skip to Main Content

Satellite Broadband Firm Modernizes with Infoblox

The Customer

This global provider of high-speed satellite broadband services and secure networking systems covering military and commercial markets serves 687,000 U.S. customers. It is also a leader in the new defense industrial base for satellite communications (SATCOM) and cybersecurity, delivering secure defense communications worldwide. It offers a range of multi-band, flexible SATCOM terminals, anti-jam Link 16 radios and electronic warfare-resistant networks that enable resilient, end-to-end communications across domains and missions.

The company has multiple business units, most of which were running Microsoft Active Directory (AD) for DNS and DHCP. Originally, one of the businesses used Infoblox NIOS software and gear (two Trinzic 1425 appliances) for IPAM. That business unit also relied on Infoblox for provisioning its private cloud built on OpenStack because of the API support in NIOS. And it used Infoblox DNS Traffic Control on the Trinzic pair.

The Challenge—Aging Core Networking Infrastructure

Company decision makers considered multiple options to upgrade and consolidate its DNS, DHCP and IPAM (DDI) infrastructure and replace its aging Microsoft AD systems. One option was to go with an open-source solution based on Docker, BIND and Kea. Another option was an integrated Infoblox DDI solution, and the company embarked on a proof of concept (PoC) project with the BloxOne® DDI cloud offering.

While the PoC was successful, the company lacked the resources to complete the project so it was shelved indefinitely. During this period, the company experienced a WAN outage that broke its API capabilities and disrupted its DHCP services. The company’s VP of technology decided, with advice from its DNS architect, to reprioritize the DDI project. Work began shortly thereafter to replace the legacy Microsoft AD implementation across the board with Infoblox technology.


Initiatives: Upgrade and consolidate unreliable DNS, DHCP and IPAM (DDI) infrastructure, Replace aging Microsoft AD systems, Adopt a cloud-first footing that would enable fast, flexible deployment of secure network services

Outcomes: Upgraded to powerful new Infoblox DDI infrastructure via a hybrid on-premises and cloud-based solution, Implemented category-leading DDI capabilities while adhering to strict cost-containment objectives, Optimized the performance of existing security solution, accelerating remediation of cyberthreats while reducing the total cost of enterprise threat defense

The Solution—The BloxOne Platform from Infoblox

The company’s IT leadership decided to go with Infoblox NIOS virtual appliances for its main data centers as well as its public cloud deployment. It also chose to employ the cloud-native BloxOne DDI solution to manage DNS, DHCP and IPAM (DDI) operations—enabling it to replace all of the legacy Microsoft server appliances. In total, the company purchased 42 BloxOne DDI licenses, 13 vNIOS subscriptions, and two 14×5 physical Trinzic hardware appliances for high availability. The company also deployed BloxOne Threat Defense for DNS protection, marking one of the first full implementations of the complete Infoblox BloxOne Platform worldwide.

The Infoblox BloxOne Platform is the world’s first 100 percent cloud-native core networking and security services architecture. The BloxOne Platform applies the latest advances in software-defined networking, microservices, virtualization and containerization through Docker and Kubernetes to radically simplify the control and automation of vital DNS, DHCP, IPAM and security services via the cloud.

The Result—A Cloud-First Future

Adopting a BloxOne solution put the satellite broadband provider on the path to a cloud-first footing where it can now flexibly deploy secure network services faster and easier than before. BloxOne DDI is the industry’s first cloud-managed solution that automates core networking operations and enables centralized control for hybrid and multi-cloud networks. BloxOne increases visibility into end users and devices across the network regardless of their location. In addition, it enables elastic scalability so the company can now quickly deploy DDI services where and when needed to accommodate new devices and IP addresses. The hybrid virtual plus hardware approach powered by Infoblox ensures rock-solid business continuity for the company’s clients in the defense sector that rely on continuous uptime to carry out critical missions.

BloxOne Threat Defense maximizes brand protection by working with existing defenses to protect network resources and automatically extend security to SD-WAN infrastructure, IoT appliances and the cloud. For the SATCOM provider, BloxOne Threat Defense optimized the performance of its security orchestration, automation and response (SOAR) solution, enabling it to slash the time necessary to investigate and remediate cyberthreats while reducing the total cost of enterprise threat defense. The company is also now better able to protect its brand by securing every network connection, regardless of device or location, across physical, virtual and cloud infrastructures. BloxOne Threat Defense automatically updates defensive measures using programmable threat protection rules and intelligence drawn from more than two dozen curated threat intelligence feeds. As a result, the firm can take remedial action faster with single-pane-of-glass visibility into DNS attacks and their sources.

Let’s talk core networking and security

Back To Top