Subscribe to our Newsletter!
By subscribing to our newsletter, you agree with our privacy terms
Home > Network Monitoring > Your Ultimate Guide to 10 Powerful DNS Monitoring Tools
April 05, 2022
Domain Name System (DNS) plays a crucial, yet often unseen, role in the infrastructure of the internet. It translates the human-readable domain names we type into the numerical IP addresses computers understand, directing us effortlessly to our online destinations. But like any critical infrastructure, DNS servers are vulnerable to a range of threats, from performance hiccups that can slow down browsing to malicious attacks that can redirect users to fake websites or steal sensitive information.
Ensuring the health and performance of your DNS servers is therefore paramount. This is where DNS monitoring tools come in – your vigilant watchdogs in the digital network. They constantly check the availability of your DNS servers, response times, and security settings, alerting you to any issues before they impact your users or compromise your data.
However, with a plethora of options available, choosing the right DNS monitoring tool can be overwhelming. To help you navigate this landscape, we’ve compiled a comprehensive list of 10 popular tools, delving into their features, pros and cons, pricing models, and suitability for different user types. Get ready to dive deep into the world of DNS, understand the threats lurking in the shadows, and discover the perfect tool to keep your online experience smooth, secure, and worry-free.
Computers connected to the Internet communicate among themselves using the Internet Protocol, or “IP”. Each one has an identifier known as an “IP address”, which is used by one machine (like a client) to establish a connection with another (a server). Just like every phone connected to the telephony network has a phone number associated with it.
The Domain Name System (DNS) acts as a “phone book” for the internet, converting human-readable domain names, like www.google.com, to machine-addressable IP addresses, like 142.251.132.4, in a process named “DNS resolution”.
Users have no insight into that resolution process, which takes place in the background. For example, when a hostname is entered into a browser’s search bar, the browser sends to the DNS server a request for the IP address associated with the domain, a process that ideally takes a fraction of a second. Knowing the IP address, the browser can then establish a connection to the server and start loading the webpage.
The DNS system is organized as a hierarchically distributed database. Each domain has at least one authoritative DNS server associated with it, that publishes information about the domain and associated subdomains. These servers answer to other servers higher in the hierarchy, (like a DNS server responsible for all domains in a country), which in turn answer to higher levels, and ultimately to a root server with information about all domains on the internet.
As you can imagine, the DNS system is a critical part of internet infrastructure. A failure in DNS resolution may make your websites and servers practically inaccessible, leading to service interruptions and even financial loss. Thus, there is a need for tools that can monitor the status and health of your DNS servers.
During the DNS monitoring process, automated queries are sent to a desired DNS server and the results are validated for a specific domain name. One of the most common methods is to query the DNS server with a URL and verify the IP address returned in the A record or AAAA record. The appropriate response to these queries is the correct IP address, which corresponds to the URL being used. If the correct IP address is received, no further action is required, and monitoring continues.
However, if a different IP address is returned, the monitoring tool starts a so-called DNS incident and starts notifying. A DNS incident is a period when a Domain Name System is unavailable or returns incorrect records. However, it can also mean that the request sent by the monitoring tool does not receive a response within a defined period, a situation known as a timeout.
The DNS system is fairly robust, but it was originally designed for reliable operation, not with security in mind. Even after security extensions and protocol revisions were made, there are still many different ways to attack DNS servers.
Many of these attacks are very complex and take advantage of the communication between the clients and the servers. Another common attack technique is to log in to a DNS provider’s website with stolen credentials and redirect DNS records. Typical types of DNS attacks include:
The difference between DoS and DDoS is that DDoS attacks are distributed, with traffic originating from botnets with bots spread across the globe. This makes it more difficult to stop the flood of requests (since admins cannot simply block traffic from a specific source IP address or range), and the attack becomes much more effective.
There are many reasons to invest in DNS monitoring. Here are five of them, in no particular order.
Broadly speaking, there are 5 main features you need to look out for when choosing DNS Monitoring tools. Keep in mind that this may vary according to your specific needs.
There are many DNS monitoring tools, from as many different vendors, which may focus solely on a single aspect of the task or offer this capability as a subset of a broader range of features. We present a few of them below, in no particular order.
