1 | © 2013 Infoblox Inc. All Rights Reserved. Authoritative IP Address Management (IPAM) and its Security Implications Rick Bylina, Sr. Product Marketing.

Slides:

Advertisements

Similar presentations

Presented by Nikita Shah 5th IT ( )

Advertisements

Unified Communications Bill Palmer ADNET Technologies, Inc.

Leveraging an Integrated ERP and CRM System - Featuring Sage MAS 500 ERP and Sage SalesLogix CRM.

Network Systems Sales LLC

Complete Event Log Viewing, Monitoring and Management.

IBM SMB Software Group ® ibm.com/software/smb Maintain Hardware Platform Health An IT Services Management Infrastructure Solution.

 What Is Desktop Virtualization?  How Does Application Virtualization Help?  How does V3 Systems help?  Getting Started AGENDA.

The Threat Within September Copyright © 2004 Q1 Labs. All Rights Reserved Agenda Customer Pain Industry Solutions Network Behavior Enforcement Example.

© 2011 Infoblox Inc. All Rights Reserved. Infoblox – control, secure & automate Mike Carroll.

IP ADDRESS MANAGEMENT [IPAM]

Complete Event Log Viewing, Monitoring and Management.

The Most Analytical and Comprehensive Defense Network in a Box.

Infoblox Network Automation Matt Gowarty, Sr. Product Marketing Manager Dynamically Controlling Your Network.

VMware Virtualization Last Update Copyright Kenneth M. Chipps Ph.D.

EHealth Network Monitoring Network Tool Presentation J. Gaston Senior Network Design Seminar Professor Morteza Anvari 10 December 2004.

Mel Pless, Sr. Director, Solutions Consulting Guidance Software, Inc. Let’s Get Right To The Endpoint Leveraging Endpoint Data to Expose,

All Rights Reserved © Alcatel-Lucent | Dynamic Enterprise Tour – Safe NAC Solution | 2010 Protect your information with intelligent Network Access.

1 © 2001, Cisco Systems, Inc. All rights reserved. Session Number Presentation_ID Cisco Easy VPN Solutions Applications and Implementation with Cisco IOS.

Understanding Active Directory

#CONVERGE2014 Session 1304 Managing Telecom Directories in a Distributed or Multi-Vendor Environment David Raanan Starfish Associates.

CISCO CONFIDENTIAL – DO NOT DUPLICATE OR COPY Protecting the Business Network and Resources with CiscoWorks VMS Security Management Software Girish Patel,

Virtual LANs. VLAN introduction VLANs logically segment switched networks based on the functions, project teams, or applications of the organization regardless.

Presented by INTRUSION DETECTION SYSYTEM. CONTENT Basically this presentation contains, What is TripWire? How does TripWire work? Where is TripWire used?

Cloud Attributes Business Challenges Influence Your IT Solutions Business to IT Conversation Microsoft is Changing too Supporting System Center In House.

Chapter 14 Managerial issues in networking. Overview Network design Network management – Hardware – Software Technology standards Role of government and.

Tim Rooney – Product Management Director

Network discovery Multi- server mgmt (MSM) Visibility & audit.. Automatic discovery of DC, DHCP and DNS servers, and dynamic IP addresses.

Extreme Networks Confidential and Proprietary. © 2010 Extreme Networks Inc. All rights reserved.

The Microsoft Office 2007 Enterprise Project Management Solution:

An Introduction to IBM Systems Director

Presentation Outline (hidden slide) Technical Level: 100 Intended Audience: TDMs, ITPros, ITDMs, BI specialists Objectives (what do you want the audience.

PATCH MANAGEMENT: Issues and Practical Solutions Presented by: ISSA Vancouver Chapter March 4, 2004.

Module 3: Designing IP Addressing. Module Overview Designing an IPv4 Addressing Scheme Designing DHCP Implementation Designing DHCP Configuration Options.

The Global DDI Company.

© 2006 Cisco Systems, Inc. All rights reserved. Optimizing Converged Cisco Networks (ONT) Module 6: Implement Wireless Scalability.

Solving the Inherent Problems with the Personal Computer Presented by: Douglas A. Brown President / Chief Technology Office Presented.

Chapter 8: Virtual LAN (VLAN)

Managing in Multiple Operating System Environments OS administration in an hp-ux and Linux environment Steeve Daigle, HP & Steve Cooke, HP.

SiteWiz – RiT ’ s CAM Solution. Daily IT Challenges Overload of infrastructure information Numerous daily changes Many departments involved No clear picture.

Last Updated 1/17/02 1 Business Drivers Guiding Portal Evolution Portals Integrate web-based systems to increase productivity and reduce.

