Transcription
In Partnership withNetwork Discovery & Automation forHybrid Cloud TransformationBob Rose - HostSr. Product Marketing Manager, DDI - Infobloxrrose@infoblox.comJason RadebaughTechnical Marketing Engineer - Infobloxjradebaugh@infoblox.com1 Infoblox Inc. All rights reserved.
BRPCN PanelJames NuttDDI GM & CTOjames.nutt@pcn-inc.comDavid ChampagneMgr. Design & Build, Distinguished Engineerdavid.champagne@pcn-inc.com2 Infoblox Inc. All rights reserved.
JNWho is PCN?PCN is a recognized industry leader in DDI Managed & Professional ServicesCertifiedEngineersDDI Lab &DevDDI PortalGRCDDIMonitorDDI NOC& SOC7x24IncidentSupportDDITrainedPMsInfoblox Experts:Integration with/migrating from: MS DNS/DHCP, BIND, Kea, ISC DHCP & leading DDI OEM platformsGlobal reach: Sales & Service in USA, Canada & United Kingdom3 InfobloxInc. Allrights reserved.2020 PCN,Inc.
BRAgendaOn-Premises to Hybrid Technology TransformationInfoblox Hybrid Cloud Strategy & VisionInfoblox Cloud Solution & ArchitectureIntegrations: Private & Public Clouds, Containers & AutomationDemo: vDiscovery & AutomationQ&A & Wrap-Up4 Infoblox Inc. All rights reserved.
BR/JNNetwork Priorities & 79%Want discovery,control of newly spunup assets1Manage DNS manuallyor with custom scripts1 No central pubic &hybrid network view Manual tools &processes Non-integratedsystems & platforms Can’t see all services &assets No AD Sites &Services integration Departmental silos Can’t assess query &performance history No user/IP addressmapping Lack of control Unscalable, errors &reworkUse 3 or moreplatforms1 No real-time datasharing Operationalinefficiencies1. Infoblox Study: ReRez Research on behalf of Infoblox5 Infoblox Inc. All rights reserved.
BR/DCArchitecture Evolution: TraditionalServices & Apps hosted incentralized locationsINTERNETDedicated WAN backboneRemote locations Internet‘back haul’SERVICESAPPSMobile WorkforceBRANCHFew remote workersrequiring VPNHEADQUARTERSBRANCHBRANCHDedicated WANBRANCHBRANCH6 Infoblox Inc. All rights reserved.
BR/DCArchitecture Evolution: ModernEnterprise cloud is thenew networkSoftware DefinedNetworks are enablingthe CHBYOD mobility & IoT d WANTeleworking is the newnorm!BYOD/IoTBRANCHBRANCH7 Infoblox Inc. All rights reserved.
BRPolling Question #1How much authoritative visibility do you have into your existingon-premises or cloud network? (Select the single best answer.)1.2.3.4.5.8 25%26-50%51-75% 75%I don’t know Infoblox Inc. All rights reserved.
BR/DCCustomer DDI Roadmap – Visibility, Automation & ControlEstablish authoritative IPAM in your on-premises & multi-cloud environment -- then automate! Infoblox Authoritative IPAMOn-Premise9 Multi-cloud eporting &Analytics Infoblox Inc. All rights reserved.Cloud NetworkDiscovery &AutomationSecurityEcosystem
BR/DCAuthoritative IPAM – Automated Accuracy & ReliabilityIPAMNetwork / MicrosoftWhat IP & MACWhen did it appearWhat Subnet/VLANDiscoveryDevice AttributesDNS RecordsEnsuring AccuracyUserWhere has it beenDHCP StatusPlatform Agnostic – On Premises, Private, Public, Hybrid or Multi-CloudAdd Networks/RangesNew (sync)Add IPs/DNS RecordsNew (sync orremediate)Drop Networks/RangesInactive (report)Drop IPs/DNS RecordsInactive (syncor report)Switch Port/AP toHost Configuration10 Infoblox Inc. All rights reserved.XConflict (sync)SingleSource-of-Truth
BR/JNAuthoritative IPAM – Empowering Network & Cloud TeamsHybrid/Multi-Cloud 11 IPAM: Infoblox Grid, IPAM & MicrosoftManagement overlay & integrationOn-Premises Discovery: NetworkInsight for discovery, conflict remediation& provisioningHybrid, Multi-Cloud Discovery: CloudNetwork Automation & Plugins forendpoint visibility, efficiency & controlEcosystem Integration: Security threatdiscovery, sharing & remediationReporting & Analytics: Data visibility,alerting, audit, compliance & planning Infoblox Inc. All rights reserved.Grid MasterRecoverySiteCloud Discovery& AutomationGrid tReportingServerIPAMBranchOfficeMicrosoftDNS/DHCP
