Transcript 2010 Infoblox Inc. All Rights Reserved.

Business Agility through Automated Infrastructure
Nico Wagemans
Maarten Robbrecht
© 2010 Infoblox Inc. All Rights Reserved.
1
About Infoblox
 Market Leader in DNS, DHCP and IPAM (DDI)
 Only company to achieve highest “Strong Positive” ranking
by Gartner*
 The only holistic Network Change & Configuration
Management (NCCM) product
Sample of Infoblox Global
Offices and Support Centers
 First to combine DDI & NCCM
 4,500+ customers and 250+ of the Fortune 500
•
•
•
•
•
USA
Netherlands
Australia
Hong Kong
Singapore
•
•
•
•
•
Japan
India
China
Canada
More…
 Presence in over 30 countries, global TAC centers
and 24/7 support. 170+ engineers
* November 2009 DDI Marketscope Report
© 2010 Infoblox Inc. All Rights Reserved.
2
Sample of Global Customers & Partners
Customers
Financial Services
American Express
Bank of Tokyo
Barclays
UBS
US Bank
Visa
Wells Fargo
Telecom
AT&T Broadband
Cable & Wireless
Sprint
T-Mobile
Telus
Verizon/Alltel
Vodafone
Technology Alliances
High Tech/Consulting
Government
EDS
HP
IBM
Juniper
National Semiconductor
Raytheon
Siemens
Bundesagentur Fuer Arbeit
Dept. of Homeland Security
Swiss Armed Forces
U.S. Army
U.S. Courts Admin. Office
Retail/Services
Abercrombie & Fitch
FedEx
Hertz
L.L. Bean
Staples
Tiffany & Co.
W.W. Grainger
Education
Manufacturing
Brown University
Harvard
NYU
Northwestern Univ.
Univ. of California
Univ. of Notre Dame
Univ. of Pennsylvania
3M
Boeing
Caterpillar
Danone
Ford
General Electric
Whirlpool
© 2010 Infoblox Inc. All Rights Reserved.
Life Sciences
Amgen
Blue Cross
GlaxoSmithKline
Johnson & Johnson
Pfizer
Media/Internet
DirectTV
New York Times
Reuters
Time Warner
Universal Studios
Energy
Aramco
Exelon
Halliburton
PG&E
Progress
3
Infrastructure Automation is Strategic
Quantity / Size
TASK
Users, Devices, Systems,
Applications, Protocols,
Services, Virtualization, Mobility…
Network
Infrastructure
Demands
People, Budgets
Network Scale
& Complexity
Increasing
Risks, Costs,
Delays
Network
Management
Resources
Time
© 2010 Infoblox Inc. All Rights Reserved.
4
Why Over 4,500 Organizations Rely On Infoblox?
 Business Availability
 Non-stop “always on” Network
600
65%
Why did you
buy from
Infoblox?
 Real-time visibility on IP end points
 Proactive detection of issues
500
400
57%
 Network Control & Compliance
300
43%
 Improved agility with real-time dynamic
visibility
40%
36%
200
 One click reporting on regulatory compliance
and internal policy
10%
 Real-time analysis of the impact of changes
 Efficiency and Automation
100
0
Increase
availability
Better
Control
Compliance
Reduce Automation Security
downtime
Other
 Automated provisioning of IP endpoints and
network change
 Enhanced efficiency in virtualized
environments
 Tools to identify, verify, and remediate issues
quickly
© 2010 Infoblox Inc. All Rights Reserved.
5
Infoblox DDI Solution
The Glue Between Networks and Applications
 IP address Management (IPAM)
Applications
- Planning
- Allocation
- Operations
 Resilient Service Delivery
DNS, DHCP and
IPAM
- Domain Name System (DNS)
- Dynamic Host Control Protocol (DHCP)
Infrastructure
- Other (Time, etc.)
Underperforming DDI is often the weak link in a network
© 2010 Infoblox Inc. All Rights Reserved.
6
Legacy Service Delivery Problems
Complex mix of vendors and platforms
 Disjointed management
 Often running on general
purpose operating system
DNS
 Lower performance and
reliability than rest
of network
DHCP
© 2010 Infoblox Inc. All Rights Reserved.
