Infoblox – Redefining Network Services in the Multi-Cloud Era

On this episode of Six Five On the Road, host Patrick Moorhead is joined by Infoblox’s CEO Scott Harrell, for a conversation on redefining network services in the multi-cloud era.

Their discussion covers:

  • The evolution of network services in response to the demand for cloud solutions
  • Infoblox’s strategic approach to navigating the multi-cloud landscape
  • Future trends in networking and cloud technologies

Learn more at Infoblox.

Transcript

Patrick Moorhead: The Six Five is On the Road and we are here talking about my favorite topic, and that is multi-cloud fabrics. The public cloud is 15 years old, roughly. Kind of in that cranky teenager stage. But, things are maturing. But, if there’s one thing, and my firm called this 10 years ago just because we knew it is what enterprises wanted, they wanted to address multiple clouds using this fabric to cut across all of them. That includes DDI. That includes security. And, pretty much every other service that an enterprise uses. It’s my pleasure to bring in a previous Six Five guest here, Infoblox CEO, Scott Harrell. Scott, welcome back to the show. Great to see you.

Scott Harrell: Thanks so much, Patrick. It’s awesome to be here. Really enjoyed my last visit and I’m expecting the same for this one.

Patrick Moorhead: Yeah, totally. I guess it was a good result for you and I appreciate you coming back on the show. Scott, in the lead-in, I talked about the call that we made 10 years ago. I think we were called cloud deniers. There’s schools of thought that say, “Hey, load up on one cloud provider. You could get the best pricing. You have to have less stacks and less people to address all of them.” But, listen, the enterprises have spoken. And, I know you did a body of research that showed crystal clear with what we have been espousing for years. And, that is that enterprises used two or more public cloud providers as their infrastructure. By the way, that’s in addition to what they’re doing on-prem, at the edge, in colos, sovereign clouds, all that. But, hey, let’s talk about some of the complexities, operational challenges, organizations are facing today in this context of multi-cloud.

Scott Harrell: Yeah, I think you said it well too, Patrick. It’s not just even multi-cloud, it’s also the on-prem doesn’t go away. I speak to customers all over the globe, much like you do. And, they all are struggling with this. And, how do they actually bring all this together? They don’t want to move away from cloud native services in many cases, but they need a way to tie that together with the on-premise infrastructure that they have in a cohesive way. As a result, right now, a lot of them are suffering from a lack of unified management, invisibility, a lack of simplified automation and embedded security. This can slow down operations. It can create opportunity for critical errors. It is a really big deal for a lot of customers.

Patrick Moorhead: It really is. It’s like any technology or anything, there’s a sense of maturity. Even though I called the public cloud a cranky teenager that’s 15 years old, it is maturing. The customers have spoken and they are tired of standing up pretty much two separate teams, DevOps, sec, compute networking, security, everything. It’s inefficient. And, in many cases, it introduces even security challenges. So, it’s really good to see.

Scott Harrell: I think you’re absolutely dead on. I was talking to a customer a while back when we were starting our journey. I’ve been in Infoblox now 18 months. And, one of the things that we were talking about is a major bank and they were talking about it’s just taking them too long. It’s taking them weeks to get from development to production. When you dig into why, it’s not because the application’s not ready. That got sped up by moving to the cloud. There’s lots of new tools, lots of new systems. It’s great. It’s a great development environment. But, when they were ready to move, cloud ops had to work with net ops, had to work with sec ops. A lot of times, that was not as simple as it might seem. Even if they were doing a single cloud, they emphasized there was multiple regions. They had multiple availability zones. They needed to design for redundancy. And, it all needed to be synced with the on-premise infrastructure.

The way the teams were communicating with each other was largely via service tickets. Many of the processes, you probably hear this one all the time, and many of the processes and checks were still manual. The net of it was IT was not moving at the speed of the developer, and was holding back the innovation cycle of the business. Customers really need automation solutions, as you said, like a cloud fabric that can span their hybrid multi-cloud environment and automate across the cloud native services, across the on-prem network services, and just make it easy and make it seamless to deploy, seamless to manage, seamless to have visibility.

Patrick Moorhead: Scott, you and your team, you’re meeting with all these customers. You’re getting all this feedback. And, like we would expect from Infoblox, we spent a lot of time with each other. You have cranked out three new offerings to try and address all of these challenges. By the way, congratulations.

