Recent Posts
- Neustar to keep .us for another decade
- MMX to pay $5.1 million to get out of terrible .london deal
- ZADNA boss canned for “misconduct”
- ICANN’s new conferencing software has a webcam security bug
- ICANN explains how .org pricing decision was made
- CEO lost millions on Manhattan apartment deal just days before AlpNames went dark
- Zimbabwe wants to rebuild its domain market from scratch
- Net 4 India gets brief reprieve from ICANN suspension
- Luxembourg tops 100,000 .lu domains
- China domain smaller than expected
- Charities “could move to .ngo” if .org prices rise
- Airline hit with $230 million GDPR fine
- After five-year wait, .madrid domains coming this month
- Foreigners mostly speak foreign, ccTLD study finds
- .icu joins the million-domains club in one year, but spam triples
- Cloudflare “bug” reveals hundreds of secret domain prices
- .org now has no price caps, but “no specific plans” to raise prices
- CentralNic boosts reseller biz with $11.3 million Hexonet buy
- What happens in Vegas… gets released in .vegas
- ICANN gives .bj to Jeny
- 1.8 million UK grandfathers die after Nominet deadline hits
- .amazon frozen AGAIN as endless government games continue
- Afilias buys the other half of .global
- What time is it? For ICANN, even that can be a controversial question
- auDA reveals cut-off date for 2LD priority
- Nic.br wins dot-brand from Afilias
- Uniregistry offers dating-inspired buy-now domains
- .CLUB lowers premium prices to sell through registrars
- auDA chair racks off after just 18 months
- ICANN launches cash-for-kids scheme
- After $30 million deal, is a .voice gTLD now inevitable?
- Watch John Oliver take down voice.com’s buyer
- Record-breaking $30 million domain sale was financed by cryptocurrency
- .gay not coming out this year after all
- New gTLD registry is latest billion-dollar unicorn
- PwC wants to be your Whois gatekeeper
- .wang cut off with Chinese red tape
- This latest Chinese bubble could deflate ccTLD growth
- Dodgy registrars could be banned from .org promotions
- India’s largest registrar goes insolvent, gets suspended
- ZADNA CEO suspended for “hybrid misconduct”
- Brand kills off gTLD that is actually being USED
- Time for some more ICANN salary porn
- Smaller registrars say .uk release is biased towards the Big Boys
- New gTLDs slip again in Q1
- Second-level .au domains ARE coming soon
- .icu gets China nod as it tops 900,000 regs
- These 27 companies have ditched the .com for their dot-brand
- These are the 10 most-used dot-brands
- GRS has lost three million domains since Famous Four died
Architelos offers entry-level NameSentry
New gTLD software provider Architelos has released a cheaper version of its flagship NameSentry security compliance tool.
NameSentry Lite strips out the automated workflow and mitigation components found in the original, leaving the core threat reports and statistics intact.
It’s designed for smaller TLDs that don’t expect to see a lot of malware or phishing in their zones and it’s priced starting at $139 a month for a TLD with under 5,000 domains under management.
That’s about $100 cheaper than the standard NameSentry, which is geared more towards mitigation and has monthly charges ranging from $249 to $3,999, depending on zone size.
Boutique gTLDs and large portfolio registries such as DotKiwi and Donuts are early customers of the more-expensive version.
Is Architelos the only company providing this kind of tool? I need something like this for my TLD, but it would be nice to see some other options.
I’m not aware of anyone else doing the workflow stuff, but DI PRO has TLD Health Check if it’s metrics you’re looking for.
Artemis / NCC Group Safe TLD service seems to be targeted to the new RA specs as well, but I couldn’t find something online about it.
Netcraft and Team Cymru also have commercial offerings that combined can fulfill the requirements, but combining can also be done on cheaper or free alternatives to build a DIY solution.
Rubens et al.
Netcraft is a great service and you can find more info on their anti-phishing service here http://www.netcraft.com/anti-phishing/
To be clear, NameSentry is different as it encompasses a wider range of abuse types (not just phishing, but also malware, botnets and even spam).
The NameSentry portal option includes automated mitigation workflows which can be customized to the abuse policies and procedures of any given gTLD or ccTLD. Lastly, our prices are posted on our website, as are the terms. A TLD can even choose a month to month option (so no long term contract or financial commitment).
So to compare – a DIY option would involve not only buying various datafeeds, (or standalone monitoring and analysis services for say phishing) for different abuse types, but also aggregating and normalizing the info, and then either doing notification and mitigation steps manually (so personnel in ops/customer service, or abuse analysts) or building and maintaining the system to automate mitigation steps and then document and archive an audit record. In terms of core competencies (and putting the issue of upfront and continued commitment of capital and HR resources aside) not every registry or registrar has the core competency to do this, and do it well enough to stake their contractual compliance on it.
So it is a question of what do you want to focus on and what should be outsourced.
Hope that helps
RA specs on this do not require specific accuracy levels, so contractual compliance is not that much of a risk in this regard. I can see reasons for either DIY or outsourcing considering the whole picture, including end-user perception and corporate social responsibility, but they are all carrots. No actual sticks here.
Thanks for this info. I’m running a single registrant, closed TLD and not expecting too many domains, so I just need whatever is considered compliant.
http://www.selectrealsecurity.com/public-block-lists and http://www.surbl.org/lists have lists of lists and getting thru those would already qualify as going thru reported threats. It needs to go somewhat beyond what is reported directly to the registry, but there is no actual service level or accuracy target on the agreement, so you don’t need to know all threats or try knowing an specified % of those.
The text in the agreement is very non-specific as can be seen below.
FYI
I have copied the specific Spec in the Registry Agreement below.
Specification 11 3.b:. “Registry Operator will periodically conduct a technical analysis to assess whether domains in the TLD are being used to perpetrate security threats, such as pharming, phishing, malware, and botnets. Registry Operator will maintain statistical reports on the number of security threats identified and the actions taken as a result of the periodic security checks. Registry Operator will maintain these reports for the term of the Agreement unless a shorter period is required by law or approved by ICANN, and will provide them to ICANN upon request.”