Reinventing DDI for the Hybrid, Multi-Cloud Era
Six Five Media is live for a segment on network management within hybrid & multi-cloud environments! Host Steven Dickens is joined by Infoblox‘s Chief Product Officer, Mukesh Gupta, for a conversation on reinventing DDI (DNS, DHCP, and IPAM) solutions for modern hybrid and multi-cloud environments with their new Universal DDI Product Suite.
Their discussion covers:
- The evolving landscape of DDI management in hybrid and multi-cloud environments
- Key features and innovations within the Universal DDI™ Product Suite
- How Infoblox’s solutions are designed to meet the needs of modern enterprises
- The importance of scalability and security in DDI solutions for businesses today
- Insights into future trends in DDI management and cloud infrastructure
Learn more at Infoblox.
Transcript
Steven Dickens: Hello, and welcome. I’m Steven Dickens. You’re joining us on another episode of The Six Five Webcast. I’m joined today by Mukesh Gupta, chief product Officer of Infoblox. Mukesh, welcome to the show.
Mukesh Gupta: Thank you, Steven.
Steven Dickens: Tell me a little bit more about Infoblox, because fascinating company from the analysis I’ve been able to do and the briefings you’ve had me on. But maybe share a little bit more with our listeners.
Mukesh Gupta: Sure. As you said, we are a 25-year-old company. We invented the DDI market. DDI stands for DNS, DHCP, and IP address management. Your viewers may not know what those things are, so let me just quickly explain them. DHCP is a protocol that allows any device to get on a network by getting an IP address. That’s a fundamental thing you need before you can join any network. DNS is a service that resolves the friendly domain names that you type in your browser, like google.com, into IP addresses so that these devices can connect with each other. IP address management is a way to manage all of the IPs and subnets an enterprise owns. Those are the three things.
Infoblox figured out that these critical network services are delivered more effectively if they were integrated into one platform. That’s why we built an integrated DDI solution. It’s been extremely successful in the market in the last 25 years. We have also found a unique approach to using DNS to protect enterprises from cyber attacks. We are also a leader in DNS space cybersecurity protection. We have about 13,000 customers globally. I think 90% of Fortune 100 companies use Infoblox, 75-plus percent of Fortune 500 companies use Infoblox. It’s a pretty successful company that not a lot of people have heard of. Our vision is to deliver a unified platform for DDI and security for hybrid multi-cloud enterprises. A platform that brings the net ops, cloud ops, and sec ops teams together, and allows them to move fast while staying secure.
Steven Dickens: I think, from the ad tracking in the market, I think the interesting thing for me, and you touched on it really briefly in that segment there, is how you’ve brought these three areas together. From what our analysis looks like, I don’t see anybody else doing that. Am I getting that right, Mukesh? Is that the right way that customers in the market should be thinking about what you’re doing, bringing those three areas together? Is that where the differentiation sits here?
Mukesh Gupta: Yeah. With the Universal DDI platform that we just launched, there’s several unique things we are doing that no one is doing in the industry. First, we are delivering Universal DDI as a SaaS service. None of the DDI players in the market do that. They all have hardware or software appliances. That’s unique about Infoblox. Second, our SaaS solution delivers this cohesive DDI management for not just our own DNS and DHCP servers, but it can also manage third party DNS servers. Such as Amazon Route 53, Azure DNS, GCP DNS. So that cohesive management piece delivered as a SaaS is also very unique in the market.
Third, we have a wide variety of options for the DNS and DHCP servers. We have hardware appliances, virtual appliances, which we have had for many years. But a brand new DDI as a service option we just launched that’s very unique, and no one in the industry is doing that.
Fourth, Universal DDI has this comprehensive asset visibility across all public clouds and on-prem networks. Asset visibility is extremely critical for DDI and security. That’s also part of the platform. Lastly, we have DNS-based security we call Infoblox Threat Defense, built into the platform as well. This, of course, is not new. We have thousands of customers using this capability. But no one has really integrated that DNS-based security deeply into the DDI platform, and we did that. That’s also unique. There are a whole bunch of things that we are doing that are fairly unique in the market.