Scott Harrell: Thank you.

Patrick Moorhead: It’s a big day. Can you take us through the three offerings?

Scott Harrell: There’s three new components of this suite, and they really go after addressing some of these challenges we’ve seen. The first is going after that core challenge we just talked about, which is the simplified management and automation for DNS, DHCP and IP address management across a customer’s hybrid multi-cloud estate. We provide a SaaS-based management layer that works seamlessly across Infoblox, across cloud native services, and third-party DNS and DHCP systems. It is quick to deploy and get value from. The solution we’ve named it is, appropriately, because it covers kind of everything, is Infoblox Universal DDI Management.

Patrick Moorhead: Cool.

Scott Harrell: We’ve been trialing this with customers and the feedback has been amazing. For instance, a major retailer that we worked with in the early trials see significant opportunities in being able to consolidate the multiple DNS tools they were working across with the different cloud providers and their own into a single interface, into a single set of APIs, and a single set of semantics that they can develop against. This greatly simplifies the automation for them and allows them to unify workflows across network and the server and the cloud teams. And, have a much more cohesive, simple and automated workflow as opposed to utilizing the service ticket side. That’s number one is Infoblox Universal DDI management.

The second big thing is what we refer to as Infoblox Universal Asset Insights. This one’s actually been even more well-received than I would’ve guessed initially. Yes, an insight allows customers to move away from… A lot of times, they’re still using manual tracking methods for assets, whether it’s spreadsheets or whether it’s some other mechanism that they’ve created. That’s just prone to errors, prone to bad data. Instead, we’re providing them a single robust view of on-prem and cloud assets. This is really key. Because, there’s tools out there that do one or the other. There’s really not many people that do both, if anybody. And, especially to do it well.
This combines our stateful knowledge of an enterprise assets with our rich DNS and DHCP data.

And then, we’ve added on top some AI-based techniques to provide insights based on what we can know from combining all this stuff to help customers optimize and take action in their environment. A good example of this is from our early field trial programs, is there’s an American global media company, it’s hundreds of offices around the world, has three cloud environments plus their on-prem. They brought this and they put it in and they trialed it. Within the first 30 minutes of installing it, they discovered 130,000 assets, some of which they knew about and many which they didn’t. That really changes their whole operational model and lets them make much better decisions.

Patrick Moorhead: Does not sound very secure, Scott, to have assets you didn’t know that were out there that are connected to the network.

Scott Harrell: This has been a security problem for a while, people think about security oftentimes of what’s the current state of something. Is it being actively attacked? But, there’s also the de-provisioning of things, particularly in the cloud, that never happens or it doesn’t happen properly. That has two issues, and we can help with insights on both of them. One is you could be wasting resources. Because, if you don’t de-provision something, the cloud provider’s still going to charge you for it. That’s a multi-billion dollar problem across enterprises today. They don’t have a good way to monitor and actively prune workloads that aren’t being used. Well, we know with DNS exactly what’s being used and we can help customers see what can be pruned. Because, if you have a workload that hasn’t had traffic to it for three months, six months, whatever you want to set as a metric, chances are it could be de-provisioned.

The same thing, though, when you de-provision, a lot of developers don’t think about things like the DNS infrastructure and they leave the domains hanging. That becomes a part of your attack surface, now, that can be compromised and be used by attackers. And, it will look like a legitimate address because it’s actually one of your own. So, it could become a big security problem. Yeah, you’re absolutely right. It is a problem. That’s the second element, this universal asset insights. The third is something that I got a lot of feedback when I started about and, give the development team credit, is they came up with a really creative way to do this is what we call Infoblox NIOS-X as a service. What’s really important here today is most companies, when they want to deploy their own DNS or DHCP protocol server, they have to actually put down a VM or they have to put down a piece of hardware to host a VM. That’s something that people don’t want to do. They don’t want to have VMs in the cloud they don’t need. They don’t want to have VMs on-prem they don’t want or don’t need more. More increasingly, they want to have things as a service.