7
IP Address Management Problem
 Inconsistencies between
reality and IP Address
spreadsheet
 Prone to errors and omissions
 Slow, manual IP provisioning
 Stressed by Increasing
complexity
• Mobility and IP device growth
• IPv6 and DNSSEC
• Data center virtualization
 Other hidden risk factors
• Hard to find and resolve problems
• Over dependence on key employees
• No effective auditing
• Sub-optimal service infrastructure
© 2010 Infoblox Inc. All Rights Reserved.
8
Always On Patented Infoblox Grid™ Technology
Grid: A collection of secure member
appliances, providing one or more
services (DNS, DHCP, Discovery, File
Delivery, etc.)
Member
Member/
Grid Master
Candidate
Member
Coordinated by the grid master
Grid Master
Sharing a distributed database over
real time secure connections
Member
• Centralized management with secure delegation
of IP provisioning tasks
• Real time IPAM & discovery
• Real time and historic reporting
• Failover and disaster recovery for services, data
& management
• In service updates and upgrades
© 2010 Infoblox Inc. All Rights Reserved.
Member
Grid
Manager GUI
9
Infoblox IP Address Management (IPAM)
Replace spreadsheet and manual process with
Infoblox IPAM
DISCOVERY
DNS/DNSSEC
DHCPv4/DHCPv6
Network
IP Endpoints
© 2010 Infoblox Inc. All Rights Reserved.
Switch/Routers
10
Use Case: Simplify Provisioning and Change
Easy to move, add or change network
• Shorten planning cycle
-
View network
Select available or existing
Reduce or enlarge
Split and join
• Eliminate procedural delays
• Built-in error checking
• Closed loop update
- DNS/DHCP configuration
- Update to IP Map
Right-click
for details
Select and drag
Select
Area
- Documented change history
© 2010 Infoblox Inc. All Rights Reserved.
11
Full IPv6 Network Meta Data
Table View
• Multiple columns with meta data
• Customizable columns
© 2010 Infoblox Inc. All Rights Reserved.
12
Full IPv6 Network Meta Data
Smart Folders
• Report based on meta data
• Customizable
• Real Time
• Hierarchical
© 2010 Infoblox Inc. All Rights Reserved.
13
Use Case: Automated IP Allocation
IPAM tools streamline process and ensure
accuracy
 Discover and map
 Select available IP
 Click to edit
Select any available IP
and assign to a host
 Name and properties
 Zone and other attributes
 Closed loop update of
DHCP and DNS records
 Automatically logged
and classified
Instantly resolve issues
such as IP conflict
 Easy to troubleshoot
© 2010 Infoblox Inc. All Rights Reserved.
14
Link-Local in Host Record
© 2010 Infoblox Inc. All Rights Reserved.
15
Use Case: IPAM for Virtualization
Manage at the Speed of
Virtualization
 Maintain available IP pool
 Dynamic allocation
–
–
–
–
DHCP reservation
DNS records
Log and classify
Update of IP MAP
 Associate virtual to physical
–
–
–
–
Which virtual machine
Which virtual switch
Which physical machine
Which physical switch
Virtual Machines
Virtual Machines
Virtual Machines
App App App App
App App App App
App App App App
OS OS OS OS
OS
OS
ESX Server
OS
OS
OS
ESX Server
OS
OS
OS
ESX Server
Physical Servers
Core Layer
Distribution and
access switching
 Full path visibility – end to end
 Solve problems across data
center and network boundary
© 2010 Infoblox Inc. All Rights Reserved.
16
Use Case : IPAM for Virtualisation
Visibility Into Virtual Environment
Virtual machines
grouped by VMware
Datacenter
© 2010 Infoblox Inc. All17
Rights Reserved.
Virtual machines
grouped by switch-ports
Virtual machines
grouped by VLAN
Use Cases: Manage Transition to IPv6

IPAM
-

External
DNS
IPv6
and
IPv4
Networking Protocols
-

IPV6 address allocation
IPv6 host objects
IPV6 subnet allocation
Split or Join IPv6 networks
Dual stack in Grid Members
Zone transfers from/to IPv6 addresses
Dual
Stack
Hosts
IPv4
Hosts
DNS/DHCP Protocols
-
Respond to any IPv4 or IPv6 client
AAAA records in the forward zone
ip6.arpa reverse zone management
ACLs for IPv6 addresses and networks
DNS64
DHCPv6
IPv4
Clients
18
© 2010 Infoblox Inc. All Rights Reserved.