Steven Dickens: Mukesh, I know you speak to customers a lot. Obviously, as the chief product officer, you’re getting that feedback. 13,000-plus customers, really high percentage of the Fortune 100. What are you hearing as they adopt the Universal DDI suite? What are you hearing from those customers? What are the big themes that they’re struggling with? I’d imagine, based on some of the things they’re talking about, just the sheer complexity of the hybrid multi-cloud world we now operate in.
Mukesh Gupta: Yeah.
Steven Dickens: From our research, a lot of enterprises are operating in three or more clouds.
Mukesh Gupta: Yeah.
Steven Dickens: They’re consuming services from SaaS players, from infrastructure players. They’ve got on-prem, on-prem in other data centers, like Equinox and Digital Realty. What are you hearing around those big themes?
Mukesh Gupta: Yeah. Of course, I talk to a lot of customers, and especially around Universal DDI. We had around 25 to 30 customers, for the last few months, they’ve been testing Universal DDI under our early access program. I can share some names, not everything. But Unity Point Health, Omnicom, these are some of the customers that have been testing Universal DDI.
The problems we are solving, and I’ll explain these problems to you, with Universal DDI are very critical problems as these customers move to cloud, adopt hybrid cloud infrastructure. The solution we have built has been really resonating with them. I’ll explain some of these problems to you. The first is, as these customers move to cloud, the cloud teams have strong preference for using the native DNS systems that are built into cloud, so Route 53, Azure DNS, GCP DNS. Invariably, every customer I talk to ends up with four to five different DNS systems. Because on-prem, they’re using Infoblox, Microsoft, or BIND. You end up with lots and lots of different DNS systems.
Each one of these systems have different UI, different API, different automation terraform providers. It not only increases the cost of management and automation, some of these customers have had big outages because of human errors. Because when you have multiple different systems, the probability of you making a mistake significantly goes up. People have had many outages because of that. What we are trying to do with Universal DDI is we solve these challenges by giving them a single management plane. You can manage all of these different DNS systems from one UI, one API, and one terraform provider. That’s the first problem. The second problem is around the IP address usage in cloud. Cloud teams often ask for these large blocks of IPs from the network team. The network team has no idea how they’re being utilized.
Steven Dickens: Yeah.
Mukesh Gupta: The utilization of IPs in cloud can be as low as 10%. I’ve heard that in Kubernetes environments, it can drop to .1%. That’s a lot of wastage of precious IP space, because the network team just doesn’t have any visibility into them. An even bigger problem that I’ve heard is sometimes these cloud teams would start using subnets and IPs without even asking the network team. That creates IP conflicts. Several of these customers have had application outages caused by these conflicts. Universal IPAM and asset insights that’s part of Universal DDI, it can address these challenges by providing the network team full visibility and management of the subnets and IPs across their entire hybrid multi-cloud environment. The third problem I think that comes up pretty often is stale DNS records. This is a security related problem. Cloud teams would often ask for DNS entries when they create new applications in cloud. But then, when they destroy it, they totally forget to clean up these DNS records, and these records are sitting there in the DNS system. These stale DNS records can cause very serious security problems, because the hackers can take over these domains that you have these records for. They can put up their malicious websites there. That’s a big problem that asset insight solves by discovering these things and automatically cleaning up these DNS records when things go away.
