Whoever controls the infrastructure…

Author
Terry Slattery
Principal Architect

The quote has been made in the past “Whoever controls the skies controls the land.”* I think that an equivalent quote in today’s network environment is:

Whoever controls the infrastructure controls the business.

Let me explain why.

We’ve seen in the last few years an explosion of the use of virtual systems.  The limitations of buying hardware for each server were removed and we can now have tens of virtual server instances running on 4-core processors.**  The number of systems to be managed are exploding as a result.  With this is an increase in the infrastructure required to support these systems, with the Cisco Nexus and Arista 7100 as examples of datacenter switches that implement 10G interfaces to support the high-throughput communications requirements typical of such environments.

The ability to identify where a given application resides, where a compromised computer is connected into the network, where packet loss is occurring, or identifying the origin of a failure has become increasingly important.  Controlling the infrastructure either helps or hinders the smooth operation of the business.  If the infrastructure isn’t working properly, the applications upon which the business depends will not work; therefore, the business stops.

A spanning tree loop that spans data centers can take out an entire business operation.  An incorrectly injected default route, or a bad static route can similarly create black hole routing that prevents access to key business resources.  A compromised computer attacks other computers within the organization, stopping normal business transactions.  These can all be mitigated with proper infrastructure design, operation, and monitoring.

So it is no surprise to me that Infoblox acquired Netcordia this week. Infoblox is already the best-known DHCP/DNS/IPAM*** product on the market.  They have a unique architecture that allows easy administration of many servers to provide these key network functions. The Infoblox servers are great appliance-based systems that simplify the management of IP Address infrastructure.

NetMRI is also an appliance-based system and is a great addition to the Infoblox product line.  I’m looking forward to how they integrate the two products.  NetMRI has some of the best network discovery mechanisms in the market and using it to help populate the Infoblox IPAM is a natural first step.  It would be pretty cool to be able to click on an address in Infoblox and have it query NetMRI to find out where the device is connected into the network, reporting the switch port, default router(s), and any known information about the device.

I’m sure that the smart folks at Infoblox and at Netcordia will get together to come up with some other more interesting and useful functions that help to control and monitor the infrastructure that provides control of the business.

-Terry

_____________________________________________________________________________________________

* I did some searches and could not find who originally coined the phrase, referencing air superiority in WWII as being the key component to winning the war.
** Cisco’s Project California: A Data Center Virtualization Server (Unified Computing System) describes an example.
*** The first two acronyms should be familiar to you.  The last is IP Address Management, which is not frequently mentioned.

_____________________________________________________________________________________________

Re-posted with Permission 

NetCraftsmen would like to acknowledge Infoblox for their permission to re-post this article which originally appeared in the Applied Infrastructure blog under http://www.infoblox.com/en/communities/blogs.html

infoblox-logo

Leave a Reply

 

Nick Kelly

Cybersecurity Engineer, Cisco

Nick has over 20 years of experience in Security Operations and Security Sales. He is an avid student of cybersecurity and regularly engages with the Infosec community at events like BSides, RVASec, Derbycon and more. The son of an FBI forensics director, Nick holds a B.S. in Criminal Justice and is one of Cisco’s Fire Jumper Elite members. When he’s not working, he writes cyberpunk and punches aliens on his Playstation.

 

Virgilio “BONG” dela Cruz Jr.

CCDP, CCNA V, CCNP, Cisco IPS Express Security for AM/EE
Field Solutions Architect, Tech Data

Virgilio “Bong” has sixteen years of professional experience in IT industry from academe, technical and customer support, pre-sales, post sales, project management, training and enablement. He has worked in Cisco Technical Assistance Center (TAC) as a member of the WAN and LAN Switching team. Bong now works for Tech Data as the Field Solutions Architect with a focus on Cisco Security and holds a few Cisco certifications including Fire Jumper Elite.

 

John Cavanaugh

CCIE #1066, CCDE #20070002, CCAr
Chief Technology Officer, Practice Lead Security Services, NetCraftsmen

John is our CTO and the practice lead for a talented team of consultants focused on designing and delivering scalable and secure infrastructure solutions to customers across multiple industry verticals and technologies. Previously he has held several positions including Executive Director/Chief Architect for Global Network Services at JPMorgan Chase. In that capacity, he led a team managing network architecture and services.  Prior to his role at JPMorgan Chase, John was a Distinguished Engineer at Cisco working across a number of verticals including Higher Education, Finance, Retail, Government, and Health Care.

He is an expert in working with groups to identify business needs, and align technology strategies to enable business strategies, building in agility and scalability to allow for future changes. John is experienced in the architecture and design of highly available, secure, network infrastructure and data centers, and has worked on projects worldwide. He has worked in both the business and regulatory environments for the design and deployment of complex IT infrastructures.