Infoblox Helps North American Provider Evolve and Expand

Summary

Infoblox Authoritative and Recursive DNS, coupled with DNS Cache Acceleration, provides an operationally efficient foundation that this provider can build upon as it transforms from physical infrastructure while expanding its 5G and broadband footprint. The Infoblox solution enables the provider to modernize its network and deliver microsecond latency to its subscribers for better performance while streamlining operations to position the company for increased subscriber growth.

The Customer

This North American communications and media company provides services that span wireless communications, cable television, Internet, and information technology segments to consumers and businesses. With over 11 million wireless subscribers, it is undertaking a significant expansion of its new 5G network across the country, intending to reach over half the population. It is also making a big bet on next-generation 5G and broadband cases that will deliver growth and prosperity to their market, with the need to provide ultrafast speeds and increased data capacities to an ever-increasing number of subscriber devices.

The Challenge: Build A Standardized Private Telco Cloud

Over the years, the service providers network had grown and expanded using physical network functions (PNFs) from a multitude of vendors. It did not have a standardized private cloud, and the number of PNFs required was creating operational headaches. But to provide new use cases such as the Internet of Things (IoT) and sensors, mobile health, telesurgery, automated manufacturing, smart cities and connected vehicles, its network demanded more significant levels of automation, scale and efficiency. It needed to move from a physical to a virtualized world and build a standardized private telco cloud that provided ease of design and operations while also enabling it to leverage third-party public clouds in areas where the company might not have a local presence. Most importantly, it also recognized that it needed a usage-based model that afforded it financial predictability and design flexibility—to quickly expand its use of the cloud as much as it needed without worrying about the cost of each virtual machine.

The Situation: Evolving the Network to Power Future Workloads

This provider for years had relied on Cisco Prime Network Registrar (PNR) to manage its DNS, DHCP, and IP address management (IPAM) services. But due to the age of its existing solution and the fact that it was based on physical appliances, the company realized that its current strategy would directly affect its virtualization plans, not to mention subscriber satisfaction, revenue and reputation.

The service provider first realized that in not using a virtualized, usage-based model, its options were limited given the architectural design of its network. It needed complete freedom to design the network without having to worry about cost limitations. For example, providers must position DNS services at the edge to ensure unhindered traffic flow. If the company followed its current physical trajectory, expansion to the edge would have increased the number of PNFs significantly and its costs. Physical appliances were no longer feasible. Instead, it embraced network functions virtualization (NFV) as a critical technology to promote service agility for faster rollouts, reduced costs and elastic scalability—with the ability to spin up virtual instances across its telco cloud in a highly efficient yet cost-effective manner based on usage rather than the number of virtual machines. The usage-based cost model would enhance financial predictability despite an increasingly dynamic environment. By understanding subscriber usage trends, the provider would be better positioned to expand the network as subscriber workloads evolve.

The company’s existing physical network was cumbersome and tedious to manage from an overall operational perspective. An additional physical footprint was out of the question. Also, Cisco PNR could no longer provide the ease of management and levels of visibility necessary for the provider’s sizable network. It needed an improved way to manage all of its core network services—one that provides high availability and security but increased operational efficiencies and reduced management costs.

Last, demanding future broadband and 5G use cases will require massive scale and extremely low latency. The provider’s unique broadband network needed to support millions of virtualized DNS records to service their subscriber base—coupled with an operational view of the company’s authoritative and recursive DNS under a single pane of glass. They also needed to reduce DNS latency to improve the overall subscriber experience.

The Solution: Simplify and Scale Effortlessly

Infoblox solutions for service providers deliver the reliability, manageability, performance and proactive protection service providers need to safeguard their networks, subscribers, and brand—enabling them to create the best first-connection impression for their subscribers.

All Infoblox solutions include patented Infoblox Grid technology, which provides optimal operator visibility and control across the entire Infoblox DNS infrastructure, enabling quick detection of service-threatening attacks while easing operational costs and increasing manageability.

Infoblox Grid

Infoblox Grid technology provides highly efficient management and control, freeing key technical and network operations staff from labor-intensive, costly, and error-prone administrative tasks. The provider was highly impressed with a vastly improved user interface compared with its prior solution. Armed with new levels of visibility and control, this provider can now streamline its operations with the ability to automate routine yet time-consuming tasks such as deployments, updates, patches and configuration changes. It also gains a single, centralized view of the entire network, with advanced reporting visibility for network planners and operations teams.