One last problem that a lot of these customers are facing is they’re trying to get rid of infrastructure from their branches. This trend is accelerating because of the VMware Broadcom merger, because a lot of customers are trying to get rid of VMware from these branches. They are looking for a DDI solution for these branches without deploying any infrastructure at these branches. That’s why we built DDI as a service. DDI as a service is a perfect fit for this use case. One of the EAP customers is a large airline. They are trying to deliver DDI services close to the airports, because they operate at hundreds of airports. But they don’t to deploy any infrastructure at these airports. That’s the use case that they tried under EAP. All of these use cases our EAP customers have tried and the solution is really resonating with them. A bunch of customers actually called Universal DDI a game-changer. This is why we picked the theme for our launch event, The Game Has Changed. It’s actually coming from the EAP customers.
Steven Dickens: I think the takeaways for me there. Complexity, lots of different UIs and interfaces for network teams. Some of this can lead to outages, can lead to security implications. I think the takeaway for me is three of those core areas coming together into one suite. Am I thinking about Universal DDI right? Can you summarize what’s offered in this new suite? You guys have been in this space for a while, obviously we’re into the 25th year of the company. How should customers be thinking about this Universal DDI product suite and what’s new here?
Mukesh Gupta: Sure. Universal DDI product suite includes the following things. We have Universal DNS management of not just Infoblox, but third party DNS servers, like Route 53, Azure DNS, GCP DNS. It has Universal DHCP management, so you can manage DHCP across not just Infoblox, but Microsoft for example. It has Universal IPAM that delivers IP address management across all public clouds and on-prem environments. Those are the three DDI management things. We have Asset Insights, which can discover and track assets comprehensively across all public clouds and on-prem networks. It’ll analyze these assets, and then deliver unique networking and security related insights. That’s why we call it Asset Insights. Those are the four things on the management side of Universal DDI.
Then we have three form-factors for the protocol servers, to serve the DNS and DHCP protocols. We have hardware and virtual servers, which we have supported for many, many years. What we are adding as a brand new option under those protocol servers is this DDI as a service, which can be deployed in minutes. We’re leveraging public cloud infrastructure for this, so we can be really close to the locations that customers have. But they don’t have to deploy any infrastructure to run this, so they just need to launch it and they start using it. Universal DDI has all of these things. It is delivered as a SaaS service. Customers can deploy all of this without having to deploy any appliances. The platform has cloud scale. And because it’s SaaS, we’re continuously delivering new releases, new functionality, and new value to customers. It’s a pretty comprehensive set of DDI capabilities. Customers can choose any combination of DDI they need for their hybrid enterprise.
Steven Dickens: I think the takeaways for me, Mukesh, is the scale and breadth, and that SaaS offering component. Two crucial things that I think are going to resonate with clients. Mukesh, tell us what this offering means for the net ops, the cloud ops, and sec ops teams. A lot of silos there, a lot of friction of how those teams work together. How’s the Universal DDI suite simplifying those interactions and making it easier for those teams to work together?
Mukesh Gupta: Sure. As I highlighted earlier, the challenges that I’ve talked about, they’re experiencing these challenges because of these silos that these three teams have. Universal DDI is trying to break these silos down and bring these teams together. I’ll give you just a few examples. By allowing cloud teams to use native DNS while providing centralized visibility and management of all of them to the net ops is one way of bringing these teams together. Similarly, for allowing the cloud teams the IPs and subnets they need to move fast while giving the net ops team visibility into utilization, and overlaps, and conflicts so they can avoid outages is another example of bringing them together. The sec ops teams, finally. They need security, they need real time visibility into assets. We are providing that to them, so all three teams can work in harmony to do what they do best. By breaking down these silos and allowing these teams to operate effectively together, Universal DDI will deliver a huge benefit to the CIOs and CISOs, as they are trying to move fast, reduce cost, and stay secure on their digital transformation journey. That’s really what we’re trying to do.
Steven Dickens: Lots for customers to be focused on here, with the Universal DDI suite from Infoblox. Thank you for joining me on this episode.
Mukesh Gupta: Thank you, Steven.
Steven Dickens: You’ve been watching The Six Five Webcast. Please click and subscribe, and we’ll see you on the next episode. Thank you very much for watching.