ITSAM Relies on Infoblox to Deliver Network and IT Support to Multiple Municipalities in Sweden
ITSAM is a public service association in Sweden responsible for IT operations in six member municipalities southwest of Stockholm: Boxholm, Kinda, Ydre, Ödeshög, Åtvidaberg, and Vimmerby.
Like many regional public works districts, ITSAM enables smaller government entities to pool their resources to access top-quality networking and IT resources, rather than the cost-prohibitive alternative of each municipality building and maintaining that infrastructure independently. The organization has approximately 50 employees who provide overall connectivity, IT support, and helpdesk services from its headquarters facility in Linköping, Östergötlands Län, Sweden. ITSAM also has operating responsibility for the local telephone network in its service area, runs development projects to initiate new services, and handles system investment oversight for new IT services and solutions.
An Error-Prone, Mixed DDI Environment
Set up as a collaboration between the municipalities of Boxholm, Kinda, Ydre, and Ödeshög in the early 2000s, the organization that would become ITSAM was initially meant to do basic IT functions within its member municipalities. As the municipal association grew, however, it began developing collaborations with several businesses to broaden its offerings and improve services, particularly as two other municipalities, Åtvidaberg and Vimmerby, joined in 2006 and 2012, respectively.
Specifically, ITSAM was officially named and established in 2009 as a municipal association meant to provide service technicians to support local networking and IT infrastructure. As technology progressed, it has proven necessary to provide standardized, streamlined services between local areas for easier management. As such, a main goal of ITSAM is to run the same systems and services across all participating municipalities to decrease server costs, consolidate offerings, and provide more cost-effective solutions using the same hardware and resources already in place.
In one area, however, ITSAM faced difficulties aligning its operations to its stated business plan. The challenge was that over time the association had adopted a two-system approach for managing DNS operations, along with DHCP and IPAM services (collectively known as DDI). Originally, ITSAM ran the open-source BIND (Berkeley Internet Name Domain) platform as its DDI solution. BIND was first developed at the University of California in the 1980s and remains a de facto standard for DDI operations in higher education and less-demanding business and governmental settings. To bring more automation to its DDI operations, ITSAM also deployed Power DNS in its data center. Power DNS offerings deliver significantly more backend services than BIND but still lack the automation, integration, and performance of today’s more advanced commercial DDI offerings.
Industry: Information Technology & Related Consulting
Location: Linköping, Östergötland Län, Sweden
Objectives: Resolve technical shortcomings presented from running a mixed DNS environment based on open-source solutions. Shorten the work time—up to 20 minutes—needed to create and manage DNS records. Implement centralized DDI platform to provide insight into critical networking metrics and optimize overall network performance
Results: Enhanced DDI processes by centralizing management, increasing automation, and reducing the need for human intervention. Improved ability to delegate data management across various organizations or authorization teams with NIOS DDI features, including a recycled bin, smart folders, automated IP address management (IPAM), and approval workflows. Significant reduction in time spent on basic DNS tasks, improving DDI operations and simplifying the execution of tasks
“Running a mixed environment focused on open-source solutions like BIND and Power DNS made the administrative aspect of DDI pretty difficult,” explains Pontus Strandsten, a senior network technician at ITSAM. “They’re prone to misconfiguration and human errors—getting them to run smoothly together takes a lot of time and human effort. That’s why we began looking into a platform that would offer more automation and, importantly, centralized management for all DDI processes. I heard about Infoblox working in my previous position, and when it came up, I suggested that it might be something we should look into.”
“The administrative part of DDI is what we were having the most issues with,” says Staffan Pettersson, also a senior network technician at ITSAM. “When we saw that Infoblox provides both a recycled bin function, smart folders, automated IP address management [IPAM], and especially the approval workflow features, we were really interested. The ability to assign different parts of the management of data to different organizations or different authorization teams was exactly the way we wanted to go.”
Proof of Concept Becomes a Proof Point for NIOS DDI
Infoblox first came to ITSAM’s attention through outside recommendations. In particular, NetNordic, a major cyber security reseller with offices in Norway, Sweden, Denmark, and Finland, suggested Infoblox as a better option to suit its needs. “After consulting with our partners at NetNordic, we reached out to Infoblox to see if we could get a proof-of-concept underway.”
For the proof of concept, Strandsten, Pettersson, and the ITSAM team arranged for a basic install of NIOS DDI deployed in the data center and began running a series of tests. Right away, they were impressed with the speed, performance, and automated features built into the Infoblox systems. “It’s quite a game changer to have such easy DNS operations and capabilities,” notes Strandsten. “With Infoblox, you create a record, name it, and then save: It’s done. It’s all very quick and just runs automatically. In our previous solution, it always took 15, 20 minutes to synchronize the zone files and then have the query available to the clients. But with Infoblox it’s pretty much instant.”
Based on the positive results of the POC, the ITSAM team decided to move forward with a full install. ITSAM purchased a package of Trinzic appliances (two each of the 805 and 1405 models) with Grid nodes to administer each machine, Infoblox Reporting and Analytics, and, of course, the core NIOS DDI solution. The team also installed some virtual appliances to manage Grid Master functions.
Initial impressions of the new platform have been very positive. “The overall experience has been very good,” says Pettersson. “And that goes both from ITSAM’s management perspective and for our end- user customers as well. We are experiencing far fewer incidents and support tickets from our first line of support and so forth. So, we have seen improvements, absolutely.”
Faster DDI Administration with Centralized Management
Beyond the overall experience and support improvements, Strandsten and Pettersson notice that the amount of time devoted to administering basic DNS tasks has decreased substantially since transitioning to Infoblox. Exactly how much, they’re not sure because no one was keeping records and visibility into the BIND and Power DNS systems was lacking.
“We had little to no insight previously into metrics, such as response times, delay times to resolve system issues, CPU loads, and other performance measures that can help you understand if a system is under stress,” explains Strandsten. “While we don’t have exact numbers to compare before and after, the measurable impact of using NIOS DDI has obviously improved our overall DDI operations. There’s a very noticeable change—fewer steps to perform the same tasks as previously, which is definitely a plus.”
Pettersson also points to the centralized interface for all DDI operations in NIOS DDI as a net good. “We were running phpIPAM, which is an open-source, web IP address management application,” he says. “We’d implemented that a couple of years ago and it has been working well. But again, like BIND and Power DNS, it’s not a whole solution and wasn’t completely integrated into a centrally managed DDI operations center. So, there was room for improvement, and we’re happy with how Infoblox incorporates IPAM into DHCP and DNS. We still have some work to do incorporating IP addresses into the system, but it works great.”