DDoS Protection and Intrusion Prevention Systems
Application Delivery Control
DNS, DHCP and IP Address Management
Data Security for the Data Center
Firewall, IPSec VPN
SSL VPN
 

DNS, DHCP and IP Address Management

Towards the end of 2009, Gartner recognised the importance of core network services like DNS, DHCP and IPAM in a MarketScope report. It used the term "DDI" to represent this emerging technology category.


Infoblox offers solutions that it says can reduce network expenses and increase network availability by automating key components of infrastructure, including IP address management (IPAM), DNS and DHCP.

DNS

The Infoblox DNS QuickSecure Solution uses a protective layer of secure DNS servers between an organizations existing DNS servers and the Internet to as a DNS Firewall that is easy to update as new exploits and subsequent patches are released.

  • DNS servers are vulnerable to cache-poisoning attacks if they process a particular type of DNS request, called a "recursive query", over the public Internet to anonymous, non-trusted DNS servers. These types of requests are made by DNS servers when they dont know the answer to a client request and need assistance from another DNS server. A layer of Infoblox appliances installed between existing DNS servers and the Internet shields the internal DNS servers and allows the appliances to handle recursive queries bound for the Internet, making the internal servers immune to cache poisoning.
  • The Infoblox Reporting Toolkit provides real-time graphs that make it easy to monitor DNS activity and spot attacks. New features in the Infoblox NIOS software provide automatic alerts when attack thresholds are exceeded, and query rate limiting enables administrators to thwart attacks in progress.
  • Dashboard widgets available to provide an overview of the current status of the network, IP addresses, services, network discovery status etc.
  • Infoblox appliances have built-in high availability operation that enables pairs of appliances to operate with zero downtime, even during software upgrades.
  • Infoblox appliances support Anycast, which enables DNS requests to be automatically re-routed away from servers that may be down or under attack.
  • Infoblox Grid technology enables a collection of Infoblox appliances to be managed as a single system. Operations such as software upgrades, system-wide backup and restore, and others can be executed with a single operation, and with no system downtime.

DHCP

Reliable DHCP Service: DHCP is a core network service that is widely used to automatically provision IP addresses for PCs and servers and is increasingly essential with the rapid proliferation of new classes of networking devices, such as IP phones, RFID readers, cameras, and others. Infoblox provides multiple approaches to ensuring availability for this critical service. Infoblox bloxHA and bloxSYNC technologies enable sub 5-second failover between appliances deployed in high-availability pairs and also ensure perfect synchronization between active and failover appliances to prevent the issuance of duplicate IP addresses. Infoblox also supports the DHCP failover protocol, allowing high-availability relationships between appliances on different networks. With DHCP failover, a central DHCP server can backup multiple remote DHCP servers, saving on the cost of providing reliability.

IP Address Management (IPAM)

IP Address Management (IPAM) functionality is built-in to Infoblox NIOS software and includes a comprehensive suite of functions that support address allocation, management, and reporting. Unlike conventional solutions, in which IPAM is "built-on" to DNS and DHCP servers, the Infoblox solution requires no extra appliances or software and provides powerful benefits, including real-time visibility to highly dynamic IPAM data, built-in high-availability and disaster recovery, one-button software upgrades, and an interface that makes it the easiest to use and most powerful in the industry.

IP Management Dashboard

  • Easy access to IP address management, monitoring and reporting
  • Customizable based on administrators role and responsibility
  • Dashboard widgets available to provide an overview of the current status of the network, IP addresses, services, network discovery status etc.
  • Widgets can be created and added to the dashboard easily, much like with iGoogle or MyYahoo
  • Perform about 90% of IPAM tasks directly from the dashboard

Once hardened by CyberGatekeeper, the network only lets compliant systems in. Non-compliant systems are kept out even if they are not running the agent. This behavior differs markedly from approaches that block access only when their agent is installed on a system.