Transcript Building an Authoritative IPAM Database

Authoritative IP Address Management (IPAM)
and its Security Implications
Rick Bylina, Sr. Product Marketing Manager
1 | © 2013 Infoblox Inc. All Rights Reserved.
Today’s Agenda
• What is Authoritative IPAM
• The three pillars of Authoritative IPAM
̶ The role of discovery data
•
•
•
•
•
Improving security with powerful solution
Security use cases
Proactive security measures using the solution
All of IT benefits from an Authoritative IAPM solution
Summary / Conclusion
2 | © 2013 Infoblox Inc. All Rights Reserved.
Authoritative IPAM Requirements
•
•
•
•
•
•
•
•
Integrated protocol data with centralized management
Integrated discovery data for network devices and end-hosts
Metadata assignable to all database objects
Flexible modeling and deep search-ability
Add, move, change & trouble shooting tools
Router, switch, and port access from a single UI (No CLI)
Granular role based administration and approval processes
Historical reporting
Real business data related to a
network resource helps bind
together the logical network
construct and the reality of
enterprise IT resources
3 | © 2013 Infoblox Inc. All Rights Reserved.
Three Pillars of Authoritative IPAM
Authoritative
database of all
network data
4 | © 2013 Infoblox Inc. All Rights Reserved.
Workflows spanning
protocol, infrastructure,
and IPAM data
Direct access to
switch ports enabling
monitoring & control
Authoritative Database of All Network Data
• Centralized management of all protocol data (DNS, DHCP)
̶ Enriched DHCP data with DHCP fingerprinting
• Integrated discovery data for all physical and virtual devices
̶ Layer-2 and layer-3 devices, end-hosts, port and connectivity data
• Automation of virtual and private-cloud infrastructure data
̶ Orchestrator plug-ins for automation
• Meta data tagging of all objects
̶ Your network / your business
Real business data related to a
network resource helps bind
together the logical network
construct and the reality of
enterprise IT resources
5 | © 2013 Infoblox Inc. All Rights Reserved.
Integrated Network Discovery Data
Key to the accuracy and timeliness of the authoritative database
•
•
•
•
Customizable, comprehensive auto-discovery
Layer-2 / Layer-3 and end-host devices
Connectivity and port data
Virtual configuration / VLAN data
The collection and correlation of this
data provides unprecedented visibility,
helping network admins easily gather
the necessary information to analyze
and take the appropriate action.
6 | © 2013 Infoblox Inc. All Rights Reserved.
Integrated Work Flows
• Content-aware workflows traverse protocol, device, port,
and IPAM data
• Scheduling and approval parameters
• Built-in adjustable discovery parameters
• Direct port control within the IPAM workflow
Efficiency and productivity is vastly
improved by having close-loop
integrated work flows that span IP
management, protocol, and device
data all from a single UI.
7 | © 2013 Infoblox Inc. All Rights Reserved.
Direct Switch and Port Access
•
•
•
•
•
•
Integrated control for truly closed-loop workflows
Change port admin status directly from UI
Modify port description / write to the switch
Assign and configure VLANs
Reserve ports / detect reservation conflicts
Comprehensive port inventory
Leverage direct port status control to
ensure ports are turned on only during
provisioning and quickly shut ports for
infected devices to prevent further
disruptions.
8 | © 2013 Infoblox Inc. All Rights Reserved.
A Complete Solution Benefiting All of IT
Workflows spanning
protocol, infrastructure,
and IPAM data
Authoritative
database of all
network-related data
Authoritative
IPAM
Direct access to
switch ports enabling
monitoring & control
A WAREHOUSE OF AUTHORITATIVE INFORMATION
STREAMLINED, SIMPLIFIED OPERATIONS
EFFECTIVE RESOURCE UTILIZATION
9 | © 2013 Infoblox Inc. All Rights Reserved.
Improve Security with Authoritative IPAM
• Unprecedented visibility across the network
• Uncover unmanaged networks and devices
• Quickly locate infected devices
̶ Improve threat response times
̶ Take immediate action / remediate faster
• Enforce network access policy at the edge
• Report on anomalies
Security teams require visibility across
all of the IT team’s assets and
generally are part of the review and
approval process for many adds,
moves, and changes.
10 | © 2013 Infoblox Inc. All Rights Reserved.
Unprecedented Visibility w/ Search-ability
• Complete device and connectivity data
• Easily find and patch known issues
Example: All HP Model 7000 LaserJet printers need a patch
Search data set for:
device type = printer,
manufacturer = HP,
model = 7000
11 | © 2013 Infoblox Inc. All Rights Reserved.
Shut ports for all HP
7000 printers,
distribute patch to all
responsible admins
Test patch, re-enable
ports
Integrated Protocol and Device Data
• Quickly find infected devices
• Compress remediation response times
Example: Malware infected Windows 7 machines launch DDoS
Search data set for: Generate report of
device type = PC,
DNS traffic rates for
OS = Windows 7
the list of Windows 7
devices found
12 | © 2013 Infoblox Inc. All Rights Reserved.
Shut ports for all
Windows 7
machines showing
out-of bounds DNS
rates
Remediate all
infected machines,
re-enable ports
You Can’t Manage What You Can’t See
• Discovery finds unmanaged networks and devices
• Rogue device detection
Example: Exposure to threat from home router use in the office
Ran discovery on
accounting subnet
in attempt to
understand
service outage
13 | © 2013 Infoblox Inc. All Rights Reserved.
An unmanaged
device was
discovered, a home
wireless router with
an open DHCP port
Close the port. Using
port id to correlate the
cubicle - make a very
nasty phone call to the
manager of the individual
Using Authoritative IPAM Proactively
• Reserve ports, set admin status up at time of provisioning
̶ Prevent having open active ports, confirm usage
• Turn on DHCP Fingerprinting
̶ Access control at the edge, logical subnet assignments
• Leverage DNS RPZ for malware detection
̶ Use connectivity and device data to quickly shut off infected devices
̶ Get a quality feed for updates
Being PROACTIVE means
you focus on things you
have control over to make
things better.
14 | © 2013 Infoblox Inc. All Rights Reserved.
Authoritative IPAM Benefits All IT Teams
KNOCK DOWN
THE SILOS
BOOST THE
TEAM’S POWER
IMPLEMENT
CONTROLS
Create and share
an authoritative,
integrated database
Streamline and
simplify operations
with integrated
workflows
Use built-in controls
and leverage
automation
15 | © 2013 Infoblox Inc. All Rights Reserved.
Authoritative IPAM Benefits All IT Teams
•
•
•
•
•
Better data means better decisions
Collaboration drives efficiency, productivity, and accuracy
IT human resources are elevated to more strategic tasks
Improved enterprise service delivery = better user experiences
Overall OPEX is reduced
Not since enterprise wide
solutions like ERP and CRM has
a solution brought the type of
positive change that truly
empowers an organization to
operate at a new level.
16 | © 2013 Infoblox Inc. All Rights Reserved.
Authoritative IPAM Delivers…
VISIBILITY
17 | © 2013 Infoblox Inc. All Rights Reserved.
EFFICIENCY
CONTROL
Thank you
Please Visit our Booth
18 | © 2013 Infoblox Inc. All Rights Reserved.