PDNS: DNS as a Service

PDNS: DNS as a Service

  • Complete Bind9 based solution
  • Planisys RBLs included for email security
  • Recursive DNS-Firewall RPZ (Response Policy Zones) for endpoint security
  • Authoritative DNS for your Organization
  • WebUI and API for DNS
  • Antispoofing, Anti-DDoS and Cache Poisoning Controls
  • DNSSEC for increased security and authenticity

DNS is a critical component behind all Internet applications, websites, e-mail, messaging and e-commerce. We at Planisys have developed the PDNS platform for task automation and full control of the DNS Operation at Service Providers, Financial Institutions and other Organizations requiring a high level of security.

Read about DNS Attacks

Real-Time Black Lists Statistics

Total Queries (positive hits and nxdomain miss)

Total Queries (positive hits and nxdomain miss)

Malware/Attacker Hits per RBL

Malware/Attacker Hits per RBL

Export to MaxOSX-Numbers

RBL Total Queries distribution

RBL Hits distribution

RBL Hits distribution

PDNS-ZTS Zero Trust Security
Private Deployment

  • Hidden Primary, Authoritative and Recursive servers dedicated to your organization domains for maximum security
  • Avoid noisy neighbors, cache poisoning, and domains involved in malware attacks to protect your endpoints
  • Response Rate Limiting to avoid DDoS attacks
  • Real-time consistency controls of your domains between your Hidden Primary, your Authoritatives and Recursives.
  • DNSSEC for cryptographic signing of zones

  • PDNS-ZTS: Zero-Trust Security
  • PDNS-EA: Per-Company Exclusive Authoritative
  • PDNS-ER: Per-Company Exclusive Recurive
  • RPZ: Response Policy Zones
  • NOD: Newly Observed Domain monitoring (C&C, Malware and Botnet servers)
  • UDR: Unique Domain Response monitoring (C&C, Malware and Botnet servers)
  • RBL: Real-Time Black Lists
PDNS-ZTS Zero Trust Security Private Deployment


  • Premium Technical Support - Ticketing system with Escalation Procedure
  • Managed services for DNS migration tasks
  • Permanent consulting on the use of DNS
  • 24x7x365 DNS Monitoring and Alerts
  • Increased Security
  • Antispoofing and Antimalware
  • Encryption and Hashing
  • Graphical metrics


Web interface for DNS Resource Records

Intuitive, multi-tenant, responsive web interface for DNS Resource Records CRUD (Create Read Update and Delete). Consistency checks and alerts for changes in delegation , lame delegations or zone serial numbers out-of-sync. Prometheus and Grafana metrics and graphic dashboards.

DNSSEC and GeoDNS support

DNSSEC support for zone signing and root-of-trust in the delegation chain. GeoDNS support with graphical interface and authoritative traffic redirection depending on country and city.

Consistency monitoring and alerts

Consistency checks and alerts for changes in delegation , lame delegations or zone serial numbers out-of-sync. E-Mail and SMS alerts to keep track of dead zones and failures in zone transfers.

Recursive DNS Firewall RPZ

With a real-time feed of +1M of malware infected domains, DNS uses RPZ (Response Policy Zones) to protect all endpoints of your organization, from cellphones to desktop PCs and servers, by non resolving domains involved in Malware attacks such as C&C (Command & Control) servers.


SysDNS is a module to remotely manage resolvers and authoritative Bind and PowerDNS servers. As an extension of PDNS web interface, it permits management of different ACLs for zone transfers for different scenarios, with both trusted CIDRs and HMAC-MD5 keys.

2 way authentication

As DNS is a critical component of the organizations' Internet presence as well as for internal systems, logins to the PDNS platform are protected by two-way authentication with SMS messages.That way, there's more certainty about the users' identity, because a user owns its cellphone and knows its password.


PDNS keeps track of user modification by means of an encrypted auditlog that honours the privilege hierarchy, having a superadmin that can view all users' activity. Delegation events originated in other systems are also being timestamped and recorded together with manual interventions, to have a better understanding and forensics of DNS configuration history.

Domain and X509 expiration alerting<

PDNS provides ways to protect and alert administrators by e-mail and SMS before his domains are going to expire, by looking up their WHOIS information on a regular basis. X509 certs can also be uploaded as associated information to the domains, and keep administrators alerted about expiry dates.

Multi-tenant, white-label administration

PDNS' web interface is multi-tenant , with granular permissions to ensure proper access privileges and management of DNS resources according to superadmins, admins, resellers and final customers. PDNS can be deployed at customer's premises or as SaaS in the cloud. PDNS can also be implemented in the infrastructure of your company, in addition to being available in Software-as-a-service mode in the cloud.

Contact Us!

Planisys © All rights reserved.