Vous êtes sur la page 1sur 28

Infoblox Network Automation

Dynamically Controlling Your Network

Complexity Outpacing Resources


Tasks
Tasks

Quantity/Size

Discovery and network analysis


Reduce risk & ensure compliance
Increase productivity & network
availability
Shorten time to deploy services

Network Scale
& Complexity

Network
Network
Infrastructure
Infrastructure
Demands
Demands

More complex work


Increased
expectations
Menial tasks
Distracted focus

Network
Management
Resources

Time
2

2013 Infoblox Inc. All Rights Reserved.

Todays Likely Scenario


Network Discovery
Spreadsheets, periodic scans, multiple tools
Out-of-date and incomplete data

Network Changes

Manual CLI, Perl scripts, and basic config back-ups


Time intensive and requires senior engineer

Compliance/Standardization
Periodic audit focus with special task force
Adds security risk for policy violations

Access Provisioning
Massive spike in requests and delivery expectations
Longer SLAs - manual processes and needed expertise
3

2013 Infoblox Inc. All Rights Reserved.

The Power of Infoblox Network Automation


Cross
Cross
Functional
Functional
Enablement
Enablement

Task
Task
Delegation
Delegation

Network
Network
AutoAutoDiscovery
Discovery

Infoblox
Infoblox
Network
Network
Automation
Automation

Dynamic
Dynamic
Provisioning
Provisioning
Policy
Policy
Enforcement
Enforcement
&
& Audits
Audits
4

2013 Infoblox Inc. All Rights Reserved.

IP
IP &
& Device
Device
Management
Management

Dynamic
Dynamic
IPAM
IPAM Sync
Sync

Change
Change &
&
Config
Config
Automation
Automation

Infoblox Network Automation Overview


Real-time & Historical Analysis

Network discovery
Built-in analysis
Check against best practices
Detect issues
Monitor and manage change
Automate change
Maintain compliance
Provision ACL & rules

2013 Infoblox Inc. All Rights Reserved.

Collected Via:
SNMP
CLI/configuration
Syslog
Fingerprinting

Infoblox Network Automation


Automated Network Discovery

Compliance & Policy Standardization

2013 Infoblox Inc. All Rights Reserved.

Change & Configuration Management

Discover

Automate

Maintain

Control

Firewall ACL & Rule Automation

Flexibility of Infoblox Network Automation


Extend visibility
Improve accuracy
Enhance security
Automate IPAM
Control
Delegate authority
Lower risk
Reduce manual tasks
Analysis/Enforcement
Ensure compliance
Find potential issues
Prove success
Access Provisioning
Shorten SLA
Lessen mistakes
Empower Staff
7

SPM

ACM

NetMRI

SDC

Advanced Device and End-Host


Discovery

Switch Capacity

Sync with IPAM

Change Automation &


Detection

Configuration Templates

Switch Port Control

Policy Design

Continuous Monitoring &


Violation Alerting

1-Click Audit Reports

Embedded ACL/Rule Expertise


and Analysis

Blacklisting and whitelisting

2013 Infoblox Inc. All Rights Reserved.

Flexibility of Infoblox Network Automation


Extend visibility
Improve accuracy
Enhance security
Automate IPAM
Control
Delegate authority
Lower risk
Reduce manual tasks
Analysis/Enforcement
Ensure compliance
Find potential issues
Prove success
Access Provisioning
Shorten SLA
Lessen mistakes
Empower Staff
8

SPM

ACM

NetMRI

SDC

Advanced Device and End-Host


Discovery

Switch Capacity

Sync with IPAM

Change Automation &


Detection

Configuration Templates

Switch Port Control

Policy Design

Continuous Monitoring &


Violation Alerting

1-Click Audit Reports

Embedded ACL/Rule Expertise


and Analysis

Blacklisting and whitelisting

2013 Infoblox Inc. All Rights Reserved.

Benefits of Infoblox Network Automation

Reduce risk
and provision
services
faster

2013 Infoblox Inc. All Rights Reserved.

Enforce a
compliant
and standard
network

Improve staff
efficiency via
automation &
delegation

Technical Details

Whats On and Connected to My Network?