JN/BRNetwork Insight & Advisor – On-Prem Discovery & Control Integrated L2 & L3discovery & visibility IPAM sync—devices,end-hosts & networkportsGrid MasterCandidateMicrosoftDNS/DHCP Switch-portmanagement Reporting & Analytics Lifecycle, security &compliance notification12 Infoblox Inc. All rights reserved. Detection of rogue &compromised assetsGrid MasterNetwork Insight &Advisor Resolves conflictsacross devices &network ports Adds security alertsfor end-of-serviceassets
Infoblox Hybrid Cloud Strategy & VisionPolicy-based insight for app infrastructure in hybrid cloudHybrid Multi-CloudApplication-Aware VisibilityPolicy-Based Insight Visibility into cloud apps implemented on any architecture – VMs, Networks, VPCs, etc. Connect across multi-cloud environments – Private, Public, Containers & AutomationCloud Management PlatformPlatform Agnostic – On Premises, Private, Public, Hybrid or Multi-Cloud13 Infoblox Inc. All rights reserved.BR
DC/BRCloud Network Automation – Multi-Cloud Discovery & ControlPrivate CloudHybrid/Multi-Cloud Automated DDImanagement Saves time, reduceserrorsGrid Master Spans private,hybrid & publicclouds Open API support Auditing & reportingacross clouds forDHCP leases, DNSrecords & IPaddresses14 Infoblox Inc. All rights reserved.Grid MasterCandidate DDI for multi-cloudenvironments Integrate with array oforchestration tools Single control planemanagement
BRMulti-Cloud Architecture – Single Control PlaneGrid extends to hybridcloud for High Availability(HA) & Disaster Recovery(DR)Tenant, VMs, network &VPC views for hybrid clouddiscovery, audit & reportsAutomated DDI for VMs,consistent addresses &security/compliancePolicy based IP & networkassignment using workflows& consistent DNS names15 Infoblox Inc. All rights reserved.
Infoblox DDI Cloud IntegrationsIPAM Integrationfor orchestration &automationvNIOS deploymentson Cloud PlatformsSupportedHypervisors16 Infoblox Inc. All rights reserved.BR
BR/JNValue of Discovery – Enables Automation & ReliabilityPCN offers Managed Services for ITIL Change Management ProcessesManualSee the Network Automation Video on Infoblox.com/resources17 Infoblox Inc. All rights reserved.
BRPrivate Cloud: VMware Integration18 Infoblox Inc. All rights reserved.
BRInfoblox VMware Plug-in for vROIP Address PoolAssignCloudProvisioning &ManagementvCenter ServerVirtualizationPlatformvSphere ESXiPlug-in benefits- Saves time- Saves money- Automates tasks Infoblox Inc. All rights reserved.ValidatevRealize Orchestrator Infoblox IPAM(vRO)Plug-inManagement &Automation19ProvisionvRealize Automation(vRA)Supports vRA/vRO 7.5(vRA 8.1 in process)19
DCProvisioning a VM Using vRealize Automation &the IPAM Plug-in1- A vRA cloud admin/user requests a VM to be created2- The Infoblox IPAM Plug-in“Allocate” workflow gets invokedvRealize Orchestrator (vRO)Infoblox vROPlug-invCenter ServerInfoblox DDI Appliance20 Infoblox Inc. All rights reserved.3- Infoblox DDI allocates an IPaddress and sends it to theVM along with the DNS hostrecord4- vCenter Servercreates and spins-upthe VM5- The newly created VM isnow running on an ESXi hostusing the newly allocated IPaddress and DNS record20
DCDeprovisioning a VM Using vRealizeAutomation & the IPAM Plug-in1- A vRA cloud admin/user requests a VM to be destroyed2- The Infoblox IPAM Plug-in“Release” workflow is invokedvRealize Orchestrator (vRO)Infoblox vROPlug-invCenter ServerInfoblox DDI Appliance21 Infoblox Inc. All rights reserved.4- vCenter Servershutdowns and deletesthe VM3- Infoblox DDI releases the IPaddress & deletes the VMDNS host record21
BRInfoblox DDI on Public Clouds22 Infoblox Inc. All rights reserved.
