If there's no such thing as a free lunch, how can there be a free service that handles a network management function as critical as DNS? That's what corporate IT executives are wondering as they consider two vendors touting free DNS services that are supposedly ready for the enterprise.

Both vendors -- OpenDNS and NeuStar -- are offering free recursive DNS service, which is the type of DNS service that lets employees surf the Web by typing domain names into their browsers and translating them into the corresponding IP addresses.

The free services don't include external DNS, which is how a Web site such as Amazon.com publishes the latest information about its DNS and IP address changes to its customers over the Internet.

The question for corporate IT executives is whether the free recursive DNS services are too good to be true.

"There really is no reason why you wouldn't go down this road unless you've already invested heavily in an external DNS infrastructure, which is what all the major e-commerce sites have done," says Robert Whiteley, senior analyst with Forrester Research. "The vast majority of the market is still in need of making sure employees have better access to the Web."

Whiteley says outsourcing DNS is a good idea for many midsize organisations because they typically don't have expertise on staff to manage this critical function.

"DNS is the new black art," Whiteley says. (Though DNS is by no means new, celebrating its 25th birthday in 2008). "DNS is something that not a lot of companies have a good grasp of. There are few people who can manage their DNS environment well, who can scale it, secure it and bring it back online in the case of a disaster."

That's why Whiteley says the free recursive DNS services are a good choice for many companies.

"It's perfectly legit," Whiteley says, adding that DNS is "a blind spot for lots of organisations. Lots of organisations spend countless dollars on forward proxies, Web proxies and URL scrubbers to essentially achieve a similar capability. Now they don't have to be mucking around in DNS so much. Now they can offload recursive DNS so they can concentrate on other evolving threats."

OpenDNS pioneers free DNS

OpenDNS is the pioneer in the area of free DNS services. Launched 18 months ago, it provides what it says is a faster, more reliable alternative to DNS services offered by ISPs. Individuals and companies sign up for the free OpenDNS service, and it handles their DNS queries for them.

It makes money by selling advertising on its re-direction service. When users type a wrong address in their browsers, OpenDNS redirects them to the most likely site. The re-direction page has advertisements. OpenDNS also provides Web content filtering services and operates PhishTank.com, a community site that fights phishing.

Originally focused on consumers, OpenDNS says its customer base has grown to 3 million users, including 10,000 schools and thousands of small to-midsize businesses.

"ISPs are not that good at DNS," says David Ulevitch, president of OpenDNS. "That's why a lot of people are starting to unbundle DNS from their ISP. We can offer more features and more control over their network. DNS is the unsung hero of the Internet. When it goes away, it's a massive disaster. But when it works, nobody thinks about it."

Among its enterprise customers is Jackson Public Schools, the largest school district in Mississippi with 36,000 users. The school district processes as many as 15,000 DNS requests per hour from its students, teachers and administrators.

OpenDNS' service has been "rock solid for us," says Gavin Guynes, director of IT services with Jackson Public Schools, which switched from BellSouth's DNS service to OpenDNS a year ago. "We've seen no drawbacks to date."

Guynes says he likes the extra services offered by OpenDNS, including the re-direction service and Web filtering.

"We're trying to combat spyware, spam and all of that," he says. "People have a tendency to misspell stuff and go to sites they shouldn't. OpenDNS cuts down on a lot of that."

Guynes adds that its performance "has been great...and the reliability has been perfect."

Handbag designer Kathy Van Zeeland switched to OpenDNS last May, after using a free DNS service from its ISP. Kathy Van Zeeland has 65 users in offices in New York City and Long Island.

Find your next job with techworld jobs