“The ability to simplify our DNS load balancing operations was a big factor in our choice; Infoblox is the only DDI vendor we looked at that integrates this.” — Jason Seager, Network Solutions Manager, The Hershey Company
In July 2015, Hershey undertook a major project to replace its existing DNS and DHCP management solution. “We were having a lot of problems with the old platform,” says Jason Seager, manager of network architecture who is responsible for the implementation of Hershey’s global network. “Our systems were outdated, presenting a challenge to our business. We had to act.”
Market Leadership and Functionality
After assessing available DNS, DHCP, and IP address management (DDI) solutions, Seager and his team selected Infoblox. “Infoblox is the market leader in DDI,” he says, “with 50 percent market share. That’s a big plus, because it helps us feel confident making Infoblox a key partner.”
Solution features that led to the teams’ selection included a granular role-based interface that increases operational efficiency and gives the security team more visibility into who’s doing what, the ability to block malicious sites and identify infected devices, and a hands-off upgrade capability that he says has saved at least two working days a month. “Whenever we upgraded the old system,” he says, it was always an eight- to ten-hour call with the vendor’s support, trying to get it back up and running. Infoblox is very simple, very easy to maintain, and we’re very pleasantly surprised about that.”
Infoblox DNS Traffic Control
The feature that impressed Seager most was Infoblox DNS Traffic Control (DTC), which consolidates DNS capabilities and global server load balancing onto a single platform and uses the DNS query/response mechanism to return the IP address of the ideal server based on client and server location and server availability. “The ability to simplify our DNS load balancing operations was a big factor in our choice; Infoblox is the only DDI vendor we looked at that integrates this,” he says.
Seager explains how Infoblox—with its ease of support and single point of management for all things DNS—yielded a significant improvement over the solution it replaced. “While our load balancing solution worked,” he says, “it was cumbersome; the server had to forward all requests and it was difficult for our operations team to support. In addition, when we were trying to do DNS load balancing, we were receiving the request directly from the DNS server, rather than directly from the user—making location-based DNS load balancing impossible.”
Armed with the ability to direct users to the closest data center or application, DNS Traffic Control has increased overall company performance. “Users in Asia no longer have to come all the way back to the United States to get an application. They can hit the Asia data center through DTC.
Another business value is disaster recovery. In the event of an outage in our active data center, we can use DTC to send the workload to an IP address at our disaster-recovery site.” Seager hopes to improve this capability further by using Infoblox Extensible Attributes for location instead of hard-coding subnets, to simplify configuration.
Part of a Bigger Picture
The DTC intelligent load-balancing solution is one component in a concept Infoblox calls “Actionable Network Intelligence,” a key benefit delivered by Infoblox solutions working in concert, using Infoblox’s position in the network. Because Infoblox sits at the core and sees both east-west and north-south traffic, and gathers data from any device and network, it can use that rich network data to provide valuable insights.
The intelligence includes network information drawn from sources such as Infoblox DNS, DHCP, and IPAM products and aggregated, verified threat intelligence on DNS attacks, DNS-based malware, and DNS-based data exfiltration attempts, enhanced by monitoring, reporting, and analytics.
From Reluctance to Delight
Seager concludes, “The team wasn’t looking forward to a major change; obviously there are always concerns around a big implementation. But we used Infoblox Professional Services, and they had a good plan for the cutover, so we were all very confident. The cutover went extremely well and everybody was pleased with the transition across the board. When the migration was completed and Infoblox was working without problems, everyone from our senior IS leadership all the way down was extremely happy, and everyone felt that we had made the right choice in selecting Infoblox.”