© 2013 Infoblox Inc. All Rights Reserved. Matt Gowarty, Senior Product Marketing Manager Control Your Network with the Power of Automation 1
© 2013 Infoblox Inc. All Rights Reserved.
Matt Gowarty, Senior Product Marketing Manager
Control Your Network with the
Power of Automation
1
© 2013 Infoblox Inc. All Rights Reserved.
($MM)
$35.0
$56.0 $61.7
$102.2
$132.8
$169.2
$0
$20
$40
$60
$80
$100
$120
$140
$160
$180
FY2007 FY2008 FY2009 FY2010 FY2011 FY2012
Total Revenue (Fiscal Year Ending July 31)
Infoblox Overview & Business Update
2
Founded in 1999
Headquartered in Santa Clara, CA
with global operations in 25 countries
Market leadership
• Gartner “Strong Positive” rating
• 40%+ Market Share (DDI)
6,100+ customers, 45,000+
systems shipped
20 patents, 27 pending
IPO April 2012: NYSE BLOX
Leader in technology
for network control
© 2013 Infoblox Inc. All Rights Reserved.
THREAT LANDSCAPE
MOBILE DEVICE
EXPLOSION
CLOUD /
VIRTUALIZATION CONSOLIDATION
SOFTWARE DEFINED
NETWORKS IPv6 TRANSITION
Triggers that are Redefining the Network
3
© 2013 Infoblox Inc. All Rights Reserved.
AP
PS
&
EN
D-P
OIN
TS
END POINTS VIRTUAL MACHINES PRIVATE CLOUD APPLICATIONS
What We Do:
Innovative Technology for Network Control
4
NE
TW
OR
K
INF
RA
ST
RU
CT
UR
E
FIREWALLS SWITCHES ROUTERS WEB PROXY LOAD BALANCERS
CO
NT
RO
L P
LA
NE
Infoblox GridTM
w/ Real-time
Network Database
Historical /Real-time
Reporting & Control
© 2013 Infoblox Inc. All Rights Reserved.
CO
NT
RO
L P
LA
NE
What is the Alternative? A
PP
S &
EN
D-P
OIN
TS
END POINTS VIRTUAL MACHINES PRIVATE CLOUD APPLICATIONS
NE
TW
OR
K
INF
RA
ST
RU
CT
UR
E
FIREWALLS SWITCHES ROUTERS WEB PROXY LOAD BALANCERS
Complexity
Risk & Cost
Agility
Flexibility
QIP MICROSOFT DHCP MICROSOFT DNS VMWARE DNS UNIX BIND
5
SCRIPTS COMMAND LINE
© 2013 Infoblox Inc. All Rights Reserved.
Infoblox Network Automation
6
© 2013 Infoblox Inc. All Rights Reserved.
“Time-to-Value” Inhibited by
Complexity Outpacing Resources
Tasks
Make the infrastructure
more dynamic
Reduce risk
Increase productivity &
network availability
Increasing
Risks, Costs,
Delays
7
Time
Qu
an
tity
/Siz
e
Network Management
Resources
Network Infrastructure
Demands
Network Scale & Complexity
© 2013 Infoblox Inc. All Rights Reserved.
Infoblox Network Automation
8
Discover
Automated Network Discovery Change & Configuration Management
Automate
Compliance & Policy Standardization Maintain
Firewall ACL & Rule Automation Control
© 2013 Infoblox Inc. All Rights Reserved.
Infoblox Network Automation Overview
• Network discovery
• Built-in analysis
• Check against best practices
• Detect issues
• Monitor and manage change
• Automate change
• Maintain compliance
• Provision ACL & rules
Collected Via:
SNMP
CLI/configuration
Syslog
Fingerprinting
Real-time & Historical
Analysis
© 2013 Infoblox Inc. All Rights Reserved.
What’s On and Connected to My Network?
Manual, spreadsheets and/or
scanning tools
– Often out of date
Tight budgets and stretched teams
– Multi-vendor network devices
– Proliferation of IP devices
Ever-changing questions
– What’s on my network?
– Which ports are active?
– Do I need more capacity?
– What device is using which IP?
– When & where did they connect?
10
© 2013 Infoblox Inc. All Rights Reserved.
