More Related Content
Similar to Network automation seminar
Similar to Network automation seminar (20)
Network automation seminar
- 1. Control Your Network with the
Power of Automation
Matt Gowarty, Senior Product Marketing Manager
© 2013 Infoblox Inc. All Rights Reserved. 1
- 2. Infoblox Overview & Business Update
Founded in 1999 Total Revenue
(Fiscal Year Ending July 31)
Headquartered in Santa Clara, CA
with global operations in 25 countries ($MM)
$180
$169.2
Leader in technology $160
for network control
$140 $132.8
Market leadership $120
• Gartner “Strong Positive” rating $102.2
$100
• 40%+ Market Share (DDI)
$80
$61.7
6,100+ customers, 45,000+ $60 $56.0
systems shipped $35.0
$40
20 patents, 27 pending $20
$0
FY2007 FY2008 FY2009 FY2010 FY2011 FY2012
IPO April 2012: NYSE BLOX
© 2013 Infoblox Inc. All Rights Reserved. 2
- 3. Triggers that are Redefining the Network
MOBILE DEVICE CLOUD /
CONSOLIDATION
EXPLOSION VIRTUALIZATION
SOFTWARE DEFINED
THREAT LANDSCAPE IPv6 TRANSITION
NETWORKS
© 2013 Infoblox Inc. All Rights Reserved. 3
- 4. What We Do:
Innovative Technology for Network Control
END POINTS VIRTUAL MACHINES PRIVATE CLOUD APPLICATIONS
END-POINTS
APPS &
CONTROL PLANE
Historical /Real-time
Reporting & Control
Infoblox GridTM w/ Real-time
Network Database
INFRASTRUCTURE
NETWORK
FIREWALLS SWITCHES ROUTERS WEB PROXY LOAD BALANCERS
© 2013 Infoblox Inc. All Rights Reserved. 4
- 5. What is the Alternative?
END POINTS VIRTUAL MACHINES PRIVATE CLOUD APPLICATIONS
END-POINTS
APPS &
CONTROL PLANE
Complexity
Risk & Cost
MICROSOFT DNS MICROSOFT DHCP VMWARE DNS UNIX BIND QIP
Agility
Flexibility
SCRIPTS COMMAND LINE
INFRASTRUCTURE
NETWORK
FIREWALLS SWITCHES ROUTERS WEB PROXY LOAD BALANCERS
© 2013 Infoblox Inc. All Rights Reserved. 5
- 7. “Time-to-Value” Inhibited by
Complexity Outpacing Resources
Tasks
Make the infrastructure
more dynamic Network Scale
Reduce risk & Complexity
Increase productivity &
network availability
Quantity/Size
Network Increasing
Infrastructure Risks, Costs,
Demands
Delays
Network
Management
Resources
Time
© 2013 Infoblox Inc. All Rights Reserved. 7
- 8. Infoblox Network Automation
Automated Network Discovery Change & Configuration Management
Discover Automate
Maintain Control
Compliance & Policy Standardization Firewall ACL & Rule Automation
© 2013 Infoblox Inc. All Rights Reserved. 8
- 9. Infoblox Network Automation Overview
Real-time & Historical
Analysis
• Network discovery
• Built-in analysis
• Check against best practices Collected Via:
• Detect issues SNMP
• Monitor and manage change CLI/configuration
• Automate change Syslog
Fingerprinting
• Maintain compliance
• Provision ACL & rules
© 2013 Infoblox Inc. All Rights Reserved.
- 10. What’s On and Connected to My Network?
Manual, spreadsheets and/or
scanning tools
– Often out of date
Tight budgets and stretched teams
– Multi-vendor network devices
– Proliferation of IP devices
Ever-changing questions
– What’s on my network?
– Which ports are active?
– Do I need more capacity?
– What device is using which IP?
– When & where did they connect?
