Ramblings from another nerd on the grid
DNSSEC is a suite of extensions that add security to the DNS protocol. The core DNSSEC extensions are specified by the Internet Engineering Task Force (IETF) in RFCs 4033, 4034, and 4035, with additional RFCs providing supporting information. This guide provides detailed procedures and conceptual information to help you deploy Domain Name System Security Extensions (DNSSEC) in your organization using Windows Server® 2008 R2.
DNSSEC is an important new feature that provides the ability for DNS servers and clients to trust DNS responses. This adds an additional layer of protection to your network by guaranteeing that the information received from a DNS server has not been modified or tampered with in any way.
The guide also provides information about using the Name Resolution Policy Table (NRPT). The NRPT is a new feature available in Windows Server 2008 R2 that allows you to configure DNS client settings and special behavior for specified names or namespaces. The NRPT is a key component used to configure client settings for DNSSEC-protected zones.
Get the updated guide @ http://www.microsoft.com/downloads/details.aspx?displaylang=en&FamilyID=7a005a14-f740-4689-8c43-9952b5c3d36f.