Cisco®and Infoblox optimizes service delivery of critical applications such as email messaging, web, and IP phone services at remote offices with automated core network services that offer local service resiliency, centralized visibility, and management.
Reliable core network services at branch offices are essential to maintain application availability for critical business processes. Even minor interruptions in Domain Name System (DNS) services may lead to lost transactions at a retail store or at a bank branch office, resulting in lost revenue and affecting employee productivity. As we continue to experience an explosion of IP addresses at the enterprise, IT organizations are challenged to contain costs and maintain proper address management for ongoing service delivery. Current solutions for providing core network services force trade-offs in performance and availability in order to gain easier management.
The Cisco Application Extension Platform (AXP) and Infoblox vNIOS together offer a solution that automates tedious core network service tasks, reducing errors while increasing flexibility. Branch-office network infrastructure becomes more available, more dynamic, and easier to manage, thereby enabling server consolidation.
Today's enterprises continue to see a six percent growth in branch offices. That growth means more remote locations serving more people, who all need core network services to get work done.
Enterprise IT organizations continue to face pressure to extend services to remote sites without increasing costs. An important strategy to address this problem is virtualizing the network and consolidating servers at the data center. Centralizing core network services in the data center can create problems for end users in branch offices, compromising performance because of WAN latencies and making remote networks unusable when WAN links fail. This approach can have major implications on a business' profitability if core network services such as DNS, Dynamic Host Configuration Protocol (DHCP), IP address management (IPAM), and Remote Authentication In User Service (RADIUS) are temporarily unavailable to regional and branch-office users.
On the other hand, hosting core network services on general-purpose servers at each remote site poses security and manageability challenges-and dramatically increases equipment and operational costs.
Figure 1 illustrates core network services.
Figure 1. Core Network Services: The "Glue" Between Applications and Networks
Cisco and Infoblox: Survivable Core Service at the Branch Office
The Cisco AXP and Infoblox vNIOS integrated solution running on a Cisco Integrated Services Router (ISR) provides local delivery of core network services with the operational benefits of centralized management, ultimately combining the best of both distributed and centralized models for delivering core network services.
Infoblox NIOS Virtual Appliance is a full-featured1 software instance of the Infoblox core network services product that takes full advantage of the extensibility of the Cisco integrated services router with the AXP module to run core network services. The solution eliminates the need to add additional servers and appliances at the branch office. The appliance includes a full suite of core network services-including DNS, DHCP, IPAM, RADIUS, FTP, Trivial File Transfer Protocol (TFTP), and Hypertext Transfer Protocol (HTTP).
Figure 2. Infoblox vNIOS for Cisco in a Grid Centrally Managed by Infoblox Grid Manager
This combined solution allows network administrators to architect a serverless branch office and, at the same time, deliver reliable local services to end users. Distributed organizations obtain the cost benefits of consolidation and the simplicity of centrally managed Infoblox vNIOS instances. The solution enables central management of highly distributed networks, and allows for automation of core network services such as DNS/DHCP and IPAM. The result is a highly available and dynamic branch-office infrastructure that can keep up with today's demands while reducing total cost of ownership (TCO).
How It Works
The Infoblox and Cisco solution supports hybrid environments that include a mix of physical Infoblox appliances and virtual appliances running on Cisco ISR with AXP, depending on branch-office requirements. Each instance of Infoblox vNIOS software running on a Cisco AXP appears to the grid as any other grid member, with all the benefits of distributed services and centralized management. These services include centralized backup and restoration of user data, DHCP failover capabilities, one-touch software upgrades, local RADIUS authentication, DNS without latency, and other core network service functions.
