SOLUTION NOTE
Enhancing Microsoft Environments with Enterprise-grade DDI
Product Summary: Infoblox is the first and only DNS, DHCP, and IP address management (DDI) solution provider to achieve Microsoft Gold Systems management competency in the Microsoft Partner Network.
Infoblox is 100 percent compatible with Microsoft technologies. Implementing Infoblox DDI requires no change to Microsoft AD and other roles, features, and business-critical Microsoft applications. Thousands of
Infoblox customers have already transitioned and are experiencing the benefits of higher availability, greater security, and significant time and cost savings from improved operational efficiencies and overall visibility.
Enterprises today need more than they’re getting from the DNS and DHCP utilities that come bundled with Microsoft Server.
Many are turning to enterprise-grade DDI to optimize critical network functions. And many are finding that deploying Infoblox
DDI enhances a Microsoft environment, improving the performance of Microsoft Active Directory (AD) and other businesscritical applications and productivity tools.
Organizations making the switch quickly realize that the initial cost of an enterprise-grade DDI solution from Infoblox is offset by productivity gains, reduced staffing requirements, better visibility into network configurations, deeper and richer information, support for compliance forensics, and protection against hacks and attacks.
Bringing Infoblox IPAM for Microsoft into your Microsoft environment gives you a centrally managed view with improved visibility into the overall use of both static and dynamic IP addresses, and Infoblox Network Insight adds visibility into layer-2 and layer-3 network infrastructure devices and the end hosts connected through those devices.
Infoblox Grid: A Single, Unified System
The Infoblox Grid pushes global configuration data and updates out to Grid members, monitors member operations, and synchronizes member changes back into the central database. Multi-Grid Management offers the flexibility to build a sophisticated Grid topology to meet specific requirements. The Grid maximizes operational efficiencies at multiple levels.
Infoblox IPAM: Better Informed IT
In order to give IT teams the highest level of detail and visibility, Infoblox IPAM provides Extensible Attributes, Smart Folders, and layer-2 and layer-3 connectivity details, coupled with an easy-to-use graphical interface.
Figure 1: Infoblox IPAM visual depiction of IP address use
©2014 Infoblox Inc. All Rights Reserved. infoblox-note-enhance-microsoft-environment-enterprise-grade-ddi-May2014 1

SOLUTION NOTE
Enhancing Microsoft Environments with Enterprise-grade DDI
Infoblox IPAM for Microsoft: Central Management across Forests
With Infoblox IPAM for Microsoft, administrators can centrally manage Microsoft DNS and DHCP services across forests using capabilities not available in Microsoft’s management suite, such as centralized IP address management and data synchronization across DDI.
The Infoblox solution requires no changes or additional software for Microsoft servers or Windows hosts, and is integrated seamlessly by using the native program calls used by Microsoft. It also includes extensive reporting, auditing, and security capabilities, and it enables administrators to manage all Microsoft DNS and DHCP services and IP addresses from a single location.
Infoblox Network Insight: Unprecedented Visibility
Infoblox Network Insight enriches the Infoblox IPAM solution by integrating device data with IP address management.
Administrators can easily gather information, analyze it, and then use the results to reduce time to repair, validate designs, reduce security risk, improve workflows, and much more.
Infoblox advantages increase when Microsoft DHCP is replaced by Infoblox DHCP and additional products are deployed supporting security and automation. Advanced DNS Protection, Infoblox IPAM for Microsoft System Center Orchestrator, and Infoblox Reporting truly enhance a Microsoft environment beyond the capabilities of a pure Microsoft solution.
Infoblox DHCP
The cutover to Infoblox DHCP from Microsoft DHCP improves your ability to manage IP address assignments through greater automation, visibility, templates to shorten workflows, and improved security.
In addition, Infoblox DHCP provides:
• Support for address assignments based on Relay Agent and DHCP Fingerprinting, providing more points of control for enforcing policies
• A multi-tier hierarchy for DHCP configuration changes, so that administrators can set configuration values at appropriate levels to be inherited downstream
• Templates for creating new networks or ranges
• An integrated, automatically managed database that requires no additional servers
• Many-to-one DHCP failover
• Support for GSS-TSIG dynamic DNS updates to prevent random clients from gaining access
• DHCP lease history for troubleshooting and compliance forensics
• Configurable DHCP lease space thresholds, to alert administrators when an address block is nearing capacity
Infoblox Advanced DNS Protection
By replacing Microsoft External DNS with an Infoblox PT appliance running Infoblox Advanced DNS Protection, you can maintain DNS service even while under attack. A fortified appliance with centralized visibility of attacks and a unique approach that intelligently detects and automatically drops DNS attack traffic can continue to serve legitimate queries, keeping critical services running while illicit queries are simply ignored.
The following graph shows a DDoS simulation launched against a BIND server, Microsoft DNS, and the Infoblox PT appliance. Microsoft had the least favorable results, simply collapsing under the threat and not responding to any valid
DNS requests.
©2014 Infoblox Inc. All Rights Reserved. infoblox-note-enhance-microsoft-environment-enterprise-grade-ddi-May2014 2