Cisco S3C3 Virtual LANS. Why VLANs? You can define groupings of workstations even if separated by switches and on different LAN segments –They are one.

1 © 2003, Cisco Systems, Inc. All rights reserved. CCNA 3 v3.0 Module 8 Virtual LANs Cisco Networking Academy.

Microsoft Management Seminar Series SMS 2003 Change Management.

INTRUSION DETECTION SYSYTEM. CONTENT Basically this presentation contains, What is TripWire? How does TripWire work? Where is TripWire used? Tripwire.

HO © 2012 Fluor. All rights reserved. Quick Wins in Vulnerability Management Classification: Confidential Owner: Michael Holcomb Approver: Phil.

HP PPM Center release 8 Helping IT answer the tough questions

2015 NetSymm Overview NETSYMM OVERVIEW December

The Intelligent Infrastructure John Pollard – 29 th April 2008

Jeff Wettlaufer Sr. Technical Product Manager System Center SESSION CODE: MGT308 B T jeffwettlaufer E

What’s New Data Loss Prevention 14. Information is Everywhere Brings Productivity, Agility, Convenience ……and Problems Copyright © 2015 Symantec Corporation.

Minimising IT costs, maximising operational efficiency IO and NIMM: Now is the time Glyn Knaresborough Director of Strategic Consulting.

Staff Assessment Technology Services Department Palmyra Area School District.

Infrastructure for the People-Ready Business. Presentation Outline POINT B: Pro-actively work with your Account manager to go thru the discovery process.

Microsoft Azure and ServiceNow: Extending IT Best Practices to the Microsoft Cloud to Give Enterprises Total Control of Their Infrastructure MICROSOFT.

Building a Sound Security and Compliance Environment for Dynamics AX Frank Vukovits Dennis Christiansen Fastpath, Inc.

Blazent / ServiceNow Messaging Guide. Transforming data into actionable intelligence Improve business outcomes by contextualizing data to make informed.

Kevin Watson and Ammar Ammar IT Asset Visibility.

Presenter: Prof. Dimitris Mourtzis Advanced Manufacturing: Industry 4.0 and Smart Systems.

Microsoft Virtual Academy. Microsoft Virtual Academy First HalfSecond Half (01) Introduction to Microsoft Virtualization(05) Hyper-V Management (02) Hyper-V.

Network and Server Basics. Learning Objectives After viewing this presentation, you will be able to: Understand the benefits of a client/server network.

Network Admission Control: A Survey of Approaches Educause 2008

Hybrid Management and Security

Redcell™ Management Essentials, Juniper Networks Enterprise Edition

CIM Modeling for E&U - (Short Version)

Hybrid Management and Security

SaaS Application Deep Dive

Chapter 5: Inter-VLAN Routing

11/17/2018 9:32 PM © Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN.

Microsoft Virtual Academy

Presentation transcript:

1 | © 2013 Infoblox Inc. All Rights Reserved. Authoritative IP Address Management (IPAM) and its Security Implications Rick Bylina, Sr. Product Marketing Manager

2 | © 2013 Infoblox Inc. All Rights Reserved. Today’s Agenda What is Authoritative IPAM The three pillars of Authoritative IPAM ̶ The role of discovery data Improving security with powerful solution Security use cases Proactive security measures using the solution All of IT benefits from an Authoritative IAPM solution Summary / Conclusion

3 | © 2013 Infoblox Inc. All Rights Reserved. Authoritative IPAM Requirements Integrated protocol data with centralized management Integrated discovery data for network devices and end-hosts Metadata assignable to all database objects Flexible modeling and deep search-ability Add, move, change & trouble shooting tools Router, switch, and port access from a single UI (No CLI) Granular role based administration and approval processes Historical reporting Real business data related to a network resource helps bind together the logical network construct and the reality of enterprise IT resources

4 | © 2013 Infoblox Inc. All Rights Reserved. Authoritative database of all network data Workflows spanning protocol, infrastructure, and IPAM data Direct access to switch ports enabling monitoring & control Three Pillars of Authoritative IPAM

5 | © 2013 Infoblox Inc. All Rights Reserved. Authoritative Database of All Network Data Real business data related to a network resource helps bind together the logical network construct and the reality of enterprise IT resources Centralized management of all protocol data (DNS, DHCP) ̶ Enriched DHCP data with DHCP fingerprinting Integrated discovery data for all physical and virtual devices ̶ Layer-2 and layer-3 devices, end-hosts, port and connectivity data Automation of virtual and private-cloud infrastructure data ̶ Orchestrator plug-ins for automation Meta data tagging of all objects ̶ Your network / your business

6 | © 2013 Infoblox Inc. All Rights Reserved. Customizable, comprehensive auto-discovery Layer-2 / Layer-3 and end-host devices Connectivity and port data Virtual configuration / VLAN data Integrated Network Discovery Data Key to the accuracy and timeliness of the authoritative database The collection and correlation of this data provides unprecedented visibility, helping network admins easily gather the necessary information to analyze and take the appropriate action.

