Sicredi Adopts NIOS DDI and BloxOne Threat Defense to continue its growth as a leader in Brazil’s Financial Sector

For many years, Sicredi functioned with a technological infrastructure and virtual machines on ‘open source’ DHCP and Linux tools. Infrastructure Analyst Juliano Luz, who joined Sicredi in 2008, remembers an obsolete environment: “There was a challenge in relation to lack of scalability and agility. The business needed a new application, a new environment,” he says.

Because it worked with open source solutions, the old environment did not have any external support and all problems had to be resolved internally, demanding intense involvement from the IT department. Another concern of Sicredi was strengthening security against cyberattacks.

Sicredi had already implemented an Infoblox solution in 2013, but in 2021, it decided to refresh the technological environment. “The initial implementation of DDI was carried out by the internal team. NTT joined as a partner when we expanded and updated the Infoblox NIOS DDI,” said Luz.

THE CHALLENGE

Obsolete technological infrastructure maintains slow manual processes
The growing number of Sicredi financial projects, services and products needed an environment with greater contingency and scalability. Out-of-date technology limited growth plans. “Our old system ended up being a bottleneck. It was slow to allocate IP and create records in an IP Address Manager in the DNS name,” said Luz. “It was complicated to reserve the IP and register the name, generating lack of control of addressing and problems with infrastructure.”

The infrastructure needed higher availability on DNS servers, for example, so they could replicate files on another machine in an automatic, non-manual way. The IT team also wanted to simplify and accelerate the process of activating projects to release the infrastructure and network teams from these types of tasks. “I would come to the networks team to get an IP and a name and then go to the final part to provide some rules. A virtual machine was created and installed on the operating system. It was very slow,” said Luz.

The new solution also needed to guarantee protection for employees and associates due to the increasingly serious and frequent threat of cyberattacks and digital fraud. The regulatory environment was also becoming more stringent, with Brazil’s Central Bank starting to demand more robust cybernetic security controls and systems in financial institutions.

THE SOLUTION

Simplified DNS administration and greater security against cyberattacks
Sicredi started implementing Infoblox NIOS DDI, which powers the Infoblox basic network services, enabling continuous operation of the infrastructure. Implementation was done with the partner, NTT. First, Sicredi migrated the DNS base to the new Infoblox infrastructure. Over time it has expanded functionalities, internally and externally. Infoblox NIOS facilitated the integration and centralization of Sicredi’s DNS, DHCP and IPAM (DDI) services on a single platform.

“Along with VMware, there was an integration with Infoblox, and all this was automated. Today we can go to a portal, order a machine, register the IP name and reserve the IP; an Operating System is installed and a VM is supplied, ready to use,” described Andrius Lima, Infrastructure Analyst at Sicredi. Infoblox also enabled automations via APIs to help with access by applications from other teams. This functionality has been essential in Sicredi’s pioneering actions in the ‘Open Banking’ and ‘Open Finance’ programs in Brazil.

Infoblox NIOS reinforced security, control and visibility. In 2021, Sicredi invested in BloxOne Threat Defense, Infoblox’s hybrid security solution. This implementation enabled the organization to become more organized in terms of DNS, records and controls and benefit from improved security posture overall. This tool complements functionalities that the previous environment had, such as firewall and DDR.

“Infoblox enabled us to scale our DNS, DHCP infrastructure and organize our environment to handle the growth of the business,” says Luz.

THE RESULT

Infoblox reduced operational costs and facilitated business for Sicredi
The transition to Infoblox solutions represented a huge gain for Sicredi in terms of its quality and agility in delivering resources to the business. The new infrastructure reduced operational costs because network administration tasks are now managed in a single interface, automating and decentralizing essential processes that previously had to be manually carried out in the data center. The cooperatives themselves can now administer their own resources with queue management.

“Infoblox accelerated delivery of our products to associates and end users. Provisioning a machine previously took five days, on average. Today, we can do it in 15 minutes. It is more flexible and agile,” says Luz.

The higher availability of infrastructure allows services to be distributed between the two data centers and makes compulsory interventions without interrupting the service.

“We run periodic tests because of compliance and business continuity. With Infoblox we have the peace of mind when running these tests, knowing there won’t be any impact on Sicredi’s operations,” says Luz.

In terms of cybernetic security, Sicredi adopted measures to prevent malware and ransomware attacks and implemented the BloxOne Threat Defense denial-of-service (DoS) protection tool. The manager says that today it is difficult to imagine Sicredi without the Infoblox solutions: “Within Sicredi, Infoblox is considered to be part of a base service. Losing the NIOS DDI would have an impact in financial and image terms. It’s an essential tool for the functioning of the business,” says Luz.

In the near future, Sicredi intends to integrate Infoblox cloud DNS, acquire a Threat Analytics license and expand security functionalities.