Rabobank Modernizes Network Architecture, Enhances Cybersecurity Posture with Infoblox Subscription-Based Solutions
“The online presence of Rabobank must always be available via the various channels, without ever faltering. For instance, if online banking suffers an outage, customers immediately post the outage on Twitter and NU.nl. That level of negative brand visibility really is enormous. Infoblox helped us address the challenge of how we guarantee that our online services are available to our customers 24x7.”
— Olav Roes, Senior Service Owner, Network Security and Connectivity, Rabobank
Rabobank has its roots in the “farmers’ bank” movement of the late 1800s, and to this day it focuses much of its lending activities in the global food and agribusiness sectors. Steady growth through the years has seen Rabobank become the second largest banking organization in the Netherlands. It is also now among the 30 largest financial institutions in the world, with 42,000 employees globally across operations in the United States, several European countries, Australia, New Zealand and South America. Rabobank has been an Infoblox customer since 2004; Olav Roes, senior service owner, Network Security and Connectivity, leads the bank’s IT team. The company relies on Infoblox for key technologies that underpin its global networking and security infrastructure.
The Customer: Rabobank
Industry: Financial Services
Location: The Netherlands
Initiatives: Simplify/centralize network management, Enhance cybersecurity posture, Begin migrating network operations to the cloud
Outcomes: Progressively modernized network infrastructure, Centralized network management, Sharply increased visibility into network resources and operations, Gained faster security threat response time, lower security costs
The Challenge: Implementing and Maintaining Secure Core DDI Capabilities over the Long Term
Rabobank’s journey with Infoblox is a story of two companies working over many years to progressively expand and optimize the bank’s networking and overall IT stack. The original engagement in 2004 involved 60 Infoblox appliances and software to run Rabobank’s internal and external DNS operations. The immediate business need was for enterprise-grade domain name system (DNS) capabilities with built-in security from the start.
“These were data-center-ready appliances,” says Roes, who’s largely responsible for designing and building out Rabobank’s global IT and security strategy. “A major selling point for the Infoblox appliances at the time was that they enabled us to add on security measures to ensure, among other things, that a DNS request is not turned into a different address.” This capability was attainable with the Infoblox solution because it supports not just DNS, but also Dynamic Host Configuration Protocol (DHCP).
The Emergence of DNS as the Key Enabler of the Digital Business
The mid 2000s saw the early days of online mobile banking—the iPhone debuted in 2007—but continuous uptime was already a high priority for forward-looking financial institutions like Rabobank. “Wanting to be permanently accessible means that the customer who types www.rabobank.nl must end up on our pages,” says Roes. “The alternative is that the user gets a 404 error and a frustrating experience. Unacceptable.”
According to Roes, “The online presence of Rabobank must always be available via the various channels, without ever faltering. For instance, if online banking suffers an outage, customers immediately post the outage on Twitter and NU.nl. That level of negative brand visibility really is enormous. Infoblox helped us address the challenge of how we guarantee that our online services are available to our customers 24x7.”
The Solution: Modernizing Network Architecture
Rabobank used 2012 as a “year of reflection” to consider how to handle matters differently in order to achieve more stable services. The mobile Internet by this time had matured into a global environment for digital commerce. A next step for Rabobank at this time was to analyze its existing setup in the data-center network and find areas where improvements could be made to drive its digital business forward. Automation had become increasingly important, yet virtualization had significantly increased the complexity of Rabobank’s IT architecture; visibility into network devices and resources was difficult to maintain in the extended network.
Commenting on Rabobank’s network at the time, which was based at data centers located in the cities of Best and Boxtel, Roes says, “The overall structure of the network is actually not that complex. But when you look at it in more detail, you see that the layers consist of thousands of components, which all have a function in the data center, and which need to be able to talk to each other.”
Over time, the “thousands of components” Roes refers to could no longer be physically identified. Centralizing network management and improving network visibility had become top priorities. To enhance reporting and network insight capabilities, Rabobank would need to upgrade its IP address management (IPAM) functionality. More robust IPAM would also enable Rabobank to centralize all operations related to DNS, DHCP and IPAM (DDI) on a single platform and to strengthen its security posture.
The Results: Better Visibility and Stronger Security
By 2017, Rabobank had rolled out Infoblox DDI worldwide. Roes and his team had resoundingly solved the organization’s issues around central management and visibility into network resources, devices and operations. They still felt, however, that there were ways to improve overall network security. In 2018, Rabobank began deploying the on-premises version of Infoblox’s cybersecurity solution. BloxOne Threat Defense is the industry’s most advanced cloud network security platform, enabling organizations like Rabobank to harden core DDI operations in ways that boost network security comprehensively. It uniquely combines advanced analytics based on machine learning, highly accurate and aggregated threat intelligence and automation to detect and prevent a broad range of threats. Such threats include DGA families, data exfiltration, lookalike domain use, fast flux and many others.
BloxOne Threat Defense integrates tightly with existing security systems and tools, including security orchestration, automation and response (SOAR) and security information and event management (SIEM) solutions. In this way, Rabobank reduces incident response times by enabling all the major components of its security stack to respond to incidents sooner, before they can cause harm.
“Our response times are up to two-thirds quicker than before we implemented BloxOne Threat Defense,” explains Roes. “With all of the key elements of our security stack, including SOAR/SIEM systems working together, we can more proactively combat threats. Our ability to stop security events before they can cause damage has expanded substantially. In addition, because we’re now reducing the workload on perimeter defenses, we anticipate our total cost of our overall threat defense will decline over time.”
Moving Forward into the Cloud
Roes expects Rabobank’s working partnership with Infoblox to continue to evolve for many years ahead. At present, the team is contemplating migrating its DDI functions to the cloud even with the realization that such a migration could be a long and potentially complex process. “Our current Infoblox solutions perform so well that we’re in no hurry to replace anything,” says Roes. “Working with Infoblox has been a long, successful partnership—the education, training and professional services support have all been highly beneficial over the years. We look forward to working with Infoblox well into the future.”