Today, retail organizations’ IT departments face daunting challenges. The network and applications must be available 24x7 because downtime can cost millions of dollars and jeopardize customer satisfaction.

A wide variety of devices, such as point of sale (POS) systems and handheld bar code scanners, are now IP-enabled and connected to store networks, presenting mobile connectivity issues. On top of this, most retailers need to comply with PCI audits and security requirements in order to be authorized to conduct credit card transactions and retain customer data.

As a result, retail networks are increasingly complex. Getting a handle on some of these challenges requires robust core network services – IP address assignment and management (DHCP and IPAM), domain name resolution (DNS) – but they are frequently neglected, compromising the availability and security of the entire network. If core network services don’t work, sales transactions and business stops.


Shortcomings in conventional CNS solutions (i.e., general-purpose servers, operating systems, and freeware) can unexpectedly disrupt the critical applications that depend on them. Specific concerns with conventional solutions in a retail environment include:

• Unreliable with limited DR
• Local survivability at stores/distributed sites
• PCI compliance challenges
• Requires many cycles and experts to maintain, upgrade and patch
• Vulnerable to attacks
• No centralized visibility and control of distributed systems
• No audit logs to investigate network breeches
• No ability to delegate administrative tasks

Availability requirements for POS systems and other applications dictate that CNS be delivered locally in each store; yet, with conventional solutions, servers have to be managed independently and frequent updates/patching can consume IT cycles.

It is difficult to implement high-availability and achieve failover. And, in a disaster scenario, there is little to no ability to easily recover because there is no central point of management for administrators to map around failed servers and re-partition the network.

On the security front, legacy systems are open to attack, which can compromise system availability and integrity. Further, PCI audit requirements include a check for DNS servers and proof that they are up to date and immune to security vulnerabilities – very difficult to achieve with standard DNS servers and software. There is also little means for IP address audit logs/lease history to investigate network breeches.

These inadequacies are not easily overcome using band-aids applied to existing systems, such as overlay management and data back-up systems.

Business Impacts of the “status quo” for Core Network Services

Retail organizations that use conventional approaches to deliver CNS are subject to:

• Millions of dollars in lost transactions
• Business continuity/DR risks
• Cumbersome administrative cycles and high operating costs
• Attacks and breeches
• Compromised reputation due to users unable to process transactions

Ramifications like these merit deployment of a CNS infrastructure that is reliable, manageable and offers unique security and DR advantages for retail environments.


To provide nonstop services, free experts to focus on other critical projects, and improve security- including the ability to achieve regulatory compliance, retailers need to consider Infoblox’s next-generation approach to delivering and managing CNS infrastructure.

• Appliances deliver high availability, secure infrastructure and easy deployment
• Grid technology ensures continuous uptime, centralized management and DR
• Built-in automated IP address management reduces costs and increases visibility
• Virtual appliances ensure survivability while reducing footprint at stores/remote sites
• Monitoring and mitigating capabilities help deal with DDoS attacks
• Granular delegation allows administration for certain tasks to non-expert/local IT people

Appliances can be configured and shipped to remote sites/stores and easily deployed by non IT experts; they can be centrally managed using Infoblox Grid technology, which links appliances into a unified, distributed system that is resilient to network and equipment failures, offers “one-click” disaster recovery, and “one-button” upgrades – no UNIX or Microsoft expertise required.

To reduce footprint at stores and remote distribution or call centers, virtual Infoblox appliances are also available for the Cisco AXP platform on ISR routers and Riverbed Steelhead devices for local survivability of critical CNS.

Additionally, the Infoblox operating software is hardened and, therefore, secure from vulnerabilities, accommodating PCI compliance requirements. And, in the event of a malicious attack, leveraging rich data, such as DHCP lease history, retail IT representatives can easily identify which port had a rogue appliance/address on it and shut down the port, device, and/or identify the malicious user.

Finally, with the growing number of IP-enabled devices continuously added to the network, Infoblox provides many tools for quickly and easily performing and tracking IP allocation and usage.

Infoblox Benefits

• Continuous uptime and “touch of a button” DR
• Free experts to focus on other critical projects
• Reduce administrative overhead and costs
• Increase security
• Increase visibility into and control of who is on the network, when and where

To learn more about Infoblox solutions or to evaluate Infoblox products in your environment, please contact us at info@infoblox.com or call +1.408.625.4200.