Paessler-PRTG, Solarwinds, Nagios, DotCom, ManageEngine, UpTrends, DNSCheck, 24×7, DNSSPY, UpTrend
When it comes to monitoring, there are a few components to keep track of. This is where effective DNS server monitoring software comes into play. These tools provide detailed insights that are usually not possible and protect DNS servers from attacks and inform when performance is poor. Here is an overview of the best DNS monitoring tools available:
Paessler PRTG is one of the best and most popular network monitoring tools and can also be used as a powerful DNS monitor. It specializes in DNS server availability and performance and provides information in an intuitive and attractive way. The dashboards are clean and clear, and the graphs, scales and charts are colorful and easy to read, making data interpretation faster and more accurate.
PRTG includes DNS sensors, and DNS monitoring is an automated process that runs behind the scenes, checking the availability and performance of DNS servers. It not only monitors your DNS servers in real-time, but also records all measurement data. This gives you the possibility to always retrieve detailed statistics about your DNS servers.
Monitoring data is presented intuitively and attractively, with clean and concise dashboards. Graphs, scales, and charts are colorful and easy to read, making data interpretation faster and more accurate.
PRTG Network Monitor runs on Windows (Server 2012, 2012 R2, 2016, 2019, 2022, Windows 10 or 11) and is available either with perpetual licenses (starting at US$ 1.899) or subscription licenses (starting at US$ 159 monthly), a flexible and affordable pricing scheme when compared with other tools. A 30-day free trial is available. There is also a free version for personal use that lets you monitor up to 100 sensors at no charge.
ManageEngine Applications Manager offers comprehensive DNS monitoring with real-time alerts to make sure your DNS server performance is always maximum and no issues that can impact the performance of your business applications go unnoticed.
It helps to make sure critical services are up and running at all times, ensure constant connectivity of websites and servers, and quickly identify DNS issues. With detailed monitoring, intelligent alerts, and reports helping you analyze performance trends, Applications Manager could be a good solution for anyone looking for a DNS monitoring tool.
This tool is also available as a mobile app for iOS and Android, with features such as an overview of all monitors, groups, and subgroups with availability and health status, notifications for critical and warning alarms and push notifications for health and availability alerts. There is also a mobile web client, suitable for any smartphone with a modern web browser.
ManageEngine Applications Manager is SaaS (Software as a Service), with pricing available by quote. It runs on Windows Server 2012 R2, 2016, 2019, 2022, Windows 10 or Windows 11, and also on Linux distributions like CentOS, Debian, Fedora, openSUSE, Oracle Linux, Red Hat Enterprise Linux (7 and 8), SUSE Linux Enterprise and Ubuntu. There is a 30-day free trial available.
The SolarWinds® Server & Application Monitor (SAM) is a complete infrastructure monitoring package that can help you monitor DNS server performance and help head off issues that could affect end-user experience.
SAM can be used as a DNS user experience monitor to help Admins check DNS server ability and ensure the server responds to a record query within an acceptable threshold.
It is designed to compare query response times against a list of IP addresses to help ensure your DNS servers are performing at an acceptable baseline. SAM is also built to support DNS server management for different types of servers.
Data is presented in an integrated, “single-pane-of-glass” dashboard, providing insights into “systems, applications, and infrastructure performance, regardless of where they reside”. This information can be visualized and correlated across the environment, with dynamic baselining to define what is normal operation and what should trigger an alert.
SolarWinds Server and Application Monitor is offered on a flexible licensing model, with subscription or perpetual licensing, starting at US$ 1,1813. System requirements for a locally hosted server include Microsoft Windows Server 2012, 2012 R2, 2016, 2019, or 2022 and Microsoft SQL Server 2016 or greater. A free, fully functional 30-day trial is available.
Nagios XI is a complete IT infrastructure monitoring tool that can monitor your DNS servers and much more, including applications, services, operating systems, and network protocols. Its web-based interface is configurable and easy to use, providing at-a-glance access to monitoring information.
DNS monitoring is part of Nagios XI and Nagios Core tools, both renowned monitoring tools used by many users and organizations. Nagios allows you to monitor DNS servers, protocols, and queries; achieve increased availability of servers, services, and applications; quickly detect network failures and protocol errors; and quickly detect attacks and threats such as DNS hijacking and spoofing.
The Nagios monitoring solution can be extended with third-party components listed in the Nagios Exchange repository, such as wizards and plugins. The tool was created with fast-paced environments in mind, meaning any DNS issues in your network should be detected within seconds or minutes.