Manual, spreadsheets and/or scanning
tools
Often out of date

Tight budgets and stretched teams


Multi-vendor network devices
Proliferation of IP devices

Ever-changing questions
Whats on my network?
Which ports are active?
Do I need more capacity?
What device is using which port?
When & where did they connect?
11

2013 Infoblox Inc. All Rights Reserved.

Network Auto-Discovery
Automatic device
discovery
Extensive multivendor support
Layer 2 physical & 3
logical data
Integrated topology
views

New device detection

Detailed VLAN
information
12

2013 Infoblox Inc. All Rights Reserved.

Switch Port Management


Track free vs.
available port

Identify unused ports

Capacity planning &


management
Track connected
end-hosts/devices
History of what
connected when and
where
Track devices/MACs
by specific VLANs
13

2013 Infoblox Inc. All Rights Reserved.

Automated IPAM Sync


Integrated with
Infoblox IPAM
Auto-created
networks
Synced device
details within IPAM

IP map correlation

Updated smart
folders
All automated no
manual steps
14

2013 Infoblox Inc. All Rights Reserved.

Keeping Up with Daily Changes


Extensive manual processes
CLI
Scripting

Limited functionality
Configuration scrapes
Basic change automation
Vendor-specific tools

Minimal control & documentation


Limited work-flow
Admin or nothing access rights
Massive files require extensive manual
digging and compiling

15

2013 Infoblox Inc. All Rights Reserved.

15

Change Management
Automatic change
detection
Accurate job flow
and control
Every change at
fingertips
Saved historical
configurations
Simple side by side
comparisons
Powerful
configuration search
16

2013 Infoblox Inc. All Rights Reserved.

Change Automation
Embedded jobs and
scripts
Templates for easy
customization
Easily import
existing Perl scripts
Powerful variablebased jobs
User-based, role
access controls
Scheduled and
triggered jobs
17

2013 Infoblox Inc. All Rights Reserved.

Intuitive Change Control


Simplified switch
port changes
Strong user access
rights
Network tasks within
NIOS GUI
Enable single touch
for common changes
User initiated and
triggered tasks
Automatic detailed
updates and sync
18

2013 Infoblox Inc. All Rights Reserved.

Is My Network Still Compliant?


Different drivers
External mandates
Internal security policies
Networking best practices

Typically reactive
When something breaks
When audit is required

Manually intensive
Massive log files
CLI access
Manually collect, aggregate, tabulate
and present findings

19

2013 Infoblox Inc. All Rights Reserved.

19

Policy and Compliance Management


Embedded
compliance rules
Customizable best
practice templates
Manage multiple
policies
Proactive violation
detected
Multiple remediation
options
Current and
historical views
20

2013 Infoblox Inc. All Rights Reserved.

Configuration Analysis
Unique pre-packaged
expertise
Identifies common
misconfigurations
Customizable
alerting
Recommended
remediation options
Understand concept
of the network
Network Scorecard
views
21

2013 Infoblox Inc. All Rights Reserved.

Powerful Reporting
Single-click
compliance reports
Pre-packaged and
customizable

Powerful filtering

Executive and
detailed reports
On-demand or
scheduled
User-based view
rights
22

2013 Infoblox Inc. All Rights Reserved.

So Many Firewall Changes So Little Time

Spike in number of security policy changes


IT headcount not keeping pace
Multiple point products add confusion
Network SLAs impacted negatively
Expensive and diminishes security effectiveness

Firewall
Change
Needed

Search
For
Devices

Figure Out
Impacted
Devices

Determine
Correct
Config

Compare
Change to
Standards/
Compliance

Request
Change/
Implement
Manually

Reconfirm
Correctness
and
Compliance

Manual
Network Provisioning Time

Hours/Days

LEGACY APPROACH TO FIREWALL POLICY CHANGE IMPLEMENTATION


23

2013 Infoblox Inc. All Rights Reserved.

Rule and ACL Analysis


Built-in multi-vendor
expertise
Automatic alerts of
common issues
Continuous
monitoring
Finds hidden, overlapping & duplicates

Automated discovery

Topology path
views
24

2013 Infoblox Inc. All Rights Reserved.

Search and Alerting


Customizable
searches
Flexible multiple
device options
Blacklisting
reduces risk
Whitelisting
ensures access

Automatic alerts

Simple English
commands
25

2013 Infoblox Inc. All Rights Reserved.

Integrated Provisioning
Integrated
provisioning
Creates vendorspecific syntax
Push changes to one
or multiple devices
User-based
access controls
Testing and
rollback options
Change monitoring
and tracking
26

2013 Infoblox Inc. All Rights Reserved.

Taking Automation to the Next Level

Dynamic

Improve capabilities with dynamic value


look ups

Topology

Better configurations based on


understanding neighbors

Control

27

Maintain control with role-based access


and rights

Flexibility

Reduce time with multi-device coordinated


change

Ease of use

Eliminate scripts by leveraging intuitive GUI


across multiple vendors and devices

2013 Infoblox Inc. All Rights Reserved.

Infoblox Network Automation


Dynamically Controlling Your Network