BRBenefits of Infoblox DDI on Public Clouds Gain complete visibility into your network resources Automate network management Accelerate VM provisioning & deprovisioning Scale & extend your enterprise network to public clouds Establish uniform DNS naming & IP address provisioning policy across hybrid clouds23 Infoblox Inc. All rights reserved.
BRPublic Cloud: Amazon Web Services Integration24 Infoblox Inc. All rights reserved.
BR/DCEnterprise-grade DNS on AWSGrid Master(GM)Grid Member(Primary DNS)Enterprise Premise Infoblox AMIs are available on AWS Hardened virtual appliance for secure DNS Deploy Infoblox DNS servers in AWS VPCs Use for External DNS or Internal DNS Fault tolerance with support for Disaster Recovery Hybrid or multi-cloud deployment optionsPublic CloudGrid Member(Secondary DNS)25 Grid MasterCandidate Infoblox Inc. All rights reserved.Grid Member(Secondary DNS)
JNAWS Automation ExampleAgile Deployment with DNS & IPAM Automationa.b.c.dabc.xyz.com Automate creation/deletion of VPCs, networks, VMsEC2 instances IP address assignments & reclamationsAWSAPIcalls Provisioning/de-provisioning of DNS recordsData CenterGridMasterGrid MemberAWSAPIcallsAWS API Client(Ansible, Puppet, Chef scripts etc.)26 Infoblox Inc. All rights reserved. Configurable DNS names
JNAutomation for AWS Instances (API Proxy)2. GM reserves next available IP innetwork 10.10.0.0/16 for VPC-Devand inserts into API request1. API: Create EC2 Instance inVPC-Dev for network 10.10.0.0/16AWS API Client(Eg: Ansible, Puppet,Chef scripts etc.)7. API Response:Success3. API: Create EC2Instance in VPC-DevVPC ID NetworkIPVPC-Dev 10.10.0.0/1610.10.10.101VPC ID NetworkIPDNS recordAPIEndpoint5. API Response:SuccessVPC-Dev 10.10.0.0/16 10.10.10.101 dev1.internal.com6. GM updates Hostrecords for EC2 InstanceNotes:Amazon API calls can be directed to either the Grid Master or Cloud Platform AppliancesGM performs vDiscovery of AWS instances to ensure no duplicate addresses are assignedAWS instance tags assigned as metadata in Infoblox databasePolicy based IP address assignment via metadata passed in AWS APIs27 Infoblox Inc. All rights reserved.4. EC2 Instancespun up with10.10.10.101 inVPC-Dev
BR/JNAmazon Web Services Route 53 IntegrationUnified DNS management across the hybrid cloudGrid Master(GM)Enterprise DataCenterChallenge Unified Management – Unified view of DNS across on-premise & AWS Limited internal/private DNS – Route 53 private hosted zone cannot resolveany resource outside the VPC or respond to queries outside VPCGrid MemberSolution Visibility – Unified view of DNS & IPAM for Route 53 in NIOS Hybrid DNS – Apply DNS Security & IPAM for Route 53 Records in NIOS byserving Route 53 Zones through NIOSEnterprise PremiseAWS Public CloudBenefitsGMCGrid MemberEC2AWS Route 53DNS serviceSync Zones from R53 to NIOSDNS query to NIOS for R53 Zone28 Infoblox Inc. All rights reserved. Seamless migration path to Hybrid Cloud by bridging gap between EnterpriseIT & Cloud teams Ease off complexity by presenting the user a single console to view onpremise & Route 53 Public Cloud DNS Automated Migration from Route 53 to Infoblox DNS Tighter integration between Route 53 & NIOS by offering performance &resilience
BRContainerization: Docker Integration29 Infoblox Inc. All rights reserved.
BR/JNInfoblox Docker integrationChallenges Lackof visibility into the network resources Manual, tedious & time intensive IP address(de)/provisioning across containers Multi-network containers can make IPAMmore difficultSolution TheInfoblox IPAM Docker libnetwork driverinterfaces with Infoblox DDI to providecentralized IPAM servicesBenefits Helpsmaintain consistency in a dynamicmulti-container environment Infoblox IPAM plugin for Docker automatesthe IP saving time & effort Provides visibility into the network resourcesfrom a single control plane30 Infoblox Inc. All rights reserved.
