Update: Microsoft will be moving away from UserVoice sites on a product-by-product basis throughout the 2021 calendar year. We will leverage 1st party solutions for customer feedback. Learn more here.

How can we improve Azure Networking?

← Networking

Azure DNS needs DNSSEC support

DNSSEC is required to be able to secure your DNS requests. At the moment this is not available. We cannot move until our domains to Azure DNS untill these requirements have been met.

5,965 votes
Vote

We're glad you're here

Please sign in to leave feedback
Signed in as (Sign out)
Close
Close
You have left! (?) (thinking…)
Anonymous shared this idea  ·   ·  Flag idea as inappropriate…  ·  Admin →

264 comments

We're glad you're here

Please sign in to leave feedback
Signed in as (Sign out)
Close
Close
Submitting...
An error occurred while saving the comment
  • JPL commented  ·   ·  Flag as inappropriate

    I am adding my voice to the desire that this be an available feature in Azure DNS. As it is we are migrating our DNS but we won't be able to continue with DNSSEC which every DNS on the internet should support in order to be a good netizen.

  • Andrew McNaughton commented  ·   ·  Flag as inappropriate

    It is disappointing that Microsoft can have great DNSSEC support in Windows Server, going back many years, but the Azure solution still doesn't match it. At least we know Exchange Online will be delivering this on outbound mail and has employed it for incoming mail.

  • Rudi Larno commented  ·   ·  Flag as inappropriate

    And it's been 2 years now, if you count the last response.
    Aaand it's been 5 years, if you count the first response.

    Given the amount of scams and phishing going around, how come Azure customers still do not have DNSSEC.

  • Ali Rashid commented  ·   ·  Flag as inappropriate

    Any update on this? As mentioned DNSSEC is getting to the point of being specified as a requirement in many cases.

  • Rackmount.IT - Eric commented  ·   ·  Flag as inappropriate

    Hi, I do value the implementation of DNS in Azure. It's fast, functional, also new types are implemented (like CAA record) but why o why there's no support for DNSSEC!!!!

    This is long long overdue. Come on Microsoft you can do it!!!

  • Luis Vigil commented  ·   ·  Flag as inappropriate

    In the Fedramp report for SC-20 and 21 Microsoft mentions: This control is only applicable to the customer if hosting DNS and resolving .gov domains.

    Is there independent confirmation for this statement?

  • Michael commented  ·   ·  Flag as inappropriate

    The lack of support caught me by surprise; I didn't even think to check, because I would absolutely expect any reputable DNS to support as much security as possible. DNSSEC isn't exactly cutting-edge tech at this point, and now (because I'm not willing to give it up), I have to manage my DNS in a separate platform.

    We really need an update that's less than two years old--this should be a requirement for every customer.

  • nisse commented  ·   ·  Flag as inappropriate

    Last update was for 2019, and now it's 2021, exactly how far down is this on your backlog?

  • Anonymous commented  ·   ·  Flag as inappropriate

    As cyber security firm, we recommend customers tio implement DNSSEC. But they can’t on Azure yet...!! Any update on this feature?

  • Marcel Tegelaar commented  ·   ·  Flag as inappropriate

    We use Azure for our SaaS offering, including a lot of DNS zones. We are getting red lights on customer pentest reports because of this.

    Is there any planning for DNSSEC in Azure DNS?

  • Anonymous commented  ·   ·  Flag as inappropriate

    I work for a large bank and we'd prefer to use Azure for DNS registration and DNSSEC since a lot of our systems are out there. There's no reason we wouldn't use Azure if it was available.

  • Jonas Inghammar commented  ·   ·  Flag as inappropriate

    Come on now Microsoft. DNSSEC is more or less a requirement for all customers today and every other provider worth a mention have had this for years. I would love to move all DNS hosting to Azure to be able to manage everything in one place but until this is solved we are stuck using other providers. I have full respect for the engineering investment required but when you are competing in the big league you need to go all in!
    Can you please give us an update on this?

  • Thomas Zarnhofer commented  ·   ·  Flag as inappropriate

    any update on this? DNSSEC support in combination with domain registrar capabilities to automatically enable DNSSEC on domains would be a very useful feature! If you support DNSSEC and act as a registrar for a broad range of TLDs, we will maybe think about moving up to 700 domains to Azure DNS, if pricing for registrations is also able to compete with our current provider.

← Previous 1 3 4 5 13 14

Networking: DNS

Categories

Feedback and Knowledge Base

(thinking…)
Hosted by UserVoice