Patented DNS security made simple. Ideal for use cases at the cloud edge and in your data center.

DNS is a core network function increasingly consumed as a service. While managed DNS services typically provide a higher security level than on-premise BIND or Microsoft DNS installations, they also degrade the user experience through slower response time due to latency.

FusionLayer DNS is a virtualizable solution that combines the best of the managed services and the on-premise worlds. Run on-premise by SMBs, enterprises, and some of the largest telecom companies globally, it combines the security level associated with managed DNS services with the service quality expected by the end-users.

Deployed as a software appliance on VMware, KVM, Hyper-V, or Nutanix FusionLayer DNS can easily be run both on-premise and in the edge clouds enabling unparalleled security and service quality. With an automated installation process that requires only minutes to boot up a virtual machine, running DNS has never been this simple.

DNS security from the ground up. Guaranteed.

FusionLayer invented proactive DNS security in 2006. Since then, Tier-1 telecom companies, enterprises, and SMBs worldwide have deployed FusionLayer DNS to safeguard their Internet presence.

The standard security features in FusionLayer DNS include:

  • Patented security architecture
  • Intrusion prevention and firewall to protect against DDoS attacks
  • Support for TSIGs, DNSSEC, ACLs, and RPZ Feeds

Over the last 15 years, we have yet to see a FusionLayer customer’s Internet presence lost due to a failed FusionLayer DNS service. With a subscription-based licensing model that does not involve CAPEX -investments, your CFO will love it too.

FusionLayer Name Surfer DNS Web Diagram


Implements multiple DNS functions
  • Authoritative
  • Recursive and caching
  • Forwarding
Built-in security with embedded
  • Intrusion prevention and firewall
  • Rate-limiting and source randomization
  • DNSSEC, TSIG, ACLs, and more
Solution design based on
  • Principle of Defense in Depth
  • Principle of Least Privilege
  • Principle of Default Deny
Distributed as a software appliance
  • A virtual machine on KVM or VMware
  • Natively on physical x86 machines
  • Simple software updates
Aligns with existing infrastructure
  • NOC and monitoring processes
  • Centralized back-up processes
  • SIEM systems for compliance
Implements DNS standards
  • Dual-stack, DNS64, ENUM


Secure, Resilient, and Standardized
  • On-premise DNS as a subscription – no CAPEX
  • Patented security and resilient solution design
  • Supports relevant standards (e.g. DNSSEC, IPv6)