BRInfoblox Docker Container IPAM PluginInfoblox IPAM driver V1.1.0 For arbitrary network driver (bridge,overlay, etc.) Flexible configuration with separate orcombined address space per host oroverlay Docker certified – Supports DockerSwarm mode Facilitates extensibility Accelerates new feature delivery Protects infrastructure investment31 Infoblox Inc. All rights reserved.
BRAutomation: Terraform Integration32 Infoblox Inc. All rights reserved.
Infoblox Terraform IPAM integrationChallengesProvisioning a VM Complexaccess administration Difficult building, changing & versioninghybrid cloud infrastructure Operational inefficienciesSolution TheInfoblox Terraform IPAM plug-in providescentralized IPAM and DNS services inVMware & Azure CloudBenefits Streamlines& simplifies access administration Automates the IP saving time & effort inbuilding a Service Provider or Cloud Platform Provides visibility into the network resourcesfrom a single control plane33 Infoblox Inc. All rights reserved.BR/DC
BR/ALLPolling Question #2What is your biggest challenge with automating cloud integration?(Select the single best answer.)1.2.3.4.5.34 Internal expertiseDepartmental governancePlatform standardizationOtherI don’t know Infoblox Inc. All rights reserved.
BR/JRInfoblox Hybrid/Multi-CloudCloud vDiscovery & Automation DemoMulti-cloud Visibility, Accuracy & EfficiencyMulti-Cloud vDiscovery AWS & GCP network discovery Virtual network utilization Individual IP host data35 Infoblox Inc. All rights reserved.Terraform Automation Creation/Deletion of IPv4 Network in NIOS appliance Allocation/Deallocation of IP Address Association/Dissociation of IP Address for a VM Creation/Deletion of an “A” record
BR/JRVisibility into Network ResourcesVPCsSubnets Single control plane to view VMs instances, VPCs & subnets Periodic discovery of modifications to your cloud environmentDetailed view of VPCs and subnets VMs in a VPC and their attributesExtensible Attributes imported as configurable metadataNote: IPAM vDiscovery does not require the CNA License36VMs Infoblox Inc. All rights reserved.
BR/JROn-Premises View, Network DiscoveryCisco ACI data from Network Insight37 Infoblox Inc. All rights reserved.
BR/JROn-Premises View, Individual IP Host DataIP host discovery data from Network Insight38 Infoblox Inc. All rights reserved.
BR/JRHybrid Central View, Microsoft DHCPMicrosoft DHCP discovery data39 Infoblox Inc. All rights reserved.
BR/JRHybrid Central View, Sites & ServicesAD domains40 Infoblox Inc. All rights reserved.SitesNetworks for site replicationAlso populates User data
Cloud Central View, Multi-TenantvDiscovery from Cloud Network Automation41 Infoblox Inc. All rights reserved.BR/JR
BR/JRHybrid Central View, Security ForensicsSingle IP DNS & network discovery data42 Infoblox Inc. All rights reserved.
BR/JRAutomation: Infoblox Terraform Provider for IPAMAllocating the IP address & creating the IPAM record for a new VMAutomation benefits- Consolidates labor-intensivemanual workflows in seconds- Automatically updates the InfobloxGrid as the single-source-of-truth43 Infoblox Inc. All rights reserved.
BR/JRAutomation: Infoblox Terraform Provider for DNSCreating an “A” record for a new VMAutomation benefits- Automates manual DNS recordprovisioning in seconds- Ensures immediate availability fornew services44 Infoblox Inc. All rights reserved.
