e63bf3ae3efaf4e190d324e062fe327f

Explosive Growth in Connected Devices Drive the Need for Better Threat Intelligence

The Internet of Things (IoT) era is nigh and approximately 30 billion devices are estimated to be connected by 2020, just a year away. Therefore, with the explosion in demand for IP addresses and more applications, enterprise-grade DDI infrastructure is proving itself to be essential given that the “bad hats” are infiltrating deeper, from end-points to networks.

Internet Protocol version 6 (IPv6) is the most recent version of the Internet Protocol, the communications protocol that provides an identification and location system for computers on networks and routes traffic across the Internet.

With the exploding number of IPv6-enabled devices that will connect to networks, be it from laptops, mobile phones, printers, scanners or tablets, the global supply of dwindling IPv4 addresses means that organisations’ migration to IPv6 is gaining more traction. Not having an IP address is the equivalent of having a phone without a phone number, or a home without an address.

Infoblox, network services and security providers – the blokes who bring you to your intended URLs with peace of mind, whichever ‘transport mode’ you use, whether you are accessing on-premise, off-premise, roaming at branch offices or via apps anywhere – points out that Domain Name System (DNS) is the number one pathway for malware. After all, globally distributed enterprises grapple with a flood of new requests for IP addresses and the onslaught of new network endpoints daily.

It is mission-critical that networks within organisations, any organisation, run without breaches, data loss nor downtime. And networks depends on core services like DDI, load balancing and DNS protection to run reliably and securely. As such, protection for the network can no longer be confined to a “castle and moat” approach but instead, extend itself to virtualised and cloud environments with perimeters move.

Moreover, if today’s 32-bit IPv4 (Internet Protocol version 4) scheme with its close to 4.3 billion possible IP addresses is not enough of a challenge for Internet security systems, the new 128-bits IPv6 scheme with its 34,028,236,692, 093,846,346,3374,607,431,768,211,456 (over 34 billion billion billion) possible addresses and greater complexity, poses even greater challenges for network security systems to handle.

The transition to IPv6 is happening at the precise moment when networks are going through extraordinary changes. According to Cisco, in less than two years, more than half of all Internet traffic will be over the IPv6 protocol.

Traditional on-premise network management solutions can no longer keep up. Adding to the challenge is that private, hybrid and public cloud providers lack the crucial network integration, orchestration and automation capabilities that today’s networks require.

Infoblox, however, touts its ability to bring next-level security, reliability and automation to cloud and hybrid systems, managed through a single pane of glass, even as DDI security threats grow more frequent, sophisticated and intense.

The company sells network appliances that manage internet addresses and identify devices connected to corporate networks. These appliances help IT departments manage related network infrastructures and systems that together go by the acronym DDI (DNS, or Domain Name System; DHCP, or dynamic host configuration protocol; and IPAM, or Internet Protocol address management).

Virtualisation and containerisation, XaaS, next-generation hyper-scale data centre, and the IoT can unlock unprecedented value for the enterprise. However, to take full advantage of these technologies requires a dedicated IPv6 practice and specialised tool sets most IT organisations lack.

This is where Infoblox’s threat intelligence solutions come in.

Today, the twenty-year old Silicon-Valley company has built a commanding 50-percent share of market in the DDI networking and security space. To say the least, its customers are big. The company counts 350 of the Fortune 500 corporations as among its customers. HP, Boeing, Toyota, eBay, UBS, Huawei, Vodafone and Caterpillar are among the more visible names.

Highlighted below is a recent case study where Infoblox’ network solutions were used to great effect.

Case Sudy: University of Guadalajara

The university, founded over two centuries ago, is the second largest in Mexico with over 290,000 students. The campus includes two major university centres located in the metropolitan area of Guadalajara and eight regions of Jalisco, and an office in Los Angeles, California. The university is renowned for its inclusive, flexible and innovative qualities. For example, it is one of the first universities in Latin America to obtain the IPv6 Forum accreditation.

The university’s IT team is led by industry expert Jorge Arandia. His team oversees and manages the university’s security and network operations including cybersecurity, network, infrastructure, servers and backups.

The Challenge

“Our primary objectives are to secure our DNS network-wide and to ensure that our DNS services function,” states Arandia. The university’s network has more than 10,000 devices, ERP and financial, student and faculty applications and remote learning services all running on the network simultaneously.

Managing and securing IT application controls with services running on IPv6 has been one of the university’s greatest pain points. The team previously relied on the legacy BIND system to manage its network, which kept operational costs high and failed to secure the large network. This legacy solution did include a few layers of cybersecurity, but it lacked a robust DNS security solution.

Elements of a Comprehensive Cybersecurity Strategy

The top threats that the university’s IT team experiences include distributed denial of service (DDoS) attacks, which can flood DNS servers with malicious requests and bring down the entire network, as well as insider threats, whether accidentally or deliberately.

Furthermore, students collectively bring thousands of personal and connected devices onto the university’s network each year, such as smartphones, smart watches, tablets, and laptops and desktop computers. The more devices that enter the university’s network, the greater the potential attack surface grows and the more susceptible the network becomes to infections from malware.

Protecting DNS from the Widest Range of Attacks

With Infoblox’s solution, the university dramatically benefits from the ability to mitigate these attacks and secure its DNS.

“The most important features for the university are network visibility and network availability. The university’s IT team is under constant pressure to keep all services that our university’s students, faculty and staff use up and running at all times.” Arandia continues, “With Infoblox, the IT team now knows if and when it comes under attack and is able to mitigate all DNS-based attacks and keep all services up and running.” The IT team now has a central view of attack points and patterns across the entire network.

Furthermore, the university is now able to improve user experience such as with internet navigation. “Infoblox and partner Initel also help our team keep users out of contact from C&C malware sites”, continues Arandia. The university has not yet begun protecting its users and data from the cloud but will be looking at cloud solution in the near future.

“In fact, when we spoke with the Infoblox team during our interview for this case study, our team detected a breach on our network in real time right during the call,” said Alma Ruiz, lead manager of the IT team’s SOC and NOC. The Infoblox infrastructure was able to provide Alma and her team real-time cyber threat intelligence data that enabled her to see the threat before it caused any damage and removed it immediately.

 Conclusion

Today’s hyper-connected, multi-device and hybrid cloud world simply lay bare the glaring need for network threat intelligence in any enterprise’s cybersecurity portfolio.

Infoblox is confident that its robust suite of solutions will be able to provide actionable intelligence that is high quality, timely and reliable in all kinds of complex environments.