Infoblox is rolling out a unified management platform to allow customers to see, control and secure IT resources spread across their hybrid multi-cloud enterprises.
The Infoblox Universal DDI Product Suite integrates core network security tools to enable efficient management, increase security, and reduce the administrative burden those systems require, according to Mukesh Gupta, chief product officer at Infoblox.
DDI refers to the trio of core network services in IP networks: DNS, which turns domain names into IP addresses; DHCP, which assigns IP addresses to resources; and IPAM, which manages the network’s IP address infrastructure.
Enterprise-grade DDI platforms are becoming a necessity, according to industry watchers.
Trying to rely on manual processes for registering domain names, assigning IP addresses, and configuring host protocols is not only cumbersome but also can be a security vulnerability, warns research firm IDC.
“There are open-source tools for managing various DDI components, such as IPAM, but when organizations begin extending enterprise network connectivity to external cloud-based resources, the basic, fragmented approach of manually managing DDI components becomes inefficient,” IDC stated.
The distributed nature of the modern enterprise network makes it inefficient to manage without automated DDI tools. “Modern, enterprise-grade DDI platforms provide optimized connectivity to cloud-based platforms and advanced management tools for enabling the efficient and secure use of cloud-based services,” IDC stated.
Infoblox Universal DDI provides unified management of network services across hybrid and multi-cloud environments, and it works seamlessly with public cloud DNS systems from AWS, Azure, and Google, Gupta said.
“It streamlines DNS, DHCP, and IP address management, automates asset discovery and analysis, and modernizes critical network services without requiring any customer-side Infoblox infrastructure,” Gupta said. “Optionally, customers can deploy virtual appliances for the DNS and DHCP protocol servers for specialized use cases such as local survivability.”
Gupta gave three examples of how DDI technologies work together:
- DHCP and IPAM: DHCP updates IPAM in real-time, preventing conflicts.
- DHCP and DNS: DHCP informs DNS of new IP leases, ensuring DNS name-to-IP mappings are current and are created/deleted automatically.
- IPAM and DNS: IPAM manages and reconciles the IP space with DNS records to ensure consistency and visibility.
Why DDI is complicated
With hybrid multi-cloud adoption, most enterprises end up with four or five different DNS systems – some example providers are Amazon Route53, Azure DNS, GCP DNS, Infoblox, and Microsoft. Managing multiple DNS systems with completely different user interfaces increases the risk of mistakes, leading to frequent and costly service disruptions, Gupta said.
Another issue is that multi-cloud setups make it difficult to allocate IP addresses effectively across environments. NetOps teams lack visibility into cloud, which often results in wasted resources, Gupta said. In addition, limited visibility across cloud environments can create IP conflicts, triggering application downtime.
“Cloud teams often forget to remove the DNS records when apps are decommissioned. These stale DNS records pose serious security risks,” Gupta said. “Forgotten ‘zombie’ servers in cloud continue to consume resources and inflate costs,” Gupta said.
How Infoblox Universal DDI works
The Infoblox package is designed to address these issues as well as give customers a single, cloud-based management interface – the Infoblox Portal – that simplifies deployment and integration with existing environments, Gupta said.
Integrated DDI also expands asset visibility across the entire hybrid multi-cloud estate, Gupta said.
“This integration provides near real-time updates of asset inventory and enhances proactive security by breaking down silos across NetOps, CloudOps, and SecOps. Users can centrally manage DNS, DHCP, and IP addresses faster and with less effort,” Gupta said. “This centralized control is maintained while still allowing the use of a variety of DNS providers for public clouds, private clouds, campus networks, on-premises infrastructure, and more,” Gupta said.
The Infoblox Universal DDI Product Suite includes three key products. The core Infoblox Universal DDI Management service lets users set network policies and allocate IP addresses across a multi-cloud estate, improving efficiency and reliability while preventing network outages, Gupta said.
Universal Asset Insights provides a comprehensive and context-rich view of assets across hybrid, multi-cloud environments, Gupta said.
“By extending DNS and DHCP to IPAM, Universal Asset Insights offers discovery, analytics, and remediation across an organization’s entire digital estate. With continuous updates to the IPAM inventory, organizations can eliminate the need for outdated manual tracking methods prone to errors and delays,” Gupta said. “Universal Asset Insights also automatically identifies unused IP addresses and zombie workloads, significantly reducing operational expenses and exposure to security risks.”
The third component, Infoblox NIOS-X as a Service, is built to extend critical network services as close to users and workloads as possible without requiring customers to deploy any infrastructure, Gupta said.
“It offers the operational simplicity CloudOps teams need, alongside the resilience, consistency, visibility, and security that NetOps and SecOps require,” Gupta said. “With NIOS-X as a Service, IT teams can modernize on-premises Microsoft DNS through rapid deployment, streamline multi-cloud DNS by consolidating cloud-native services onto one unified solution, and optimize branch operations with infrastructure-free DNS and DHCP services,” Gupta said.
All of the Infoblox components are SaaS-based and do not require customers to deploy or manage any additional infrastructure, Gupta said.
Industry watchers get behind integrated DDI management
The idea of simplification and easing the tediousness of managing DNS, IPAM and DHCP should make the Infoblox package intriguing for many enterprise customers, experts said.
“[Infoblox] dramatically simplifies operational management across multi-cloud environments. Each public cloud service provider has a unique and prescriptive set of operational procedures – and through consolidation and automation, better business outcomes can be realized,” said Will Townsend, vice president and principal analyst with Moor Insights & Strategy.
“It has the potential to eliminate manual processes that run the risk of misconfigurations leading to costly downtime. It can also improve visibility across multi-cloud infrastructure deployments – aiding in the improvement of network assurance and deliver higher availability,” Townsend said.
“The added potential benefit of eliminating blind spots and decommissioning orphaned apps can also equip IT operators with the ability to prevent bad actors from exploiting vulnerabilities for financial gain,” Townsend said.
Enabling integrated management of DNS, DHCP, and IPAM continues to be a major driver of growth, along with the continued drive by organization to optimize their core network services within cloud and multi-cloud environments, IDC wrote.
“Simplified management, powerful automation, and integrated security features will continue to make the market an important area of investment by organizations across the globe in the coming years,” IDC stated.
Cloud-based platforms for managing DDI are growing in popularity. “As more of the DDI market shifts from being deployed as hardware-based appliances to software-based virtual appliances, advanced cloud-based management platforms have emerged for managing those software-based DDI deployments,” IDC stated.
“These cloud-based platforms provide a number of advantages for both enterprise customers and vendors: they provide centralized management of multiple distributed sites, they allow for new features and functions to be rolled out quickly, and they can ease the management burden of enterprises by not having to manage on-premises physical infrastructure, IDC stated.
Source:: Network World