A Major Supplier of Products for Healthy Lifestyles
“I don’t know of a better system software update mechanism anywhere, in anything that I have used.” —Linux and UNIX administrator
The business has hundreds of centers in seven countries around the world. Its health-management program encompasses individual weight management, counseling, and exercise as well as healthy meals that are distributed through its centers or shipped directly to clients. Technology plays a major role in the services the company delivers, with online tools and resources, personal consulting by phone, online menus, and a shopping website.
In 2009, the company had two Infoblox 820 appliances that were being used exclusively for external DNS. For internal DNS management, the IT team was using Microsoft Active Directory and Microsoft DNS and DHCP.
A newly hired Linux and UNIX administrator noticed that DNS problems were at the root of many business problems. “You have to do DNS right from the ground up,” he says. “Many actions start with a DNS call, and when DNS is not working right, it has a cascading effect on the network. We were having two or three problems a week, each taking five or six man hours to correct.”
The root cause was often hard to identify, but the administrator’s experience told him it was DNS. “I was always saying “It’s DNS,” he says, “but with the system we had in place, I couldn’t point to the data to conclusively show the problem. We had seven separate Microsoft domains and zero IP address management (IPAM). What IP addresses were assigned where? We didn’t know. We had spreadsheets somebody did once, but what did that mean? They weren’t accurate. Microsoft DNS does not have the tools to reconcile discrepancies. It would have taken a lot more human effort than we could afford to make what we had work.”
When a new CIO came on board, the opportunity arose to make an important change. The CIO asked whether the powerful Infoblox appliances deployed for external DNS were being used to maximum advantage, and the Linux and UNIX administrator suggested repurposing them for internal DNS. “One of the selling points of Infoblox,” he says, “is that there’s a log. You can see who did what when. This is enormous.”
The Infoblox Solution
The team uses an external DNS service controlled by the Infoblox Grid™. They put the Infoblox boxes—and four additional Infoblox 1410 appliances—to work handling DNS and DHCP services. Now the Active Directory servers are acting as caches and, through integration with Infoblox, are supporting dynamic DNS.
“We have zero problems with DNS now,” says the administrator. “When something happens, we have a clear audit log, and that has brought stability. We simply don’t spend a lot of time on DNS anymore. We have one brain for IPAM, and it’s really easy to configure, and we can check on it right away when we need to.”
The solution has eliminated the 12 man hours a week the network team was spending solving DNS problems—and given back roughly 80 days a year that they can apply to more strategic activities.
When asked whether Infoblox has yielded any benefits beyond solving the DNS problems, the administrator rattles off a list. “The Infoblox DNS Advisor tool was extremely important,” he says, pointing out that this free online tool developed by noted DNS expert Cricket Liu for testing DNS configuration, consistency, and security not only helped to set the goals of the migration from external to internal, but also helped to assess the results.
He is looking forward to implementing the built-in workflows. “Because of the previous problems, we’re currently locked down to two admins, and everyone else has read access. But I’d like to get to where everyone can be in the DNS server at the same time, and make changes, and we can have a good level of accountability and visibility.”
He is particularly enthusiastic about the Infoblox Grid™ technology, and the ability it gives the team to automatically push out system-wide updates. “I don’t know of a better system software update mechanism anywhere in anything that I have used,” he says. “All the steps are automated—as they should be. It will distribute to all members of the Grid, and you can schedule that. It will test for you. You can do the update in steps and demonstrate to the change control board the update has been tested. It’s zero downtime to update your entire Grid. I’ve never seen another product with that ease of use.”
But he concludes by coming back to DNS. “Now when I get calls in the night,” he says, “I know it’s not DNS.”