7 | © 2013 Infoblox Inc. All Rights Reserved. Integrated Work Flows Content-aware workflows traverse protocol, device, port, and IPAM data Scheduling and approval parameters Built-in adjustable discovery parameters Direct port control within the IPAM workflow Efficiency and productivity is vastly improved by having close-loop integrated work flows that span IP management, protocol, and device data all from a single UI.

8 | © 2013 Infoblox Inc. All Rights Reserved. Direct Switch and Port Access Integrated control for truly closed-loop workflows Change port admin status directly from UI Modify port description / write to the switch Assign and configure VLANs Reserve ports / detect reservation conflicts Comprehensive port inventory Leverage direct port status control to ensure ports are turned on only during provisioning and quickly shut ports for infected devices to prevent further disruptions.

9 | © 2013 Infoblox Inc. All Rights Reserved. A Complete Solution Benefiting All of IT Direct access to switch ports enabling monitoring & control Authoritative database of all network-related data Workflows spanning protocol, infrastructure, and IPAM data Authoritative IPAM A WAREHOUSE OF AUTHORITATIVE INFORMATIONSTREAMLINED, SIMPLIFIED OPERATIONSEFFECTIVE RESOURCE UTILIZATION

10 | © 2013 Infoblox Inc. All Rights Reserved. Improve Security with Authoritative IPAM Unprecedented visibility across the network Uncover unmanaged networks and devices Quickly locate infected devices ̶ Improve threat response times ̶ Take immediate action / remediate faster Enforce network access policy at the edge Report on anomalies Security teams require visibility across all of the IT team’s assets and generally are part of the review and approval process for many adds, moves, and changes.

11 | © 2013 Infoblox Inc. All Rights Reserved. Unprecedented Visibility w/ Search-ability Complete device and connectivity data Easily find and patch known issues Search data set for: device type = printer, manufacturer = HP, model = 7000 Shut ports for all HP 7000 printers, distribute patch to all responsible admins Test patch, re-enable ports Example: All HP Model 7000 LaserJet printers need a patch

12 | © 2013 Infoblox Inc. All Rights Reserved. Integrated Protocol and Device Data Quickly find infected devices Compress remediation response times Example: Malware infected Windows 7 machines launch DDoS Search data set for: device type = PC, OS = Windows 7 Generate report of DNS traffic rates for the list of Windows 7 devices found Shut ports for all Windows 7 machines showing out-of bounds DNS rates Remediate all infected machines, re-enable ports

13 | © 2013 Infoblox Inc. All Rights Reserved. You Can’t Manage What You Can’t See Discovery finds unmanaged networks and devices Rogue device detection Example: Exposure to threat from home router use in the office Ran discovery on accounting subnet in attempt to understand service outage An unmanaged device was discovered, a home wireless router with an open DHCP port Close the port. Using port id to correlate the cubicle - make a very nasty phone call to the manager of the individual

14 | © 2013 Infoblox Inc. All Rights Reserved. Using Authoritative IPAM Proactively Reserve ports, set admin status up at time of provisioning ̶ Prevent having open active ports, confirm usage Turn on DHCP Fingerprinting ̶ Access control at the edge, logical subnet assignments Leverage DNS RPZ for malware detection ̶ Use connectivity and device data to quickly shut off infected devices ̶ Get a quality feed for updates Being PROACTIVE means you focus on things you have control over to make things better.

15 | © 2013 Infoblox Inc. All Rights Reserved. Authoritative IPAM Benefits All IT Teams KNOCK DOWN THE SILOS Create and share an authoritative, integrated database BOOST THE TEAM’S POWER Streamline and simplify operations with integrated workflows IMPLEMENT CONTROLS Use built-in controls and leverage automation

16 | © 2013 Infoblox Inc. All Rights Reserved. Authoritative IPAM Benefits All IT Teams Better data means better decisions Collaboration drives efficiency, productivity, and accuracy IT human resources are elevated to more strategic tasks Improved enterprise service delivery = better user experiences Overall OPEX is reduced Not since enterprise wide solutions like ERP and CRM has a solution brought the type of positive change that truly empowers an organization to operate at a new level.

17 | © 2013 Infoblox Inc. All Rights Reserved. Authoritative IPAM Delivers… VISIBILITYEFFICIENCYCONTROL

18 | © 2013 Infoblox Inc. All Rights Reserved. Thank you Please Visit our Booth