BRFlexible Deployment OptionsDDI for Hybrid CloudDDI for Fault ToleranceDDI for Full Public Cloud GM in DC, single touch point tomanage members in public cloud GM in DC and GMC in publiccloud Entire Grid, including GM andmembers in public cloud Grid members distributed acrossPrivate and Public Cloud Primary DNS in Private andSecondary DNS in public cloud Grid members distributed acrossdifferent VPCsGridMasterGridMasterPrimaryDNSData CenterData CenterDNSVMSecondaryDNSDNSVMVMVirtual workloads45 Infoblox Inc. All rights reserved.VMVMVirtual workloadsGMCGridMasterVMVirtual workloads
BRFlexible LicensingDataCenterLicensePoolLicense PortabilityVirtual Grid Members(Run on ESXi, Xen, Hyper-V,KVM)ElasticLaunch new gridmembers as neededautomatically & assignlicenses from a pool46 Infoblox Inc. All rights reserved.PortableMove appliance licensebetween Private & PublicCloud; no new SKUsFuture ReadyPurchase multipleservice/feature licensesfor future clouddeployments
BRWhy Infoblox Hybrid Cloud Transformation?DISCOVERY & VISIBILITYWORKFLOW AUTOMATIONSCALE YOUR NETWORK TOTHE HYBRID MULTI-CLOUD47 Infoblox Inc. All rights reserved.Discover all network resources & see what’shappening everywhere (datacenters, multi-cloud,containers, IOT, branch)Accelerate VM provisioning & deprovisioning,& improve efficiency & productivity throughautomated workflows via a single control planeSave time & money, extend your network to publicclouds & ensure uniform DNS naming & IP addressprovisioning across hybrid clouds
JNPCN DDI Professional & Managed ServicesProfessional ServicesConsulting, Health Checks & AssessmentsTransition & Transformation§Architecture, Operations & Security Audit§Operational Level Agreement§Current State, Vulnerability & Functionality§Project & Test Plans§Data discovery, Analysis & Reporting§Business-to-Business Connectivity & Ticketing§Best Practices – Design, Audit, Governance & Control§Existing Environment Assessment§Discover and Evaluate Current, Planned & Desired DDIServices and Functionality§High- & Low-Level Designs§Solution Deployment, Testing & Migration ExecutionArchitecture, Engineering, and Project Management48Managed Services§Draft Conceptual-, High- & Low-Level Designs to MeetCurrent & Future Requirements§Day 2 Delivery§Monitoring & Incident ManagementUpgrades, Patching & Custom Script Development§OEM & RMA Liaison§Installation, Configuration & Data Migration§Database Backups, Reporting & Capacity Planning§Transformation of Existing Solutions§Software Updates & Upgrades§Development & Implementation of Test Plans§Self-Service Portal§Customer & Solution Specific Project Plans§Business-as-Usual Changes§Technical Account Management InfobloxInc. All2020 PCN,Inc.rights reserved.48
Next StepsInfoblox Resources Datasheet – DDI for Cloud and VirtualizationSolution Note – vNIOS for Nutanix AcropolisHypervisorBlog – Top 6 vNIOS Use Cases for OptimizingPublic Cloud InvestmentDeployment Guide – Infoblox Cloud Platform andCloud Network AutomationInfoblox Provider for Terraform User Guide1.408.986.4000 info@Infoblox.comPCN Resources New Website VAR Pro and Managed Services One Pager DDI Portal One Pager1.267.236.0015 info@pcn-inc.comDeployment Guide: Infoblox Cloud Platformand Cloud Network Automation49 Infoblox Inc. All rights reserved.BR/JNContact PCN for additional Infobloxinformation and special deals
ALLQ&A50 Infoblox Inc. All rights reserved.
51 Infoblox Inc. All rights reserved.
BR/DCPrivate Cloud: OpenStack Integration52 Infoblox Inc. All rights reserved.
BR/DCInfoblox OpenStack AdapterEnables Infoblox Grid to provide DNS, DHCP, and IPAM(DDI) for OpenStack Networks & VMsInfoblox AdapterInfoblox GridReportingServerAPIGrid MasterGridMemberGridMemberGridMemberDDI ServiceIPIPProject 9IPIPDDI ServiceIPProject 10Non-Overlapping InternalIPsIPIPIPProject 11 Infoblox Inc. All rights reserved.IPIPIPProject 12Overlapping Internal IPsNon-Overlapping External IPs53DDI ServiceIP Manages network creation/deletion Allocates/De-allocates IP addresses for VMs Automatically creates/deletes DNS records for IPs Provides DNS & DHCP services to VMsBenefits Centralized cross-platform (private & public) DDI High Availability Operational efficiency Lower migration cost (physical to virtual to cloud)
Provisioning a VM using OpenStack with Infoblox Integration1 - A cloud admin/user requests a VM to be createdthrough OpenStack Horizon UIBR/DC2 – OpenStack Nova (Compute) calls the Inf
Authoritative IPAM –Empowering Network & Cloud Teams IPAM:Infoblox Grid, IPAM & Microsoft Management overlay & integration On-Premises Discovery: Network Insight for discovery, conflict remediation & provisioning Hybrid, Multi-Cloud Discovery: Cloud Network Automation &