Nagios XI is available in two editions, “Standard” and “Enterprise”, starting at US$ 2.495. There is also a free plan for small-scale monitoring (7 Nodes or 100 Services – whichever is reached first), and a fully functional 30-day free trial. The Open Source Nagios Core edition is free to use.
Nagios only runs natively under Linux, more specifically distributions like CentOS, Red Hat Enterprise Linux (RHEL), Ubuntu, or Debian. However, it can be run on Windows servers using virtualization solutions like VMWare, Virtual Box, or Hyper-V.
DNS Spy is a powerful DNS monitoring tool that can monitor your domains for DNS changes and alert you as soon as a record has changed while keeping a detailed history of each DNS record change.
It can also notify you of invalid or RFC-violating DNS configurations that may cause malfunctions, and rate your configs. One unique feature is the ability to back up your records: it allows for Bind, PowerDNS, and CSV exports for each monitored domain, straight from the monitoring dashboard. This allows you to restore your DNS records to another DNS provider, in case of unavailability of your current one.
According to the developer, the auto-detect feature on DNS Spy “can find almost any DNS record and will automatically start monitoring it for changes”. It can also resolve CNAME records and alert when they change, and monitor DNS migrations, with “100% coverage with zone transfers”.
DNS Spy is SaaS available in three plans (Light, Standard, and Premium), with prices starting at 4,99€ (around US$ 5,50) monthly. The website features an offer for a free trial, but the duration is not specified.
Dotcom-Monitor provides a simple DNS monitoring tool. It evaluates the request times, responds with a DNS trace, and sends a warning if there are problems. If any issues are detected with resolving DNS names, an instant DNS trace is taken that shows the full path of propagation, as well as an instant alert, showing the type of issue and extent of the error. Performance reports are generated showing resolution speeds.
Monitoring is done with a global network of locations, helping you analyze performance and resolution from all geographic regions, which is crucial when diagnosing localized issues. It can monitor all important metrics, such as response time, query success rate, and resolution accuracy, and also provide detailed insights into the health of the DNS propagation chain.
One of the advantages of this monitoring tool is that it supports a variety of records, ranging from AAAA to NS, CNAME, TXT, SPF, and many others. This helps quite a bit with troubleshooting, as you gather much more information than you otherwise would.
Dotcom-Monitor is SaaS available in three plans (Basic, Standard, and Advanced), with monthly or annual billing, starting at US$ 29,99. A 30-day free trial is available.
UpTrends is a free DNS lookup tool for monitoring DNS health 24/7 and offers generous functionalities. UpTrends lets you monitor all the important DNS records, including A, AAAA, SOA, TXT and MX. Additionally, root servers can be monitored so that you know when DNS has been interfered with. This allows DNS poisoning to be stopped before it affects server health and performance. UpTrends also tracks SOA serial numbers to ensure that no changes have gone unnoticed.
Furthermore, DNS servers can be checked worldwide. A regional problem can spread to the rest of the DNS network, and UpTrends is good at detecting and resolving these problems before they spread.
DNS Check is a simple tool. It monitors any differences or search errors for name servers and DNS records. However, it is by no means a comprehensive tool. If one values alerting and event response utilities, DNS Check must be combined with other products. However, it is a tool that should be considered for monitoring DNS.
DNS Check can automatically set up scans to identify incorrect IP addresses, missing DNS records, duplicate DNS records, remote IP addresses, unresponsive name servers, out-of-sync name servers, and more.
One advantage of DNS Check is that you can choose whether to import the entire zone or individual records to be monitored. It is also a great tool for collaboration since links can be shared that show which records have been properly published and which have not.
DNS Check is SaaS available in two plans, Professional or Enterprise, with prices starting at US$ 8 per month. There is also a free plan, which allows you to monitor up to 10 DNS records free of charge.
Site24x7 offers a multi-tool for DNS monitoring that alerts operators as soon as an error or misconfiguration occurs. It can check websites from over 120 locations around the globe. The tool not only checks whether a website is visible, but also investigates the reason for the outage, if there is one.
Site24x7 performs continuous DNS checks and issues an alert whenever a DNS error occurs that prevents the end user from reaching a website. The alert system ensures that there is no need to constantly look at a dashboard to find problems. Instead, technicians can perform other tasks and take care of the DNS only after the problems have occurred.
