Home  |   Contact Us  |   Customer Login  |   Partner Login  |     |     |      |  

 
Solutions
Products
Customers
Services & Tools
Support & Training
Partners
News & Events
Company
Library
   Language   
Solutions Overview
Disaster Recovery (DR)
DNS for Service Providers
DNSSEC
DNS/DHCP Infrastructure
DNS/DHCP Best Practices
DNS/DHCP for Microsoft Solutions
IP Address Management (IPAM)
PortIQ™ Appliance
Reporting for Core Network Services
Enhanced VitalQIP
vNIOS™ software on Cisco
vNIOS™ software on Riverbed
Voice Over IP (VoIP)
The Award-Winning DNS/DHCP Solution for
Enterprise Networks
CURRENT BEST PRACTICES FOR SECURE, SCALABLE DOMAIN NAME RESOLUTION SERVICES IN DYNAMIC IP NETWORK ENVIRONMENTS
Infoblox DNS/DHCP solutions are fast becoming the de facto standard in modern enterprise networks. Whether your organization’s network environment relies on Microsoft’s Active Directory or other technologies, Infoblox appliances deliver utility-grade services and management options.

>> See also DNS/DHCP for Microsoft

DNS/DHCP Best Practices Appliance Architecture

An appliance-centric approach to DNS architecture is recommended as an industry best practice for nonstop DNS resolution. From a security standpoint, purpose-built appliances with hardened, purpose-built operating systems, no open ports, and no general user logins are much more difficult to penetrate than general-purpose operating systems with known vulnerabilities.

Infoblox appliances running the NS1® package or the NS1 with Grid™ package deliver high availability based on the industry-standard Virtual Router Redundancy Protocol (VRRP) so that critical name servers are always responsive. And Infoblox grid technology delivers centralized management and reliability across distributed systems.

Infoblox vice president of architecture, Cricket Liu, has ensured that Infoblox’s appliances adhere to industry standards, while making it easier to deploy a best-practices architecture. Infoblox appliances can be configured in any name server role—including internal, external, primary, secondary, caching-only and forwarder—making it possible to address the needs of any organization.

Infoblox DNS/DHCP Best Practices Architecture
Available as Poster. Contact info@infoblox.com

Special features, some unique to Infoblox’s grid, make Infoblox appliances particularly well suited to these roles:

    Internal primary name servers. Infoblox’s support of the GSS-TSIG protocol lets our appliances support Active Directory environments using Microsoft’s Secure Dynamic Update.

    External authoritative name servers. The grid allows easy, single-point upgrading of external authoritative name servers when new versions of BIND are released, as well as simple, quick replacement of appliances in the event of a failure. The appliances’ underlying database allows administrators to change critical zone data without requiring disruptive reloading or restarting of the name server. With views, a single name server can return different responses to different queriers, based on the source of the query. Powerful management facilities like NS Groups let administrators make changes to hundreds or thousands of hosted zones at once, sometimes saving hours of repetitious drudgery.

    Forwarders. Infoblox appliances support both VRRP-based high availability and Anycast, allowing administrators to build a resilient, distributed forwarding infrastructure that spans multiple connections to the Internet.

    Secondary and caching-only name servers. The grid’s incremental replication mechanism makes it possible to keep authoritative copies of internal zone data on name servers at the edges of a network, boosting performance and increasing survivability. The grid’s single-point management and the appliances’ low administrative overhead make it possible to build these highly distributed DNS infrastructures without corresponding increases in required system administration.
Infoblox ROI Calculator
 
© 2010 Infoblox Inc. All rights reserved. All registered trademarks are property of their respective owners. Privacy policy. Site Map.