The way it came back in a lot of the early conversations from customers was, “Hey, can you put this on a router? Can you put this in a switch?” But, at that point, you’re still having to manage that infrastructure. What the team came up with is a really creative way to create the protocol server as a service. What this means is we run it for the customer. They don’t have to host anything. And, we can interconnect it with the cloud via private links or we can host it for them for their remote sites. That really simplifies the operational model tremendously. One of our customers that was trialing this is a major airline. And, if you think about an airline’s operational environment, they have a core centralized data center just like everybody else. Historically, this was a really great customer for us. It is a really great customer for us. They had a huge cluster of NIO servers and redundant data servers in the US. So, if you were in the US, you had great performance. You saw really good response times on everything. If you were not, it could be mixed, especially depending on what the WAN links are locally to you and how far you’re trying to transfer us back to those servers.

What they really wanted is, as an airline, they have sites all over the world. You think about the operation facilities, they’re everywhere. That’s the nature of the business. But, they don’t have IT staff everywhere. And, they don’t have necessarily well-maintained closets or infrastructure places to put infrastructure everywhere. So, they wanted the ability to provide DNS, DHCP services as close to those sites as possible. But, no hardware, no VMs. With this service there, they can see that they’re able to provide that and provide that better outcome for the customer. Those are the three things. It really comes back to universal DDI management and how do we manage this hybrid fabric, as you said. Infoblox Universal, Asset Insights, and then Infoblox NIOS- X as a service, those are the three big pillars of the new launch.

Patrick Moorhead: Yeah, it’s interesting. Two keywords, my takeaway, and we did write a paper about this, which hopefully you’re going to check out. We’ll put in the show notes. But, universal, to me, means wherever you have your infrastructure and assets. Whether it’s on-prem, in the public cloud, in a colo, it’s universal. The other thing about universal is I’ve never met anybody in IT who said they needed more tools. In fact, they want less tools that do more and they want them to be consolidated. I always snicker when I hear single pane of glass. Single panes of glass, they don’t exist. It’s less panes of glass as you look across them. Universal, I love the way you named it. The second keyword for me is as a service. There’s so many things going on. Life and technology is so complex. Enterprises have this generative AI thing on their back. IT and the board of directors, they want action. Oh, by the way, we want it to be more secure at the same time, and you need to do more with less. As a service function, there are a lot of IT buyers who they want the easy button. Give this to me as a service. Those sound very exciting. Again-

Scott Harrell: Well, I think the other piece of that as-a-service element that naturally comes is speed. Like every IT group that I work with, to your point, is stressed from a resource point of view. And, they’re being pushed to go faster and faster as an organization. One of the cool things about the as-a-service model is we’ve seen customers stand up a protocol server, which classically was not an easy task, in five minutes. And, they can do it in India when they’re sitting in the US or wherever they might have a site. That power of being able to do that fast and then adapt quickly is really important.

Patrick Moorhead: Scott, in the end, the grand purifier is delivering value. Great tech is great. I love tech. I get really excited about great tech. But, in the end, for businesses, it’s about delivering business outcomes. Great technology leads to IT outcomes, which if properly implemented and strategized leads to business outcomes. Lowering cost, increasing revenue, speeding up, better connectivity with your customers. As we said before, it’s more and more and more for IT. I want more for less, or a lot more for the same here. What are some other ways that you’re breaking down these silos? I mean, one silo that comes to mind is between networking and security. That’s one, right? You intimated about streamlining operations, automating, accelerating the deployment of new and modern applications. I know we talked a lot here about these three new products. But, what else are you doing here to really get at those business outcomes that you could get the CIO and the CEO and even maybe the business units excited about?

Scott Harrell: Yeah, I mean, at the end of the day, our mission really is to unite the cloud network and security so customers can move faster with confidence. This is, at the end of the day, what businesses want to be able to do. They don’t want trade-offs. They want to be able to go fast, but they don’t want to make mistakes and they don’t want to have security issues. They don’t want to have breaks in resiliency. Those are all critical to a modern business. Our passion really stems from the belief that DDI is fundamental to the customer’s operations. We strongly believe that by providing an open architecture that works seamlessly across Infoblox, cloud native and third-party protocol servers, we can provide fast time to value while simplifying and enabling our customer’s goals around automation, resiliency, and security. You asked about security in particular. This is a passion of mine and it is a big area of focus for the company, is like a good example of this is as we discover all these assets and we become the state for repository of all those assets in your environment, anything that you basically own an IP address for, that’s valuable information to any security system.