Enhancing Microsoft Environments with Enterprise-grade DDI
SOLUTION NOTE
Figure 2: DDoS attack response profiles: Microsoft, Bind, and Infoblox
Automating Virtual Environments
With Infoblox IPAM for Microsoft System Center Orchestrator (SCO), organizations can automate provisioning of networks and IP addresses to newly created virtual machines (VMs) and update DNS records, and when VMs are taken down, the solution automatically releases IP addresses and cleans up DNS—all in a matter of seconds instead of hours or days.
IPAM for SCO integrates with Microsoft System Center Orchestrator and Virtual Machine Manager to automate IP address management operations. Cloud and server administrators can create highly effective custom workflows within minutes. The solution also delivers centralized and unified IPAM for physical, virtual, and cloud environments.
Figure 3: GUI for developing virtualization automation workflows
©2014 Infoblox Inc. All Rights Reserved. infoblox-note-enhance-microsoft-environment-enterprise-grade-ddi-May2014 3

SOLUTION NOTE
Enhancing Microsoft Environments with Enterprise-grade DDI
Infoblox Reporting
Infoblox Reporting provides long-term reporting, trending, and tracking, enhancing real-time management of networks and network services through an extensive customizable historical reporting engine. Users can quickly and easily slice and dice data in many different formats, so network teams spend less time analyzing data, identify and track security threats more effectively, and meet compliance requirements more easily and completely.
By migrating to Infoblox DNS, you separate Microsoft DNS from Active Directory, gaining a rock-solid network across core DNS,
DHCP, and IPAM services while improving the performance of your AD servers. Infoblox understands the dependence of AD on DNS, and the Infoblox solution enhances AD by freeing up compute resources on AD servers while creating a robust and secure environment that allows both the Infoblox and the Microsoft solution to be customized, managed, upgraded, and patched independently of one another.
Infoblox offers other solutions that further enhance DNS security, including Infoblox DNS Firewall to prevent malware from communicating with command-and-control servers, Infoblox DNS Firewall – FireEye Adapter for protection against advanced persistent threats, and one-click DNSSEC deployment.
Infoblox is currently the only DDI vendor with a Certified Gold Microsoft System Center Partnership. That partnership enables a best-of-breed solution that puts the network components in the hands of the network team and leaves the Microsoft components in place with zero changes and enhanced performance. Thousands of Infoblox customers have already made the switch from
Microsoft DHCP and DNS to Infoblox DDI and are reaping the benefits associated with a truly best-of-breed solution.
About Infoblox
Infoblox (NYSE:BLOX) helps customers control their networks. Infoblox solutions help businesses automate complex network control functions to reduce costs and increase security and uptime. Our technology enables automatic discovery, real-time configuration and change management and compliance for network infrastructure, as well as critical network control functions such as DNS, DHCP, and IP Address Management (IPAM) for applications and endpoint devices. Infoblox solutions help over 7,100 enterprises and service providers in 25 countries control their networks.
Corporate Headquarters: +1.408.986.4000 1.866.463.6256 (toll-free, U.S. and Canada) info@infoblox.com www.infoblox.com
©2014 Infoblox Inc. All Rights Reserved. infoblox-note-enhance-microsoft-environment-enterprise-grade-ddi-May2014 4