Infoblox provides critical networking and security services including centralized, secure, and easy-to-manage DNS (Domain Name System), IPAM (IP address management), NTP (Network Time Protocol), DHCP (Dynamic Host Configuration Protocol) and DNS security. Alkira simplifies the integration of these Infoblox services in Cloud Exchange Point (CXP), enabling customers to seamlessly use them in multiple clouds.
With digital transformations and growing complexity in networks to support those transformations, the IP address management, including DHCP, IP Address Inventory, DNS, becomes a difficult task for IT administrators. Moreover, as businesses either expand or move their applications and workloads into multiple clouds, the complexity of adapting Cloud and integrating IP Management services increases exponentially. Security is another concern as businesses move their workloads to the cloud.
Alkira Cloud Networking as a Service (CNaaS), is the fastest way to Cloud. Businesses can deploy Infoblox as a service in Alkira to manage DNS, DHCP, IPAM and DNS Security for their multi-cloud multi-region environments. Some of the Alkira customers are already using Infoblox in their existing on-premises networks, and they can easily integrate Infoblox instances in Alkira CXP to expand and utilize the same services for their growing cloud environments.
Figure 1: Infoblox as a Service in Alkira Exchange Point
Deployment with Native Cloud :
Figure 2: Infoblox in Cloud Service Provider
In a traditional network environment Infoblox is deployed on-premises to provide network services such as DHCP, IPAM, DNS and DNS security. When customers migrate or expand their network to cloud environment, Infoblox instances can be deployed in the cloud. Customers may choose to have the same Grid (group of Instances managed by a single Grid Master Instance) manage Cloud Instances or deploy a new Grid Master in Cloud to manage a separate Grid for Cloud environment. Either way, each instance needs to be manually deployed and configured. Typically, network services are deployed in the model of a Shared VPC/VNET, where same resources can be shared with different customer departments (e.g. staging, testing, pre-production, production, etc).
Problem with this Approach:
Every cloud service provider has different constructs like a routing table, a subnet, an internet gateway, UDR, peering, etc., which work in different ways. When instances are deployed in a multi-cloud environment, managing and operating these constructs becomes even more complex, and it becomes a challenge to have an optimal design.
Shared Services Model Complexity:
Increased complexity when services deployed in a shared VPC/VNET design needs to be shared with resources in different departments in a multi-segment environment.
Anycast Routing Complexity:
Complex Routing configurations to support advertisement and preference of Anycast IP addresses from different regions.
To provide same network services in different clouds, either services are redeployed in each cloud or traffic is backhauled to on-premises.
Figure 3: Alkira CXP With Integrated Infoblox Service
Alkira simplifies deployment of Infoblox networking and security through a single UI page of configurations. Customers can deploy multiple instances of Infoblox, assign them different roles, and implement multi-cloud multi-region design with high performance using Anycast capability of Infoblox.
Figure 4: Alkira Portal UI Configuration for Infoblox
From this single UI, below different design use cases for Infoblox instances in Alkira can be deployed:
Alkira Supported Deployment Models
New Grid in Alkira
Figure 5: Alkira CXP With New Infoblox Grid
Customers new to Infoblox can introduce the service in their network, by deploying Infoblox as a Service in Alkira CXP. Customers can deploy Grid Master, Grid Master Candidate and Grid Members within Alkira for centralized IP management services.
Existing Infoblox Grid
Figure 6: Alkira CXP Infoblox Service with existing Grid
Customers with existing Infoblox Grid Master, deployed in on-premises or Cloud, can either have the Alkira Infoblox instances join the existing Grid Master as a Grid Master Candidate/Members, or deploy a new Grid with a new Grid Master in Alkira for resources connected to the Alkira network.
Figure 7: Alkira Resource Share of Infoblox Service
Infoblox service in Alkira CXP maintains the network segmentation. Customers can deploy new Grids in each segment with a separate Grid Master and Members, to keep isolation between different business departments. To optimize the solution and use the same Infoblox Service for different segments, customers can use the Alkira’s Resource Sharing feature to allow resources in another segment consume the same IP address management services.
Multi-Region CXP Deployment
Figure 8: Alkira Multi-Region With Integrated Infoblox Service
Infoblox as a service in Alkira can be deployed in a single or multiple CXP regions. These multiple instances can utilize the Anycast capability of Infoblox to optimize the service response.
Alkira and Infoblox Solution Benefits:
Simple Design and Deployment
Alkira solution is built with simplifying cloud networking in mind and gives the customer a cloud-agnostic experience. Customers can deploy Infoblox services in Alkira as per their use case requirement from the Alkira portal.
Secure Multi-Cloud Approach
Alkira eliminates the need of configuring each CSP construct individually with a shared services VPC/VNET without compromising security. Using Alkira’s Resource Sharing feature from Alkira portal, the same Infoblox service is shared between different Alkira Segments. Refer to the blog Cloud Networking Design Patterns with Segmentation and Micro-Segmentation for deeper understanding of Segmentation supported by Alkira.
Anycast Routing with Reliability
Alkira implements the Anycast routing between different Alkira regions with reliability. Customers are only required to provide Anycast IP address and Alkira Region where Anycast should be supported.
Monitor overall health of the service and health of the individual Infoblox instance, deployed in Alkira, from a single pane of glass Alkira portal.
Multi-layered Security Policy
Control the traffic to Infoblox service with Alkira’s intent based Policies or use Firewall services integrated in Alkira for inspection. Visit the blog ‘Multi-Cloud Inline Traffic Inspection using Alkira’ for more information.
Modernize your cloud network with Alkira
To learn more about how Alkira can help simplify cloud networking for your organization, reach out and schedule a demo today.
You can also try our Cloud Insights tool for free here, giving you instant inventory and insights into your cloud networking resources.