6 min Security

Infoblox protects service providers and enterprises with DDI approach

Infoblox protects service providers and enterprises with DDI approach

The Domain Name System (DNS) has long been the foundation for a stable Internet by translating domain names into IP addresses. In order to convert a series of numbers into an understandable domain name, a lot of DNS information usually needs to be shared between servers. To ensure that this process runs as smoothly and securely as possible, various solutions are on the market. Infoblox is a company that provides such solutions so that Internet Service Providers (ISPs) and large enterprise organizations can flourish.

Security was not a priority in the development of the DNS system. As a result, the communication associated with the protocol is almost always vulnerable. DNS is used by a client to request the address of a DNS server and to get an answer, but this communication is always carried out unencrypted. Due to the lack of security, DNS hacking can take place, for example. Cybercriminals change DNS data in order to forward users to servers that the cybercriminals manage themselves. Spoofing is a typical problem associated with DNS.

Traditional security solutions are not sufficient to process DNS requests. Two other standards, DNS over TLS (DoT) and DNS over HTTPS (DoH), seem to make communication somewhat safer. These protocols do encrypt the traffic between the client and the server. However, there are also drawbacks to these methods. A good example of this is the extent to which DNS requests are encrypted over HTTPS. Because of the strong encryption, many firewalls used by organizations cannot detect the traffic, which in turn causes additional worries. Of course, some firewalls are an exception to the rule, but this exception is rare.

DNS works very well in the basics and standards are also being sought to deal with the associated problems. Nevertheless, an extra layer is clearly needed for enterprise organisations and ISPs. A party such as Infoblox is eligible for this.

DDI as a total package

If we look at the Infoblox portfolio, it becomes clear how the approach proves its added value. For example, it has a program for Managed Service Providers (MSPs) that combines various security solutions, in which payment is made on the basis of usage. Enterprise organizations can purchase Infoblox solutions based on a subscription model or as a permanent license.

This program includes Infoblox’s DNS, DHCP (Dynamic Host Configuration Protocol) and IPAM (IP Address Management) services, including a number of other components such as load balancing. When you combine these three solutions, DDI is also referred to. The security solutions are offered as a SaaS solution (ActiveTrust Cloud), an on-premise solution (ActiveTrust) and a hybrid solution.

The DHCP part within the DDI portfolio ensures that an IP configuration can be requested from a DHCP server. The client itself communicates with the server in order to obtain the necessary components of a network interface; the IP address and the gateway, for example. By automating this step, administrators need to go through less manual steps.

However, the approach is only complete when the management platform IPAM is considered. DNS and DHCP function as services for assigning and resolving IP address issues, where IPAM is as it were the last layer of administration. The management platform does this by offering a standard for planning, tracking and managing IP addresses in the network. This involves merging DNS and DHCP data into DDI. In this way, when changes occur in one protocol, updates can be automatically implemented in the other protocol.

The entire DDI approach typifies the vision of Infoblox’s work. ISPs and enterprise organizations need to think about how they manage this part of network security. If we take antivirus vendors as an example, we see that they update their software via DNS tunneling. Data is sent from an internal network to an external network. This connection is unsecured and vulnerable to malware infections (with the usual consequences). DDI addresses these kinds of risks and goes a little further.

Further development of ActiveTrust Cloud and DDI message

Of course, Infoblox also looks at the further optimisation of its services. For example, the ActiveTrust Cloud will focus more on hybrid scenarios. According to the company, customers will continue to use DDI solutions in their own data centers for the time being, as Peer-to-Peer (P2P) services prove their worth locally. For large organizations, it is also desirable to have DDI solutions delivered from the cloud for their global offices. The ActiveTrust Cloud needs to be aligned with this hybrid model, something that will happen with new products and feature updates in the future.

In addition, Infoblox believes that the DDI data at its disposal can still grow. Basically, it already has a large amount of data, but this size will continue to grow. This data will also be shared with the customers’ security and networking teams. Infoblox also receives threat intelligence from partners, while its own data is also shared with other security solutions. As a result, potential threats can be anticipated better.

Bonus security, lots of choices

In doing so, the company is demonstrating that it is further optimizing its products, which is something that is necessary anyway. Infoblox is in a competitive market, which increases the need to be distinctive. Well-known companies like Cisco and Amazon Web Services (AWS) also offer DNS services. They are also some of Infoblox’s biggest competitors. According to Infoblox, it offers more than these parties by focusing entirely on DNS. Infoblox’s research, development and local teams are almost exclusively engaged in DNS services.

However, there are other players in the market who also only provide DNS services, including BlueCat. Such players do not have the size of Infoblox, though. Infoblox’s turnover and workforce would be at least double of BlueCat’s. Infoblox also has a much more dominant local presence, with an office, while BlueCat relies on resellers.

In that respect, Infoblox has its affairs in order, although it must be said that it does not completely dominate the market. Together, other players in this field offer enough alternatives. This will keep Infoblox on its toes to stay ahead of the competition.

All in all, the DNS, DHCP and IPAM services demonstrate their added value in an increasingly connected market. It is also expected that the number of objects and locations that are connected to the Internet will continue to grow, through the Internet of Things, for example. As a result, the demand for the DDI approach is likely to continue to grow, although it remains to be seen whether the full potential will be achieved. Some companies will think that they can arrange DNS themselves or that the basic security is sufficient. The challenge for the DNS market, therefore, lies in convincing them otherwise.