• File delivery services through TFTP, FTP, and HTTP
• Logging services through syslog proxy
Infoblox vNIOS software running on Cisco AXP blades can be combined with Infoblox hardware appliances into Infoblox grids. The Infoblox grid links a collection of appliances into a unified, centrally managed, core network services platform. This essential infrastructure allows organizations to distribute, automate, and consolidate critical information and services with data integrity:
• Resilient operation with increased availability and disaster recovery
• Unified management with wide one-click upgrades
• Easy monitoring and troubleshooting of services
The flexible Infoblox Grid Manager user interface provides the visibility and control needed to manage all core network services in dynamic IP networks. The grid manager consolidates the management of all appliances, services, and data-and provides summary and drill-down views with a simple click. The status of devices and services within the grid manager always reflects the actual, real-time state of the network.
Cisco AXP Overview
The Cisco AXP provides a standards-based Linux hosting environment within the ISR, allowing third parties to integrate applications with the router. Tightly integrated, the AXP environment is configured and managed through the router. Harnessing this integration, an AXP application can appear to the end user as an extension of the router.
Figure 3. Cisco AXP Architecture
The Cisco AXP solution consists of:
• The Cisco AXP Application Runtime Network Module, which provides dedicated resources to host applications
• Cisco Application Extension Platform Hosting environment, which provides the infrastructure to securely host, install, upgrade, and manage third-party applications and services
• Cisco IOS® Software integration application programming interfaces (APIs), which allow the application to integrate and take advantage of the features of the router
• A software developer kit (SDK), which allows certified customers and partner program members to develop applications and services
• Cisco AXP Partner Program, which provides the collateral, extended technical support, and online resources to help partner program members develop, deploy, and market their Cisco AXP-based solutions
Solution and Business Highlights
• Local delivery of DNS, DHCP, TFTP, and other services to increase application performance, resilience, and local survivability
• Built-in industry-leading IPAM solution to simplify complex network-related tasks (for example, network provisioning, IP address provisioning, role-based IP address management, etc.
• Centralized, automated management for core network services
• Consolidation of servers to reduce cost
• Improved security and compliance through reporting and alerting
• Increased performance at the branch office: Enterprise branch offices get the performance benefits of local delivery of core network services with exceptional resiliency for DNS, DHCP, and more, along with powerful IPAM and centralized monitoring and control.
• Minimized operational costs: Customers can consolidate management of branch-office networks with centralized management, extensive automation, improved visibility with real-time updates of network status, IP address additions and changes, and more. Customers will see a reduction in labor and costs due to centralized management and industry-leading IPAM with extensive automation functions, and server costs with consolidation of equipment.
• Enablement of dynamic and resilient branch-office networks: Infoblox failover and disaster-recovery features for core network services with the Cisco integrated services router provide local survivability of core network services during WAN outages, allowing optimal productivity at the branch office to achieve exceptional flexibility, control, and availability.
• Green solution that saves space and power at remote offices: You can save rack space and power by installing Infoblox vNIOS software on blades in Cisco integrated services routers.
Figure 4 shows an example of the benefits of Infoblox vNIOS and Cisco AXP based on an initial investment of $100,000. The implementation can result in net savings of close to $500,000 over a period of three years.
Figure 4. Solution Return on Investment
Infoblox delivers utility-grade core network services essential for all networks and applications, including domain name resolution (DNS), IP address assignment (DHCP) and management (IPAM), authentication (RADIUS), and more. The Infoblox solution provides a simple, secure, and reliable approach that includes unique database and grid technology to deliver these services nonstop to hundreds of organizations worldwide, including many of the Fortune 500 companies.
To learn more about implementing Infoblox core network services on Cisco AXP, contact firstname.lastname@example.org or call 408 625-4200.
4750 Patrick Henry Drive
Santa Clara, CA 95054
408 625-4200 email@example.com
Virtual appliances cannot be configured in High Availability pairs.
1Virtual appliances cannot be Grid Masters or Grid Master Candidates.
1Virtual appliances cannot be DHCP Lease History Logging members.
1Virtual appliances cannot be RADIUS Accounting Servers.
1Virtual appliances don't have a separate MGMT port.
1Virtual appliances can't run the VitalQIP or WinConnect modules.
1In addition, the following features are not available: Anycast, IPv6 interfaces, static routes, and NTP. SSH access must be run on a different port (tcp/2023).