue for VeriSign directly. Perhaps just as great a challenge as engineering and deploying this overhauled DNS network in a three-year timeframe will be to attain the level of commercial revenue from .com and .net registrations, and through identity and SSL certificate registrations, to enable the company to meet these ambitious goals.
Last month, the company reported 2006 revenue dropped by 17.4% over the previous year, to about $749 million, on revenue that only declined 2% to $1.58 billion.
Sclavos may not provide much guidance tonight on the topic of how his company will afford this grand scheme; and his company did not publish fiscal 2007 guidance last month. So regardless of whether VeriSign can accomplish this overhaul logistically, it might not be until April when we know whether it can pull it off financially.
10:30 am February 9, 2007 - VeriSign CEO Stratton Sclavos, contrary to expectations, revealed few new details about Project Titan, describing it as "a three-year investment in infrastructure and technology that will be deployed globally." Sclavos reiterated the company's projection that the renovated DNS infrastructure will boost VeriSign's capacity from 400 billion transactions per day to 4 trillion, though his description of what kinds of transactions he was talking about may have been as vague as his speech's stated theme, "Fortifying the Cloud."
"Don't get me wrong; it's not just about security. It's also because of the 'Any Era,'" Sclavos said, referring to his term for the impending period of history where consumers will want to see any piece of requested content on any device whatsoever. "There's a lot of wireless users who are going to be connected to the Internet. There are more machine-to-machine interactions coming," he added, referring to the increase in DNS traffic necessary for the routers themselves to communicate with other routers.
"There's lots more usage in these community sites as more and more users go on, and more and more interactions take place. So just plain usage of the network in the 'Any Era' is going to drive the need for more capacity here, and then you're going to need 10x that to protect against peak loads on the attacks."
While VeriSign stated yesterday the company intends to invest $100 million in Project Titan over a three-year period, that number may be fuzzy. When VeriSign's agreement with ICANN for managing the .com and .net top-level domains was extended in 2001, VeriSign agreed to invest $200 million just to maintain, not to overhaul, the DNS system at that time. In its bid to renew that agreement again in 2005, VeriSign pledged to spend "more." Replenishing that investment is part of the deal VeriSign made with ICANN to maintain management over the Internet's top two TLDs.
The Project Titan investment, whatever its final figure, Sclavos said yesterday, "will take our investment in the infrastructure north of a billion dollars, and we think it's the absolute minimum we have to do to make sure that the next three years have us ahead of the race ahead of the bad guys."