Infoblox: How DDI Can Help Solve Network Security and Management Ills
Network connections can be likened to attending an amusement park, where Dynamic Host Configuration Protocol (DHCP), serves as the ticket to enter the park and the domain name system (DNS) is the map around the park. Network management and security provider Infoblox made a name for itself by collapsing those two core pieces into a single platform for enterprises to be able to control where IP addresses are assigned and how they manage network creation and movement.
“They control their own DNS so that they can have better control over their traffic,” explained Anthony James, Infoblox vice president of product marketing, in this latest episode of The New Stack Makers podcast, hosted by Alex Williams, founder and publisher of The New Stack.
Infoblox’s name for this unified service is DDI, which is shorthand for DHCP, DNS and IPAM (IP Address Management — a repository for every device that gets an IP address).
“The way we think about DDI is that it is the basic foundational element for anyone to connect to a network, and then from the network outside the network, to places like the internet,” James said.
What can often happen is that organizations can struggle when IP addresses become separated and are not converged. “When [organizations] build a network, what usually happens is people take the services for granted,” James said.
Organizations might, for example, install and configure a Microsoft server and add an active directory for authentication, while “just inherently turning on DNS and DHCP,” James described. “That’s a common way to implement those services…What’s the challenge with that? There’s no coordination,” James said. “If you have a security incident where you get notified that an IP address has been possibly attacked, or that it went to a malicious website, now you’ve got to go and look at all those different services, the DNS logs and the DHCP logs that are now on two different infrastructures or on two different sets of infrastructure. It’s hard to figure that out.”
These common IP address management and analysis issues first emerged a couple of decades ago when Infoblox was created. The company founders sought to help to manage the complexity of “figuring out where IP addresses go and how DNS is managed,” James said. “Then, you throw in containerization, so it has just caused this really big explosion of issues to deal with,” James said. “Early on, as networks became more virtual on the application side, starting with virtualization, we said, ‘look, we have this DDI platform that consolidates all the infrastructure basics into one platform — let’s hook into these emerging technologies.’”