What is a DNS zone?
The Domain Name System (DNS) is partitioned into several different zones called DNS zones. A DNS zone is a distinct or contiguous part of the domain name space which represents an administrative space within the global DNS, and is delegated to a specific organization or administrator. Based on the extent of administrative rights delegated, the zones may consist of only one domain or many domains and sub-domains. DNS zones are not necessarily physically isolated from each other; they are used for delegating administrative functions and enabling granular control of DNS components.
What is a DNS zone file?
The DNS zone file is a text based file that is stored on a DNS name server. This file contains information about mappings between IP addresses, domain names, and other resources, organized in the form of resource records (RR). There are two mandatory records which are included at the start of any DNS zone file, they are:
- Start of Authority (SOA) record.
- Global Time to Live (TTL) record.
Apart from these two records, the DNS zone file includes records for all resources described within the zone.
Types of DNS zones
The DNS zones can be classified into the following types:
- Primary Zone
- Active Directory Integrated Zone
- Secondary Zone
- Stub Zone
- Forward Lookup Zone
- Reverse Lookup Zone
- Primary Zone
All domain names must have at least one primary zone. This is the read-write copy of the zone data. Zone updates are made to this zone and then replicated to the secondary zones.
- Active Directory Integrated Zone
Active Directory Integrated Zone is nothing but a Primary Zone with its zone file stored in an Active Directory database rather than a computer. Multi-master replication is employed in Active Directory Integrated Zones, this allows any domain controller running DNS server service to write updates in it's authoritative zones.
- Secondary Zone
The Secondary Zone is a read-only copy of the Primary Zone. The Secondary Zones are used to reduce the workload on the Primary Zone and to prevent a single point of failure.
- Stub Zone
Stub Zones are essentially Secondary Zones which store only partial zone data. The Stub Zones contain only Start of Authority (SOA), nameserver (NS) and A records.
- Forward Lookup Zone
This zone contains mapping from hostname to IP address.
- Reverse Lookup Zone
Reverse Lookup Zones provide IP address to hostname resolution.
Simplify DNS Zone auditing and reporting with ADAudit Plus.
Fully functional 30-day trial
Monitoring DNS zones with ADAudit Plus
Domain naming system (DNS) servers are crucial for the operation of any network. Any unintentional or malicious modification of DNS zone settings can cause service unavailability. Hence it is important to track changes in DNS zones. ADAudit Plus simplifies monitoring of DNS zone by offering predefined DNS Zones Modified reports along with intuitive graphical representation of the same for the ease of comprehension.
Steps to track DNS zone changes
Once ADAudit Plus has been installed, it automatically configures audit policies required for Active Directory auditing.
To enable automatic configuration: Log in to the ADAudit Plus web console → Domain Settings → Audit Policy: Configure.
Modifications in DNS zones can be identified by following the below mentioned steps:- Login to ADAudit Plus.
- Select the required Domain from the dropdown list.
- Go to the Reports tab.
- Navigate to DNS Changes.
- Select DNS Zones Modified.
- Object Name - Name of the DNS zone that has been altered.
- Modified Time - The time at which the change has occured.
- Who Changed - Name of the user who altered the DNS zone.
- Message - A description of the DNS modification that has been carried out.
ADAudit Plus comes bundled with more than 300 predefined reports that make AD auditing easier. The solution also sends real-time alerts for critical events and helps you to secure your network from threats and boosts your IT security posture. Check out the capabilities of ADAudit Plus here.
f
More related links
✕
Native auditing becoming a little too much?
Try ADAudit Plus login monitoring tool to audit, track, and respond to malicious login and logoff actions instantaneously.
Try ADAudit Plus for free