SolidDNS™ fully supports DNSSEC, a suite of protocols designed to secure DNS service by authenticating the sources of DNS data, providing authenticated denial of existence, and ensuring DNS data integrity. DNSSEC uses digital signatures and PKI technologies. SolidDNS™ provides a user-friendly, graphical interface to the complex DNSSEC procedures, greatly simplifying implementation. It also supports advanced DNSSEC features such as key management options and NSEC3.

The diagram shows how SolidDNS™ uses DNSSEC to provide security for DNS. When queries are sent to a SolidDNS™ appliance acting as validating DNSSEC-enabled server (NS1), the validating server queries a SolidDNS™ appliance acting as an authoritative DNSSEC-enabled server (NS2). The authoritative server returns a digitally signed response. The signed data is verified by the validating server using a stored public key of the authoritative server. If the DNS data is authentic and untampered, the appropriate data is sent as a response to the requesting client.