It can also help you manage the SLAs of DNS Hosting Providers, and generate detailed reports outlining performance, availability, health trends, busy hours, and response time of your servers, alongside root cause analysis that allows you to pinpoint the cause of downtime. In case of unavailability, your team can be notified via voice calls, SMS, Instant Messages, RSS feeds, and push notifications from Android and iOS apps.
ManageEngine Site 24×7 is SaaS available in three plans (Basic, Pro, and Enterprise), with prices starting at US$ 35 monthly. There is a free 30-day trial available.
UpTrends offers a tool for monitoring DNS health 24/7 and offers generous functionalities. With real-time alerts, it lets you monitor all the important DNS records, including A, AAAA, SOA, TXT, and MX.
Additionally, root servers can be monitored so that you know when DNS has been interfered with. This allows DNS poisoning to be stopped before it affects server health and performance. UpTrends also tracks SOA serial numbers to ensure that no changes have gone unnoticed.
Furthermore, DNS servers can be checked worldwide, from a network composed of more than 200 locations. A regional problem can spread to the rest of the DNS network, and UpTrends is good at detecting and resolving these problems before they spread. In case of problems, alerts can be automatically escalated based on your team’s duty schedules and the error duration.
Uptrends is SaaS and available in 2 pricing plans: Basic, for organizations with less than 5 websites, applications, and APIs, and Enterprise, for those with more than that. Pricing starts at US$ 100, and there is a full-featured, 30-day free trial available.
ThousandEyes, by Cisco, allows you to monitor the availability, resolution speed, and record mappings of your DNS servers, be they on-premises, hosted, or third-party. It is also able to trace the entire DNS hierarchy for a record, from top-level domain servers to the authoritative server, and understand if DNS infrastructure outside of your control is causing an outage or performance degradation.
It features auto-discovery, routing, path tracing, and availability metrics, allowing you to understand the connectivity to authoritative servers. You will be able to measure the responsiveness and record accuracy of your local DNS resolvers, customize, configure, and export alerts on DNS availability, record mappings, and DNSSEC, detect DNS cache poisoning by alerting on record mappings, and verify the DNSSEC keychain from the bottom up.
Pricing for ThousandEyes is only available by quote. There is a 15-day free trial available.
The “resolving process” refers to the conversion of domain names to IP addresses. Users have no insight into that resolution process, which takes place in the background. When the hostname is entered into a browser’s search bar, there is a moment – typically less than a second – when the request is resolved. Although this procedure takes only a few microseconds, there are four different types of DNS servers involved:
Each of them has a different purpose, and they work together to provide access to users to the content they request.
In a DNS attack, an attacker exploits vulnerabilities in the DNS. Even though the DNS system is fairly robust, it was designed primarily for steady operation, not for the highest level of security. That is why there are many different ways to attack the DNS system today. A lot of these attacks are very complex and take advantage of the communication between the clients and the servers. Another attack technique is to log in to a DNS provider’s website with stolen credentials and redirect DNS records. Typical types of DNS attacks:
During a DNS monitoring process, automated queries are sent to a desired DNS server and the results are validated for a specific domain name. One of the most common methods is to query the DNS server with a URL and verify the IP address returned in the A record or AAAA record. The appropriate response to these queries is the correct IP address, which corresponds to the URL being used. If the correct IP address is received, no further action is required, and monitoring continues. However, if a different IP address is returned, the monitoring tool starts a so-called DNS incident and starts notifying. A DNS incident is a period when a Domain Name System is unavailable or returns incorrect records. However, it can also mean that the request sent by the monitoring tool does not receive a response within a defined period of time.
To ensure the accessibility of your own website, monitoring the DNS record is very important. If there are DNS problems – of whatever kind – customers can no longer reach the online store, for example, which can quickly have a financial impact on a company. Monitoring DNS increases both the reliability and security of this service and is very powerful in detecting some common hacking attacks such as a DDoS attack or DNS poisoning.
September 02, 2024
September 01, 2024
August 22, 2024
August 17, 2024
July 20, 2024
July 19, 2024
July 10, 2024
July 04, 2024
Previous
Belgium completes trials with new WiFi roaming standard
Next
Best Virtual Machine Monitoring tools