High Performance and Secure DNS

Infoblox DNS solutions include threat intelligence and automated protection packages that protect subscribers from growing malware threats, service disruption and slow application response. The solution maintains critical DNS service availability in rapidly evolving networks and as traffic grows—and even during malicious DDoS attacks. Advanced caching functions ensure that the best and most-used responses are always available for subscribers.

• Authoritative and Recursive DNS: With Infoblox DNS, the provider can enable and centrally manage and automate all aspects of recursive and authoritative DNS to achieve the high availability, efficiency, security and application response times their subscribers need to thrive in a digitally connected world. Since the provider needed a solution that could support a massive number of DNS records, Infoblox’s engineering team worked with the customer to determine the optimal configuration to support their unique large-scale requirements.
• Infoblox Secure DNS Cache Acceleration: Designed to handle the “perfect storm” of future 5G and edge-based applications, this Infoblox feature enables the provider to use the most robust and cost-effective DNS caching infrastructure solution, combining micro-second response and advanced threat protection, while providing low latency and a secure subscriber experience.
• Infoblox Encrypted DNS for Service Providers: Many service providers struggle to handle current DNS privacy technology advancements like DNS over TLS (DoT) and DNS over HTTPS (DoH). While improving DNS privacy, these technologies come with a tradeoff: they direct subscribers and applications to external DNS resolvers, sidestepping the traditional DNS mechanisms and reducing control. This provider was concerned over the complexities that encrypted DNS brought to its planning and the potential for a proliferation of new devices to accommodate this need. With Infoblox Encrypted DNS, this provider has the option to leverage efficient encryption for DoT and DoH on top of DNS Cache Acceleration, while delivering Infoblox best-in-class DNS performance and microsecond latency to its subscribers.

Infoblox Trinzic Flex and Service Provider Licensing

Carrier deployments require a flexible and scalable infrastructure to handle the dynamic requirements of NFV. Many service providers face the challenge of increasing the agility of their existing infrastructure to keep up with the pace of changing business demands. Even when providers have leveraged virtualized network functions, many solutions are based on fixed resources that cannot be easily changed.

• Infoblox Trinzic Flex: To help this provider overcome its infrastructure challenges, Infoblox is leveraging a set of software appliances known as Trinzic Flex. The solution offers elastic scaling capabilities, allowing the provider to scale their solution as their capacity requirements increase. With this option, the company pays based on their capacity needs through flexible capacity-based pricing. The provider also has set up a new lab environment that uses Trinzic Flex. Without the requirement of provisioning new lab infrastructure, the engineering team has seen a significant reduction in its workload, freeing them to spin up new virtual instances and test new ideas and configurations.
• Service Provider Licensing: Another plus: the solution is covered under the Infoblox Service Provider License Agreement Program (SPLA). This is specifically designed for unique service provider requirements, such as meeting demand that can be difficult to accurately predict. With SPLA, the provider can increase capacity at any time and eliminate the painful task of procuring and provisioning new hardware.

The Result: Increased Scale and Flexibility

The provider first deployed Infoblox Authoritative DNS to its subscriber networks in 2020 and has already benefited not only from the increased scale but a more simplified way to manage its core network services across the telco cloud. The company increased operational efficiencies with the ability to deploy quickly and flexibly new virtualized instances from a simplified, centralized interface. In addition, it eliminated single points of failure and removed manual synchronization that can introduce errors or service disruption. By adding Recursive DNS coupled with Infoblox Secure DNS Cache Acceleration, the provider significantly reduced latency. It also boosted reliability with high-availability DNS caching and gained the ability to maintain critical DNS service availability—even during a malicious DDoS attack. It can even stay ahead of evolving DNS encryption protocols.

Best of all, the provider gained the flexibility to add additional virtualized functionality to its existing network wherever and whenever needed. Whether it requires Advanced DNS Protection to maintain service availability and critical DNS functionality during a volumetric DDoS attack or Subscriber Services to offer value-added security solutions to its subscribers, the provider can leverage the platform’s flexibility to support their growth.