Use Cases: Manage Transition to IPv6
Leadership
Low Risk Adoption
Helps customers plan and
Extend current IPv6 DDI
execute gradual adoption of
solution with unique
IPv6 technology without
features that help customers
intrusive architectural change
more easily incorporate IPv6
or network disruption
into their network
Powerful New Features
NIOS 6.1 extends Infoblox’s current market leading, IPv6 enabled, High
Availability DDI offering with powerful features such as:
–
–
–
–
–
IPv6 IPAM automation
Dual stack IPv4 and IPv6 services
IPv6 DHCP for dynamic address allocation
DHCP IPv6 prefix delegation option
DNS64 to translate IPv6 DNS lookups on IPv4 resources
© 2010 Infoblox Inc. All Rights Reserved.
19
Typical Customer Roadmap?
at network edge for
Phase 1 IPv6
Internet facing services
–
–
–
–
Web
Email
Cloud applications
Time to deploy DNSSEC
Today
Transitional
IPv6 Backbones
Customer
Provider
DNS/DHCP with dual
Phase 2 Internal
stack IPv6 & IPv4
– Needs robust platform
– This may drive platform
upgrades
migration to IPv6
Phase 3 Architectural
backbone with “legacy islands”
Internet
All IPv4
IPv4 and IPv6 Co-Exist
IPv4
IPv4 & IPv6
Phase-out of IPv4
IPv6
– Translation technologies
– Broad use of tunneling
© 2010 Infoblox Inc. All Rights Reserved.
20
Internal IPv6 Build-out
 IPAM Automation for IPv6
 64-bit, dual stack appliances
 DHCP for IPv6
– Dynamic addresses
– Delegate ranges
“downstream”
 DNS64 with NAT64 protocol to
reach IPv4-only hosts
– Legacy internal applications
– Legacy external web
servers
– Partners (F5, Cisco, Juniper,
IPv4
IPv4
only
IPv6
Dual Stack
Hosts and
Infrastructure
IPv6 only
DNS - 64
Nat64
Translator
2001:::::::
2005:::::::
Downstream
subnets
etc.)
© 2010 Infoblox Inc. All Rights Reserved.
21
DNS64 – Infoblox Feature
ns1.v4only.com
1 Client queries
www.v4only.com
2
2
6
2
NAT64
Protocol
Translator
4
7
3
synthesizes a IPv6
address
to return to client – using
/96
prefix
Client
sends packet to
synthesized IPv6 address
which routes to the NAT64
protocol translator
5 NAT64 device translates
4
1
64::ff9b/96
queries name server for
v4only.com and gets no
AAAA response
3 Recursive name server
5
Internet
www.v4only.com AAAA to
local recursive name
server
Recursive name server
Recursive
Name Server
running DNS64
packet to destination
IPv4 address
6 IPv4 only web server
returns the response over
IPv4 to NAT64 device
7 NAT64 device converts the
IPv4
© 2010 Infoblox Inc. All Rights Reserved.
IPv6
packet to IPv6 to return to
the originating client
22
Enabling The Dynamic Network
Visibility
and Automation
Applications
Infoblox DDI
Provide DDI service
Detect IPs
Communicate
/ Take Action
DNS / DHCP / IPAM
Closed Loop
Automation
Infoblox NCCM
Check Infrastructure
Routing, Switching…
Recognize change
© 2010 Infoblox Inc. All Rights Reserved.
23
Automated Network Change & Configuration
Management
Understand Cause & Effect
 Full discovery and visualization of
network Infrastructure
 Collect & analyze network
infrastructure configurations
 Track and automate network
changes
 Identify violations of best practice
rules
 Identify security and compliance
policy violations (SOX, HIPAA,
PCI, etc.)
 Identify, verify and remediate
issues proactively
© 2010 Infoblox Inc. All Rights Reserved.
24
THANK YOU !
© 2010 Infoblox Inc. All Rights Reserved.
25