Large U. S. Bank
“Security and data-loss protection are absolutely at the forefront of everything we think about. Over the past year or two, attackers have been going after DNS, so the integrity of our DNS servers and the ability to defend against DNS-based attacks are critical.” — IT manager in charge of DNS, DHCP, and IPAM
Prior to adopting Infoblox, the five-technician IT team responsible for a portion of this U. S. bank’s network was using Domain Name System (DNS) and Dynamic Host Configuration Protocol (DHCP) software from a major vendor, running on UNIX servers.
During the process of applying security patches to the DNS servers, incompatibilities between the UNIX code and the DNS and DHCP vendor’s code brought down the DNS system. “Imagine every single system at a bank being unavailable or severely crippled,” says the IT manager in charge of the team. “People could not manage their money. It was bad.” He realized that he needed to look into a much more integrated, centrally managed solution so that the team responsible for the day-to-day operation of the service was also responsible for the entire infrastructure.
The Infoblox Solution
The Infoblox Grid™, with its features for redundancy, failover, and high availability, was an obvious choice. Infoblox DDI core network services could integrate DNS, DHCP, and IP address management (IPAM). Infoblox DNS Firewall could provide additional assurance of availability by blocking malware communications and preventing denial-of-service attacks. And Infoblox Professional Services could help with the rollout.
Now the bank has a consolidated and highly redundant infrastructure. If there are hardware problems, replacements are so easy that no one on the IT team has to lay hands on a box. A one-page script distributed to workers in the data center enables them to replace devices—without worrying about restoring data from tapes. And if appliances are down, redundancy and failover keep end users from being affected, helping IT to meet service-level agreements.
The IT team intends to confront the threat of hacking next. The IT manager has a line item in his budget for 2014 to acquire Infoblox DNS Firewall to help protect DNS servers and the network in general against advanced persistent threats (APTs), malware, and denial-of-service (DoS) attacks.
“Security and data-loss protection are absolutely at the forefront of everything we think about,” he says. “Over the past year or two, attackers have been going after DNS, so the integrity of our DNS servers and the ability to defend against DNS-based attacks are critical.”
Referring to the Infoblox Security Ecosystem, an integration between DNS Firewall and FireEye Multi-Vector Execution (MVX) engine, he says, “We’re very keen on the FireEye integration piece because we use FireEye to a significant degree, and for that to integrate with DNS Firewall will allow us not only to get alerts but to automate the response to those alerts.
“I think the thing that differentiates Infoblox more than anything else for me,” he concludes, “is the level of customer service that I get. You wind up with challenges no matter what tool or service you’re using, but having a dynamic team of people that really stand behind the product—doing whatever they can to make things right and to ensure customer satisfaction—is something that you don’t see very often.”