Tohoku Gakuin University
Tohoku Gakuin University, with three campus networks to manage, takes the time and effort out of DNS and DHCP a centrally managed solution.
Currently, Tohoku Gakuin University has six faculties—arts, economics, business administration, law, engineering, and general education—as well as a graduate school. It has a total enrollment of about 15,000 students on its three campuses in Tsuchitoi, Tagajo, and Izumi. The university provides a character-building education that is based on Evangelical Christianity. So far, approximately 170,000 students have graduated from the university.
Before the introduction of Infoblox products, application management was carried out using generic Linux servers for both DNS and DHCP. For DNS, BIND operations were handled by five generic DNS servers, one for internal use in each of the three campuses and two for external use. Because multiple views had to be run using the “view” function in BIND, copying zone data was a complex process. Some views had to be copied manually, and updating DNS zone data was troublesome. It was also difficult to enact plans for implementing BIND version upgrades to address DNS security-vulnerability issues.
Where DHCP is concerned, operations were also carried out using generic servers. One DHCP server was installed on each campus, and fixed IP addresses were assigned from the DHCP server to the MAC addresses of all the terminals connected to the network. Whenever there was a request from a teaching staff member, the MAC address of the terminal and fixed IP address were manually registered in the DHCP server.
In the automatic payout method where the address pool was defined and an IP address was automatically paid out from the DHCP server, it was not possible to immediately identify the terminal affected when an incident occurred, and so a fixed IP address had to be assigned. Naturally, as the number of terminals connected to the network increased, the management load was also increasing, making it necessary to adopt countermeasures.
Redundancy in the DHCP servers was also not being carried out, because the use of generic servers would have made the system too complicated.
Reducing the time and effort required for design and construction as well as application management were key issues in updating the entire network system. A simpler and more robust system in which the number of servers was reduced by using dedicated appliances was required.
When using generic servers to build a new DNS and DHCP system, many basic design features and settings—including security measures for the generic servers themselves—have to be carried out. By contrast, with Infoblox a lot of time and effort could be saved in designing and configuring the DNS and DHCP functions.
Previously, it was difficult to establish working plans to apply security patches in DNS servers. So another major advantage that Infoblox offered was that with appropriate support from the manufacturer and certified security patches, security updates could be carried out with ease and assurance.
It also would have been difficult to adopt a redundant configuration in the legacy system, but Infoblox offered the ability to do so without wasting IP address space, thereby improving reliability. Furthermore, by combining the use of Infoblox with a new MAC address management system that can centrally manage information such as MAC addresses and IP addresses, direct manual registration in DHCP servers was no longer necessary.
The Infoblox solution also made it possible to easily configure DNSSEC and offered a failover function that automatically switches to a standby machine in the event of a malfunction in the DNS and DHCP servers.
Tohoku Gakuin implemented a total of six Infoblox Trinzic 1410 appliances in its data center to manage the campus network. Two DNS content servers and two DNS cache servers were installed with high-availability (HA) configurations. Using patented Infoblox Grid™ technology, overall DNS server management can now be carried out from a single Web screen. Access from within the campus is processed on the cache server side, while access from outside the campus is processed on the content server side.
Two Infoblox Trinzic HA appliances were also installed as DHCP servers to pay out IP addresses to the approximately 3,000 terminals on the campus. Fixed IP addresses are assigned to a portion of the terminals such as printers and servers. For other terminals, the operation was changed to assign IP addresses from the address pool.
The Infoblox solution has resulted in a large reduction in the amount of effort and time required for design and construction. To cite some specific examples, time is no longer required to design and configure generic servers, and design can now be focused exclusively on the DNS and DHCP functions.
The issues related to DNS and DHCP operations using generic servers have also been resolved, resulting in a large reduction in the application management load. Operations such as copying zone information for each DNS view and upgrading DHCP software versions, for instance, have become much easier since changes can be applied to the entire system simply by applying them to the Infoblox Grid Master. Since operations can be carried out from a Web interface, various settings besides version upgrade can also be easily carried out. And the adoption of an HA configuration for both DNS and DHCP makes it possible for service to continue even if a malfunction occurs on the active end, by automatically switching to the standby end.
Going forward, Tohoku Gakuin intends to update and significantly expand the wireless network system within the campus, expanding the Infoblox system by adding two more Infoblox appliances.
For more information, please contact your Infoblox representative or visit www.infoblox.com