Automated Network Discovery
Continuous network discovery
– Layer 2 and 3 characteristics
– IP, MAC, port, VLAN mapping
– Track used/free/available switch
ports
End device tracking
– What MAC/end-device connected
– Where and when did they connect
– Find rouge devices and track
blacklist
Automatic IPAM sync
– Single GUI view of end-points with
IPAM
– Up-to-date extensible attributes
11
© 2013 Infoblox Inc. All Rights Reserved.
Keeping Up with Daily Change and Configuration
Extensive manual processes
– CLI
– Scripting
Limited functionality
– Configuration scrapes
– Basic change automation
– Vendor-specific tools
Minimal control & documentation
– Limited work-flow
– Admin or nothing access rights
– Massive files require extensive
manual digging and compiling
12
© 2013 Infoblox Inc. All Rights Reserved.
Change & Change Management
Ongoing management
– Change detection/logging
– Configuration archives
– Simplified searching and side-by-
side comparison
Change automation
– Embedded jobs
– Intuitive templates
– Variable-based jobs
Change control
– User-based access rights
– User-initiated and triggered jobs
– Work flow integration
13
© 2013 Infoblox Inc. All Rights Reserved.
Is My Network Still Compliant?
Different drivers
– External mandates
– Internal security policies
– Networking best practices
Typically reactive
– When something breaks
– When audit is required
Manually intensive
– Massive log files
– CLI access
– Manually collect, aggregate,
tabulate and present findings
14
© 2013 Infoblox Inc. All Rights Reserved.
Compliance & Policy Standardization
Embedded expertise
– Common standards and best
practices
– Easily customizable
– Deployment flexibility
Continuous monitoring
– 24x7 issue detection and notification
– Remediation options
– Network scorecard
Simplified reports
– On-demand reports
– Standard and custom options
© 2013 Infoblox Inc. All Rights Reserved.
So Many Firewalls, So Many Changes, So Little Time
Spike in number of security policy changes
IT headcount not keeping pace
Multiple point products add confusion
Network SLAs impacted negatively
Expensive and diminishes security effectiveness
Manual
Firewall
Change
Needed
Hours/Days Network Provisioning Time
Search For
Devices
1
Figure Out Impacted Devices
2
Determine Correct Config
3
Compare Change to Standards/ Compliance
4
Request Change/
Implement Manually
5
Reconfirm Correctness
and Compliance
6
LEGACY APPROACH TO FIREWALL POLICY CHANGE IMPLEMENTATION
© 2013 Infoblox Inc. All Rights Reserved.
Firewall Rule & ACL Analysis and Automation
Leverage automated discovery
Rule and ACL analysis
– Built-in expertise
– Alert on common firewall issues
– Leverage “simple English” interface
Search and alerting
– Powerful search finds vendor-
specific syntax and commands
– Blacklisting and whitelisting options
Integrated provisioning
– Provision actual changes with
rollback options
– Access-based controls
© 2013 Infoblox Inc. All Rights Reserved.
Automated Task Board &
IPAM Sync
18
© 2013 Infoblox Inc. All Rights Reserved.
Dealing with Common Challenges
Growth in number of common changes
– Add network, turn port up/down, VLAN
assignment, new device install
Multiple people/teams needed for many
tasks – inefficient
– Manual processes and scripts add to
problem
Different team goals and priorities
– “Just because it’s important to you, doesn’t
mean it’s important to me”
Lack of empowerment
– Sit and wait for others
19
DNS – DHCP- IPAM Admins
Network Engineers
© 2013 Infoblox Inc. All Rights Reserved.
Empowering Staff
IPAM sync
– Combine end-point and network
data
– Continuously updated
– Single interface
Automated Task Board
– Simplify common changes
– IPAM and/or network changes
– Add records, hosts, addresses,
etc.
– Create subnets, activate a port,
assign a VLAN
– Delegate down but maintain
control
20
© 2013 Infoblox Inc. All Rights Reserved.
Secure
• Secure hardware form-factor & hardened OS
• Designed to minimize vulnerabilities and
attack surfaces
• Common Criteria certified
Infoblox Value To Our Customer
21
• GridTM technology for fault tolerance,
easy updates and one-click DR
• Optimized for enterprise demand & performance
• Authoritative source for network data Available
• Powerful automation of manual processes
• Reduce change errors & assure compliance
• Save time, money and effort Automated
Automated
Secure Available
Infoblox makes networks more available, secure and automated
© 2013 Infoblox Inc. All Rights Reserved.
Thank You
22