1 | © 2013 Infoblox Inc. All Rights Reserved. 1 | © 2017 Infoblox Inc. All Rights Reserved.

David Veneski | October 31, 2017

Implementing a Well-Behaved Network for

Your Cloud

2 | © 2013 Infoblox Inc. All Rights Reserved. 2 | © 2017 Infoblox Inc. All Rights Reserved.

What We’ll Talk About

• The changing landscape

• Network services and the cloud

• The network service imperatives you/we see

• The desired outcomes for a well-behaved network

• A case study

3 | © 2013 Infoblox Inc. All Rights Reserved. 3 | © 2017 Infoblox Inc. All Rights Reserved.

What You Knew: Datacenter in Transition

Data Center Stages

CLOUD & CONTAINERS

CONTAINER CONTAINER

KERNEL

SQL Server

NET

Ubuntu

Tomcat

Java

Debian

YESTERYEAR’S

DATA CENTER

APP APP APP

CPU CPU CPU

CapEx Efficiency

VIRTUALIZED

DATACENTER

APP APP APP

Manage

OpEx Agility

Every stage remains essential

4 | © 2013 Infoblox Inc. All Rights Reserved. 4 | © 2017 Infoblox Inc. All Rights Reserved.

Critical Network Services

• Unseen, but every network needs them

DHCP: To get an address

DNS: To make web-based services reachable

IP Address Management: To keep addresses in order, save

time and manage resources

• “DDI” on an appliance, virtualized or in the cloud

DDI remains essential to your cloud journey

5 | © 2013 Infoblox Inc. All Rights Reserved. 5 | © 2017 Infoblox Inc. All Rights Reserved.

Manage DNS manually

or with custom scripts1

Want discovery, control on new

spun-up assets 1

DNS - most common

application layer attack2

8/10 81% 79% #1

Obsolete Processes

Disparate Platforms

Limited Oversight

Security/ Compliance

Yesterday’s DDI

methods:

unsuited to

tomorrow’s

requirements

Operational

inefficiencies and

silos across

platforms

Lack of single

pane of glass

visibility for

traditional, virtual

and cloud assets

Inconsistency

and DNS-based

exploits expand

security and

compliance risks

1. Infoblox Study: ReRez Research on behalf of Infoblox 2. Arbor WISR2016 report

Of cloud deployments use 3 or more

platforms1

DDI Issues and the Cloud

DDI is (too) often an afterthought in cloud network

deployments

6 | © 2013 Infoblox Inc. All Rights Reserved. 6 | © 2017 Infoblox Inc. All Rights Reserved.

Four DDI Imperatives for the Cloud

Insight for

management,

compliance reporting

and planning

Defense against

DNS-based

attacks and

network-based

threats

1. Scalability 2. Visibility 3. Manageability 4. Security

Automation across

environments and

integrated with cloud

orchestration platforms

DDI that scales

across network

subnets, zones,

sites and clouds

A well-behaved network has/will have these needs

7 | © 2013 Infoblox Inc. All Rights Reserved. 7 | © 2017 Infoblox Inc. All Rights Reserved.

Imperative #1: Scalability

Increase efficiency and

effectiveness by consolidating

DNS, DHCP and IPAM

Centralized management of IP

addresses, hosts and resources

A distributed architecture to

support expansion while providing

reliability and fault-tolerance

Branch

Office

DDI

DDI

DDI

DDI Recovery

Site

Microsoft

DNS/DHCP

8 | © 2013 Infoblox Inc. All Rights Reserved. 8 | © 2017 Infoblox Inc. All Rights Reserved.

Imperative #2: Visibility

Procure insight across

environments for reporting,

analysis and planning

Granular DNS and DHCP data

Integrates data from the network

infrastructure

Dashboards and data

visualization

Built-in and ad hoc reports

Analytics that inform planning

Branch

Office

DDIDDI

DDI

DDI

9 | © 2013 Infoblox Inc. All Rights Reserved. 9 | © 2017 Infoblox Inc. All Rights Reserved.

Managing DDI for a

cloud or can be

slow with potential

for errors

Increase efficiency

and confidence in

results

Imperative #3: Manageability

Desired DDI process with a cloud

Common DDI processes with a cloud

Provision Virtual

Instance

1 2 3 4

AUTOMATED MANUAL

5 6

DAYS

Provision Virtual

Instance1

AUTOMATED

MINUTES

2 3 4

AUTOMATED

5 6

Implement change anytime: DNS names, IP addresses

No tickets between network, server teams for DNS, IP

Automatically reclaim resources on spin down

Manual processes and record-keeping. Possibly open loop.

10 | © 2013 Infoblox Inc. All Rights Reserved. 10 | © 2017 Infoblox Inc. All Rights Reserved.

Imperative #4: Security

Protect against DNS-based

threats and exploits

Up-to-date safeguards against

evolving threats

Contain data exfiltration and

malware

Outbound APIs to link DDI data

to synergistic security products

i

11 | © 2013 Infoblox Inc. All Rights Reserved. 11 | © 2017 Infoblox Inc. All Rights Reserved.

Infoblox DDI for a cloud network

1. Scalability 2. Visibility 3. Manageability 4. Security

12 | © 2013 Infoblox Inc. All Rights Reserved. 12 | © 2017 Infoblox Inc. All Rights Reserved.

“Infoblox offered simplicity of

deployment, ease of management,

market-leading functionality, and

most importantly, excellent APIs for

data center automation.”

- Abhay Kulkarni, VP of Engineering and

Operations, Netskope

Problem

• 50% of data in cloud applications outside of

the locked-down network

• Needed a solution that offered automation,

ease of management and scale on a secure

platform

Solution: Infoblox DDI

• Scales: Seven globally distributed data

centers

• Visibility: Single-pane-of-glass, across

subnets and environments

• Management: Automates spin-up of new

virtual machines as workload increases

Case Study: Netskope

13 | © 2013 Infoblox Inc. All Rights Reserved. 13 | © 2017 Infoblox Inc. All Rights Reserved.

Why

●

●

●

Protects the network and data,

coupled with an ecosystem of

3rd party integrations●

7,000+ customers, over 300 of

the Fortune 500 companies

Scalable and secure DDI

services that cross networks,

platforms and environments

Comprehensive visibility across

environments to accelerate

troubleshooting and planning

14 | © 2013 Infoblox Inc. All Rights Reserved. 14 | © 2017 Infoblox Inc. All Rights Reserved.

Q&A