And, it really can help in response. We don’t even talk about being a DNS detection platform. We talk about being a DNS detection response platform. Part of that is we want to help… We know we can help stop threats and we can prevent threats and we can be proactive in that. But, we also know the reality is threats are still going to happen and they’re still going to get through. How do we make it faster to respond? Classically, in organizations, when a SecOps needs to know what an IP address was on Tuesday at four o’clock, they have to open a ticket. And, NetOps goes and tries to figure that out. We can automate all that. We can pre-populate systems like the SIM that might be needed by the IR team to make that happen. We can make things like vulnerability tools. Scanners work better. There’s no need to recursively scan an entire network. If I know that something new has come onto the network, I can isolate that and scan that, and that can make it a much more efficient, much more effective tool from a vulnerability scanner point of view. These are just some examples of how we’re bringing these systems together.

I think when you think about NetOps and CloudOps teams, classically, a NetOps team wants their own tool. But, CloudOps teams wants to use the cloud native services. What we’re really helping do is bridge those two desires and say, “Hey, listen. For NetOps, we recognize you need to be able to have visibility and automation across that hybrid cloud fabric. But, some CloudOps teams are going to be happy to let you take over the DNS services and the DHCP service. Some are going to want to stick with Route 53 or Azure DNS.” You need to be able to accommodate them and be able to bring a layer of the top. Or, you may do an acquisition as a company and you need to integrate that quickly. That can’t be predicated on, “Hey, listen. Let’s change your entire architecture to make that happen.” Instead, I want to have a simple way to come over the top and integrate with whatever you might have and allow you to onboard that acquisition really fast, but still provide the same level of visibility and control and security that I might want to assert. Because, now, they’re part of my company and part of my reputation.

So, we believe as we look forward that the NetOps, the SecOps teams, the CloudOps teams, have to continuously come together closer and closer. And, we need to enable them to operate as a single unit. For companies that are able to do that, they will have a distinct competitive advantage. They will be able to deliver more applications faster, better integrated acquisitions like I just talked about, make fewer costly errors that lead to downtime. Or, worse yet, breaches which impair a company’s reputation. And, at the same time, free up the scarce IT resources that are needed to innovate and propel companies forward. If you can do that faster than competition, you will win more. We believe that, at Infoblox, the universal DDI suite that we just announced can be a critical component in helping our customers move faster with confidence. That’s really what we’re after and what we’ve really designed for so that they can win more often in their markets.

Patrick Moorhead: Yeah. Scott, this has been a great conversation. I think we could probably talk for another hour and swap client stories here. But, anyway, I really appreciate you coming on here. You know what’s interesting? My firm, we collapsed our security and networking teams together about five years ago. We saw the connectivity there, and that’s exactly what you’re doing here at networking’s most fundamental layer. And, the ability you are meshing networking and security together as well, and layering on top of that universal DDI management, Universal, Asset Insights, NIOS-X as a service. It looks to us, and you can read our white paper that’s attached, you are creating big value for your current clients and potential clients in this generative AI age. Again, we’re finally at the point where everybody agrees multi-cloud is a reality. Let’s support that. We’re even seeing in our research, the public cloud companies lowering their moats and allowing their customers to more easily jockey between different clouds, whether that’s free egress and ingress, data sharing. But, this is all happening and it’s super exciting, Scott. Thanks so much for coming on the show.

Scott Harrell: Thanks for having me, Patrick. I think those are all well said. Yeah, we’re seeing a lot of that in our customers and part of where there’s a lot of this design and where we aimed at was based on the feedback we hear from folks like yourself and the advice we get from you and your team. But, also, of course, directly what we hear from our customers. Really appreciate the time and thank you to the viewers who also watch this.

Patrick Moorhead: Absolutely. Thank you for tuning in for this episode. The Six Five On the Road talking about my favorite topic, and that is the hybrid multi-cloud, and the fabrics that make it happen. We just heard from Scott talking about three new products, two new products and one service. Actually, three new services. They’re brought out in capabilities.

Scott Harrell: They’re all as-a-service.

Patrick Moorhead: Exactly. Check out our white paper in the show notes written by Principal Analyst of both networking and security, Will Townsend. Anyways, thanks for tuning in. Check out all of the analysis that we’ve done on Infoblox and all around networking and security. Take care. Thanks for tuning in.

Other Categories