Infoblox DNS and DHCP Overview


Published on

Overview of appliance for DNS and DHCP.

Published in: Technology
1 Like
  • Be the first to comment

No Downloads
Total views
On SlideShare
From Embeds
Number of Embeds
Embeds 0
No embeds

No notes for slide

Infoblox DNS and DHCP Overview

  1. 1. Infoblox DNS ManagementAdvanced Tools to Simplify DNS December 2007OVERVIEW • Infoblox appliances with the DNSone® package provide advanced DNS management features with an intuitive GUI on a high-availability platform with real-time disaster recovery capabilities. This allows IT departments to truly provide DNS services in a utility model. • Infoblox appliances for DNS adhere to all industry standards, which allows for a smooth migration to an all-appliance solution. Alternatively, the Infoblox appliance can be used as a tool for managing DNS services on existing servers. While this solution does not take advantage of the resiliency and security of the Infoblox appliance, it ensures current investments in hardware are not wasted.Infoblox Platform Advantages - General Secure appliance platform – Easier to deploy on hostile networks (e.g., DMZs), more secure physically Low cost of ownership – Ability to build distributed infrastructure without incurring high administrative cost Built-in resiliency/disaster recovery (DR) features – Easy recovery of services after a catastrophe, elimination of ad hoc DR solutions Support for VRRP-based high availability – Ability to use redundant HA pairs for critical servers Easier and less frequent patching – Less administrative effort, less disruption of service Unified GUI for management of DNS and DHCP – Exploits commonalities in configuration of the two protocols, ensures consistency between their configuration Platform-independent (Java-based) GUI – Runs under any web browser, not just on Windows Global search – Simplifies finding data in arbitrary zones or lease pools Recycle bin – Allows easy recovery of accidentally deleted data Hierarchical configuration – Simplifies configuration of parameters common to most DNS servers or DHCP servers in an organization IPAM functionality – Ability to easily manage an organization’s entire address space Fine-grained authorization – Ability to safely delegate management of zones and networks to help desk, operational personnel Audit logging – Visibility into what administrators have done, as well as when those actions took place – Compliance with regulations (e.g., Sarbanes-Oxley) – Extensive logging Built-in troubleshooting tools – Easier troubleshooting of problems with a standard set of tools© 2007 Infoblox Inc. All rights reserved. All registered trademarks are property of their respective owners.
  2. 2. Infoblox DNS ManagementAdvanced Tools to Simplify DNS December 2007 SNMP (MIB and trap) support – Integration into existing SNMP-based monitoring systems Support organization with deep expertise in DNS and DHCP – Highly skilled support staff accessible without multiple levels of escalationAdvantages of the Infoblox DNS Solution Secure Dynamic Update support without a Domain Controller – Ability to separate DC and name server, thereby compartmentalizing risk and disentangling maintenance schedules Support for member-based management and member-independent management – Easier delegation of low-level data management to operations/help desk Support for query, recursive query, and zone transfer ACLs – Required on many Internet-accessible name servers (e.g., forwarders, external authoritative name servers) Support for TSIG – Better security for zone transfers to and from remote name servers Support for GSS-TSIG – Secure DDNS updates from Windows computers Support for NS Groups – Much easier handling of en masse changes of authoritative name servers Support for views – Ability to securely combine name server functions and to serve multiple versions of a single zone, even across multiple name servers (unique to industry) Support for Anycast – Ability to build very resilient name server infrastructure Support for Zone Locking – Allows operators to “own” the zone while making changes to avoid double edit issues Support for disabling zones – Allows zone to be created but not activated, or to be deactivated without deletion Support for Shared Records – Elimination of redundant administration when records appear in multiple zones Support for incremental updates – Changes made in the GUI only result in IXFR to external (i.e., non-Infoblox) name servers Support for sortlist – Configurable address responses to direct clients to the closest instance of a network resource IPv6 support Extensively configurable logging – Ability to filter out nuisance messages, select critical messages Support for syslog, including remote syslogging – Standard mechanism for logging across a network, works with third-party log analysis tools© 2007 Infoblox Inc. All rights reserved. All registered trademarks are property of their respective owners.
  3. 3. Infoblox DNS ManagementAdvanced Tools to Simplify DNS December 2007 Configurable host naming restrictions – Allows administrators to configure and enforce organization-specific host naming rules Selection of authoritative name servers and forwarders based on roundtrip time – Better name server performance and greater resilience in the face of network and component failures Credibility mechanism for protection against cache poisoning – Better resistance to pharming attacks Policy and error checking at time of input – The GUI prevents data entry errors and allows for hostname templates by zone Data Import Wizard (DIW) – DIW allows migration of existing data, including cleansing of data and error checking before importAdvantages of the Infoblox DHCP Solution Support for DHCP Failover – More resilient DHCP service without split scopes Lease history – Ability to track history of address assignment for regulatory compliance, forensics, troubleshooting Easier configuration of custom DHCP options – Easier support for VoIP phones and other non-Windows DHCP clients Support for filtering (based on MAC address, relay agent, option) –Ability to restrict leases to only known clients, clients using a particular DHCP relay, or according to other criteria Templates for easy duplication of common network configurations –Streamlines creation of new DHCP ranges, minimizes errors, and helps ensure consistency Support for joining/splitting networks – Easier reconfiguration when network changes Easier and more complete access to DHCP statistics –Better visibility of state of network, easier detection of DHCP range exhaustion Support for member-based management and member-independent management – True global management, without being forced to remember which DHCP server serves a particular range –Searching of leases across all managed DHCP servers Support for converting dynamic leases to static and back –Streamlines common administrative tasks Name collision detection – Eliminates the inadvertent deletion of important resource records© 2007 Infoblox Inc. All rights reserved. All registered trademarks are property of their respective owners.
  4. 4. Infoblox DNS ManagementAdvanced Tools to Simplify DNS December 2007 More flexible handling of dynamic updates – More options when choosing how DHCP clients are registered, allowing DHCP clients to move from wired to wireless networks while preserving their domain names, for example Detection of overlapping ranges – Elimination of potentially disruptive configuration mistakes Your Infoblox Reseller (866) 833-4070© 2007 Infoblox Inc. All rights reserved. All registered trademarks are property of their respective owners.