© 2013 Infoblox Inc. All Rights Reserved. 10
- 11. Automated Network Discovery
Continuous network discovery
– Layer 2 and 3 characteristics
– IP, MAC, port, VLAN mapping
– Track used/free/available switch
ports
End device tracking
– What MAC/end-device connected
– Where and when did they connect
– Find rouge devices and track
blacklist
Automatic IPAM sync
– Single GUI view of end-points with
IPAM
– Up-to-date extensible attributes
© 2013 Infoblox Inc. All Rights Reserved. 11
- 12. Keeping Up with Daily Change and Configuration
Extensive manual processes
– CLI
– Scripting
Limited functionality
– Configuration scrapes
– Basic change automation
– Vendor-specific tools
Minimal control & documentation
– Limited work-flow
– Admin or nothing access rights
– Massive files require extensive
manual digging and compiling
© 2013 Infoblox Inc. All Rights Reserved. 12
- 13. Change & Change Management
Ongoing management
– Change detection/logging
– Configuration archives
– Simplified searching and side-by-
side comparison
Change automation
– Embedded jobs
– Intuitive templates
– Variable-based jobs
Change control
– User-based access rights
– User-initiated and triggered jobs
– Work flow integration
© 2013 Infoblox Inc. All Rights Reserved. 13
- 14. Is My Network Still Compliant?
Different drivers
– External mandates
– Internal security policies
– Networking best practices
Typically reactive
– When something breaks
– When audit is required
Manually intensive
– Massive log files
– CLI access
– Manually collect, aggregate,
tabulate and present findings
© 2013 Infoblox Inc. All Rights Reserved. 14
- 15. Compliance & Policy Standardization
Embedded expertise
– Common standards and best
practices
– Easily customizable
– Deployment flexibility
Continuous monitoring
– 24x7 issue detection and notification
– Remediation options
– Network scorecard
Simplified reports
– On-demand reports
– Standard and custom options
© 2013 Infoblox Inc. All Rights Reserved.
- 16. So Many Firewalls, So Many Changes, So Little Time
Spike in number of security policy changes
IT headcount not keeping pace
Multiple point products add confusion
Network SLAs impacted negatively
Expensive and diminishes security effectiveness
Firewall
Change
Needed Search Figure Out Determine Compare Request Reconfirm
For Impacted Correct Change to Change/ Correctness
Devices Devices Config Standards/ Implement and
Compliance Manually Compliance
1 2 3 4 5 6
Manual
Network Provisioning Time Hours/Days
LEGACY APPROACH TO FIREWALL POLICY CHANGE IMPLEMENTATION
© 2013 Infoblox Inc. All Rights Reserved.
- 17. Firewall Rule & ACL Analysis and Automation
Leverage automated discovery
Rule and ACL analysis
– Built-in expertise
– Alert on common firewall issues
– Leverage “simple English” interface
Search and alerting
– Powerful search finds vendor-
specific syntax and commands
– Blacklisting and whitelisting options
Integrated provisioning
– Provision actual changes with
rollback options
– Access-based controls
© 2013 Infoblox Inc. All Rights Reserved.
- 19. Dealing with Common Challenges
Growth in number of common changes
– Add network, turn port up/down, VLAN
assignment, new device install
Multiple people/teams needed for many
tasks – inefficient
DNS – DHCP- IPAM Admins
– Manual processes and scripts add to
problem
Different team goals and priorities
– “Just because it’s important to you, doesn’t
mean it’s important to me”
Lack of empowerment
– Sit and wait for others Network Engineers
© 2013 Infoblox Inc. All Rights Reserved.
19
- 20. Empowering Staff
IPAM sync
– Combine end-point and network
data
– Continuously updated
– Single interface
Automated Task Board
– Simplify common changes
– IPAM and/or network changes
– Add records, hosts, addresses,
etc.
– Create subnets, activate a port,
assign a VLAN
– Delegate down but maintain
control
© 2013 Infoblox Inc. All Rights Reserved. 20
- 21. Infoblox Value To Our Customer
Infoblox makes networks more available, secure and automated
• GridTM technology for fault tolerance,
easy updates and one-click DR
• Optimized for enterprise demand & performance
Available • Authoritative source for network data
• Secure hardware form-factor & hardened OS Available Secure
• Designed to minimize vulnerabilities and
attack surfaces
Secure • Common Criteria certified
Automated
• Powerful automation of manual processes
• Reduce change errors & assure compliance
• Save time, money and effort
Automated
© 2013 Infoblox Inc. All Rights Reserved. 21
- 22. Thank You
© 2013 Infoblox Inc. All Rights Reserved. 22