From back-office administration systems, testing and e-learning applications to enabling wireless Internet access in the residence halls, universities and their constituents have come to rely on the IP network.

Considerable time and effort have gone into making the network infrastructure (i.e., routing and switching) failsafe. However, essential core network services – IP address assignment and management (DHCP and IPAM), name resolution (DNS), etc. – are frequently neglected. If core network services don’t work, the network and applications don’t work and learning stops.


Shortcomings in conventional CNS solutions (i.e., general-purpose servers, operating systems, and freeware) can unexpectedly disrupt the applications that depend on them. Specific concerns in a higher education environment include:

• Disparate systems distributed campus-wide can be a management nightmare
• Requires many cycles and experts to maintain, upgrade and patch
• Unreliable
• Vulnerable to attacks
• Limited means to segment users
• No audit logs to investigate network breeches

Each server has to be managed independently and frequent updates/patching can consume already limited university IT experts and resources, especially as universities are run more like enterprises and each IT staff member has multiple responsibilities. It is difficult to implement high-availability solutions and achieve failover.

On the security front, legacy systems are open to attack, which can compromise system availability and integrity–essential to maintain in university environments where malicious attacks and intrusions (internal and external) are frequent. Further, distinction between administrative and student users with clear access rights is nearly impossible to achieve with discrete conventional systems. There is also little means for university-wide IP address audit logs/lease history to investigate network breeches.

These inadequacies are not easily overcome using legacy systems, or band-aids applied to existing systems, such as overlay management and data back-up systems.

Business Impacts of the “status quo” for Core Network Services

Higher education organizations that use conventional approaches to deliver CNS are subject to:

• Downtime of key applications like registration and online testing
• Cumbersome administrative cycles and high operating costs
• Attacks and breeches of applications and student records
• Poor user satisfaction and compromised university reputation

Ramifications like these merit deployment of a CNS infrastructure that is reliable, manageable and offers unique security and DR advantages for higher education environments.


To provide nonstop services and improve security, higher education institutions need to consider Infoblox’s next-generation approach to delivering and managing CNS infrastructure.

• Appliances deliver high availability services, secure infrastructure and heterogeneous environment
• Grid technology ensures continuous uptime and centralized management
• Delegated administration allows various departments to manage their own DNS zones
• IP address usage monitoring prevents issues at peak hours
• IP allocation history enables investigation into network breeches
• Highly customizable solutions via API and bloxTools allows easy integration within existing environment

Infoblox appliances enable “one-button” upgrades to accommodate new features and easy installation of the latest BIND releases. Additionally, the custom Infoblox NIOS™ operating software is hardened and, therefore, secure from vulnerabilities.

In addition to high availability (HA) between appliances, Infoblox’s Grid technology, which links appliances across a campus and/or a WAN to satellite campuses into a unified, distributed system, provides resilience to network and equipment failures and central management. And, Infoblox provides automated IP address monitoring and alerting, enabling administrators to take remedial steps before there is an issue.

In the event of a malicious attack, leveraging rich data, such as DHCP lease history, available through the Infoblox approach, university IT representatives can easily identify which port had a rogue appliance on it and shut down the port, device, and/or identify the malicious user.

And, to distinguish access rights by user (i.e. student versus faculty), the Infoblox system can be leveraged to authenticate users at the time of IP address assignment to validate the identity of users before granting them access to a network, register unknown users, and ensure that only valid devices and users (i.e. faculty) are granted full access to the network (i.e. administrative systems).

Infoblox Benefits

• Continuous uptime
• Allows delegation and the experts to focus on other critical projects
• Reduces administrative overhead and costs
• Increase security
• Increase visibility into and control of who is on the network, when, where, and what they are accessing
• Integrate perfectly in existing environment

To learn more about Infoblox solutions or to evaluate Infoblox products in your environment, please contact us at info@infoblox.com or call +1.408.625.4200.