Transcript The Microsoft DNS Server

Infoblox DNS and DHCP Advantages
LEX Computer Systems
© 2007 Infoblox Inc. All Rights Reserved.
Infoblox Advantages - General

Secure appliance platform
–

Low cost of ownership
–

Runs under any web browser, not just on Windows
Global search
–

Exploits commonalities in configuration of two protocols, ensures consistency between their
configuration
Platform-independent (Java-based) GUI
–

Less administrative effort, less disruption of service
Unified GUI for management of DNS and DHCP
–

Ability to use redundant HA pairs for critical servers
Easier and less frequent patching
–

Easy recovery of services after a catastrophe, elimination of ad hoc DR solutions
Support for VRRP-based high availability
–

Ability to build distributed infrastructure without incurring high administrative cost
Built-in resiliency/disaster recovery features
–

Easier to deploy on hostile networks (e.g., DMZs), more secure physically
Simplifies finding data in arbitrary zones or lease pools
Recycle bin
–
Allows easy recovery of accidentally deleted data
© 2007 Infoblox Inc. All Rights Reserved.
Infoblox Advantages - General (cont.)

Hierarchical configuration
–

IPAM functionality
–

–
Easier troubleshooting of problems with a standard set of tools
SNMP (MIB and trap) support
–

Visibility into what administrators have done, when, and compliance with regulations (e.g.,
Sarbanes-Oxley)
Extensive logging
Built-in troubleshooting tools
–

Ability to safely delegate management of zones and networks to help desk, operational personnel
Audit logging
–

Ability to easily manage an organization’s entire address space
Fine-grained authorization
–

Simplifies configuration of parameters common to most DNS servers or DHCP servers in an
organization
Integration into existing SNMP-based monitoring systems
Support organization deep in DNS and DHCP
–
Highly skilled support staff accessible without multiple levels of escalation
© 2007 Infoblox Inc. All Rights Reserved.
Advantages of the Infoblox DNS Solution

Secure Dynamic Update support without a Domain Controller
–

Support for member-based management and member-independent management
–

Ability to build very resilient name server infrastructure
Support for Zone Locking
–

Ability to securely combine name server functions and to serve multiple versions of a single zone,
even across multiple name servers (unique to industry)
Support for anycast
–

Much easier handling of en masse changes of authoritative name servers
Support for views
–

Secure DDNS updates from Windows computers
Support for NS Groups
–

Better security for zone transfers to and from remote name servers
Support for GSS-TSIG
–

Required on many Internet-accessible name servers (e.g., forwarders, external authoritative name
servers)
Support for TSIG
–

Easier delegation of low-level data management to operations, help desk
Support for query, recursive query and zone transfer ACLs
–

Ability to separate DC and name server, thereby compartmentalizing risk and disentangling
maintenance schedules
Allows operators to “own” the zone while making changes to avoid double edit issues
Support for disabling zones and records
–
Allows zone to be created but not activated or to be made inactive without deleting
© 2007 Infoblox Inc. All Rights Reserved.
Advantages of the Infoblox DNS Solution (cont.)

Support for Shared Records
–

Support for incremental updates
–

Allows administrators to configure and enforce organization-specific host naming rules
Selection of authoritative name servers and forwarders based on roundtrip time
–

Standard mechanism for logging across a network, works with third-party log analysis tools
Configurable host naming restrictions
–

Ability to filter out nuisance messages, select critical messages
Support for syslog, including remote syslogging
–

AAAA records, dual IPv4/v6 stack
Extensively configurable logging
–

Configurable address responses to direct clients to the closest instance of a network resource
IPv6 support
–

Changes made in the GUI only result in IXFR to external (non-Infoblox) DNS servers
Support for sortlists
–

Elimination of redundant administration when records appear in multiple zones
Better name server performance and greater resilience in the face of network and component
failures
Credibility mechanism for protection against cache poisoning
–
Better resistance to pharming attacks
© 2007 Infoblox Inc. All Rights Reserved.
Advantages of the Infoblox DHCP Solution

Support for DHCP Failover
–

Lease history
–

Easier reconfiguration when network changes
Easier and more complete access to DHCP statistics
–

Streamlines creation of new DHCP ranges
Support for joining/splitting networks
–

Ability to restrict leases to only known clients
Templates for easy duplication of common network configurations
–

Easier support for VoIP phones
Support for filtering (based on MAC address, relay agent, option)
–

Ability to track history of address assignment, possibly for compliance
Easier configuration of custom DHCP options
–

More resilient DHCP service
Better visibility of state of network, easier detection of range exhaustion
Support for member-based management and member-independent management
–
True global management, without being forced to remember which DHCP server serves a
particular range
© 2007 Infoblox Inc. All Rights Reserved.
Advantages of the Infoblox DHCP Solution (cont’d)
– Support for converting dynamic leases to static and back
 Streamlines common administrative tasks
– Name collision detection
 Elimination of inadvertent deletion of important domain names
– More flexible handling of dynamic updates
 More options when choosing how DHCP clients are registered
– Detection of overlapping ranges
 Elimination of potentially disruptive configuration mistakes
© 2007 Infoblox Inc. All Rights Reserved.