With the increasing adoption of multi-cloud strategies, companies are encountering difficulties in handling the foundational DDI and DNS components of their network services, resulting in operational hurdles and inefficiencies.
According to Paul Wilcox, the Vice President for Asia-Pacific Japan at Infoblox, consolidating management across diverse environments could assist organizations in better aligning their security, network, and cloud teams. This approach can aid in early detection of cyber threats and identification of issues such as zombie servers.
Relevance of DNS in IT infrastructure and cybersecurity risk
DDI encompasses the Domain Name System, Dynamic Host Configuration Protocol, and IP Address Management. Infoblox, a provider of DDI solutions to 13,000 customers, explains that DDI forms the basis of core network services required for all IP-based communications.
Infoblox highlights that DDI is often underestimated in IT infrastructure but is increasingly crucial for establishing secure, efficient, and manageable networks in contemporary computing environments, particularly for detecting and preventing cyber threats early.
Implications of Network Expansion and DNS Complexity in the Cloud
The transition to decentralized, multi-cloud setups, along with the rise in IoT devices and the intricate nature of modern IT setups, are making it harder for organizations to manage their DDI services effectively, as per Wilcox.
Wilcox mentioned a scenario where a Japanese company’s CIO highlighted the increasing complexity faced by NetOps, SecOps, and DevOps teams due to the shift towards decentralized workspaces and away from on-premise computing. This complexity is making it challenging for security operations to identify the root causes of various issues.
Increasing Complexity in DDI Management due to Multi-cloud
A majority of enterprises are now leveraging services from two or more cloud providers, making the management of critical network services more intricate and error-prone with each additional environment. Maintaining visibility and control over all DDI services also becomes more demanding.
Rapid Growth in IoT Devices Utilizing IP Addresses
The widespread adoption of IP-addressed IoT devices in modern offices poses another hurdle for organizations. Wilcox highlighted the difficulties in managing and securing these devices, emphasizing the challenges they present.
Operational Silos and Manual Processes in Organizational Teams
Operational separations between NetOps, CloudOps, and SecOps teams, coupled with manual procedures, can lead to issues. Wilcox shared an instance where a global bank encountered a system failure and incurred a financial loss of U.S. $100 million due to a manual network team error in changing DNS entries and IP addresses.
SEE: Boomi Interview: Challenges of Digital Fragmentation in Organizations
Fragmented DDI Management Platforms across Environments
Expanding into multiple clouds necessitates the use of a mix of DDI tools across different environments, including proprietary services, native solutions like AWS Route 53, Azure DNS, and Google Cloud DNS. This fragmented approach can complicate issue resolution.
Challenges of IP Conflicts and Zombie Servers
Common challenges in the DDI space include IP conflicts leading to network disruptions and the prevalence of vulnerable zombie servers. These issues, along with underutilized IP allocations, contribute to the complexity of network management.
Hazards of Inadequate DNS and IP Address Management in Cybersecurity
The cybersecurity ramifications of DNS management are often underestimated, as stated by Wilcox.
Reflecting on his cybersecurity experience, Wilcox emphasized the critical importance of DNS and IP address management in thwarting threats at an early stage in the cyber kill chain.
SEE: Insights on Cyber Threats from Infoblox
Wilcox mentioned that organizations using Infoblox’s cybersecurity solution witnessed an 80% reduction in network traffic, indicating a significant portion of the traffic involved malicious activity.
DNS Security Gaps as Entry Points for Threat Actors
Ensuring secure management of DNS and IP addresses can diminish an organization’s attack surface. Addressing issues like erroneous DNS delegations and security vulnerabilities can help prevent unauthorized access by threat actors.
Wilcox warned against leaving such DNS-related vulnerabilities unaddressed, as they offer a significant entry point for cyber threats.
Promoting Unified DDI Management in Organizations
Wilcox suggests organizations consider centralizing DDI management across diverse environments and teams. Infoblox’s recent introduction of a centralized SaaS system called “Universal DDI” aims to bridge the existing gap among vendors.
Scott Morris, the managing director of Infoblox in Australia and New Zealand, highlighted the benefits of a universal management approach in addressing technical debt issues and enhancing visibility across organization assets and vulnerabilities caused by various on-premises and cloud implementations.
Morris emphasized the transformation of DNS, DHCP, and IPAM from passive tools to proactive security mechanisms as a significant advancement towards bolstering a company’s security posture.
About Author
