Infoblox operates in the DDI (DNS, DHCP and IP address management) space, working with network security and cloud security operations and has done for the past 25 years. It was recently in Sydney and told us about its new networking product.
iTWire met up with senior management at the Sydney (APJ) leg of its global, 14-city ‘Exchange’ conference where it had been talking to partners, customers and potential new customers to find out what it was up to.
Chris Usserman, Chief Technologist, told us about the company's two main pillars, Networking and Security plus, it's new product, Universal DDI which customers were actively trying out at the event. He said, “It’s a new and revolutionary offering in the marketplace unlike anything else that's out there. We wanted to have a chance to actually show our customers first hand. They're all hands-on with keyboards, actually in a lab, experiencing the new product. Exchange has traditionally focused on the security side of things, but now we’ve brought it together with the network management side of things.”
Australia vs US
We learned that Australia is regarded as important market despite the different demographics and size of the partner organisations compared to the US. Usserman told us, “I think the biggest difference is the number of companies that are, what we would call, enterprise-size businesses. The percentage of Australian companies that have more than 200 employees is about 0.5%. That was eye opening to me and I've been in and out of the Australian market for quite some time.”
He added, “But, our security solution is applicable to pretty much any size company because security is a global issue no matter what size you are on the networking side. Simplifying a very complex enterprise, multi-cloud, hybrid network doesn't require a company to have 100 or 200 people.
Usserman then spoke about the Australian customers and how they compared to the US.
“We do a lot of work with the financial institutions. The banks value our services greatly and, as a US-based company, we also get a great deal of very, very strong ideas and suggestions on building features and functionality into our system from this market. I would say, more so than I've seen elsewhere.”
He added, “We’ve also spent a lot of time in the public sector working with the Australian Government, helping manage the security of the Australian citizens as well as protecting those organizations themselves. We've got a pretty strong and continuing partnership with the ACSC (Australian Cyber Security Centre) and the cyber leadership within the Commonwealth government.”
Infrastructure
In terms of what’s provided, we were told, “Traditionally there are really two different form factors for a protocol server: hardware or virtualized hardware. We see a lot of companies that are moving away from VMs. A lot of that has to do with Broadcom's acquisition of VMware and the increase in support costs. So, that means in a company that's got a cloud-first strategy, they don't want to manage any hardware whether it be on-prem or virtualized. They want to work with a cloud-first or cloud-native system or a system that is completely infrastructure free.
“One of the very interesting things, that's groundbreaking with this particular solution, is the offering of our protocol service completely as a service: there’s literally no hardware to manage whatsoever. You can literally subscribe to the protocol server services through an IPsec tunnel or a private link to the cloud (that you choose to run the service within). That’ll be a very large value proposition for a lot of companies that have gone multi-cloud and cloud first.”
Visibility
We then moved on to some of the particular identification features of the Exchange. “I think another major aspect of what we're offering is around the visibility into the devices and the assets within an infrastructure. Traditionally, people have solutions that do network discovery on the on-prem system and, in some cases, aspects of visibility within the cloud assets. But, there’s nothing that really stitches it together in one single view. We have a service called Asset Insights that gives you a complete picture across all those assets – every IP connected, IoT and OT device across the entire real estate of the customer – from whatever cloud that might be and even remote employees.”
Cloud Bill Shock
We’ve heard one of Infoblox’s insights before – people are becoming sick of the costs of cloud. We’re told about one client in particular, but it could be many in the market, who got their cloud bill and decided to move from being ‘cloud only’ to ‘cloud smart.’ So, they brought some operations back on-prem. However, they then realised that they’ve workloads in the cloud and workloads in their data centres which bring new challenges in terms of resiliency and high availability. Other clients primarily have a ‘legacy mindset’ where they want the bare metal. But, as Usserman, puts it, “There wasn't a unified means to manage all of that in one single solution.”
Ai Monitoring
We moved on to Ai in data security and how Infoblox uses it to monitor the DNS data queries that companies send and the responses that are sent back. Usserman says, If you are smart about the way that you examine that data, you can identify patterns that indicate, for example, malicious use of DNS. For instance, a piece of malware was discovered that was utilising Morse Code over DNS via the frequency of packet transmissions. Usserman explains, "There wasn’t anything from a signature point of view because nobody's looking for that. We're using Ai to develop and modernize and enhance our machine learning models, which are signature based, but it's also based off the behaviours that are out there including anomalous behaviours that we haven't yet recognized. Those then get flagged."
Behaviour & Reputation
We learned about the components of Infoblox’s behavioural and reputational elements are combined.
Usserman: “We understand that destinations on the internet are good or bad. We have a very strong visibility into that, with a very low false positive rate, that has minimal impact. That's reputational. Then there's the behavioural piece of the puzzle which is the signature side of data. I'd use an analogy of my 20-year-old daughter saying she's going to a friend’s house, but she's dressed like she's going to a club. The story doesn't match with the outfit. Then, if there’s something we don’t recognise, we analyse it.”
DNS
We asked how this might be related to Zero Trust and were told, “At the core of Zero Trust is protecting one’s data. Part of that is knowing where your data goes. DNS is a very effective way according to the US government. The Australian Signals Directorate says 92 per cent of malware uses DNS and yet most organisations are struggling to identify that. They're still very reactionary. We are preventing those communications one hop off the devices where those resources are at risk. So, if you've got your intellectual property on this laptop and you need to communicate with the hotel Wi-Fi, we are the DNS server that is providing a protected DNS firewall.”
To learn more about Infoblox’s Universal DDI combined Network Management and Security Solutions visit https://www.infoblox.com/products/universal-ddi/
