- Mythbuster busts his own tale
- 10 open source companies to watch
- Sony recalls 73,000 Vaio laptops
- Tool to evade China's Web censorship
- Chrome and Firefox and add-ons
Newsletters | Podcasts | Chats | Opinions | RSS Feeds | This Week In Print | IT Careers | Community | Reports | Downloads | Slideshows | New Data Center
Partner Sites:App Performance | On Demand Security | Networking Solution | SOA | Value of WDS
In 2004, the Slammer virus took the city of Houston by storm. The powerful, fast-spreading virus penetrated the Red Hat Linux servers running Berkeley Internet Name Domain software that handled naming resolution for the city's Web sites. The airport system, public library and health department were among the many city agencies whose Web sites suffered outages as a result of the virus.
"The Slammer virus affected all the naming resolution pieces in the city," says Mark Whitt, IS administrator for the city's IT department. "We couldn't get the vulnerability under control. So we began looking for a device to reduce our vulnerabilities.''
Enter Infoblox, one of several start-ups offering special-purpose, hardened appliances that handle resolution for key Internet protocols including DNS and DHCP. The city of Houston bought eight Infoblox appliances - which cost $54,000 - that will be fully deployed this summer.
"All of our Web presence is using DNS services from Infoblox. We're also using Infoblox for our internal name resolution,'' Whitt says. "The performance has been great. I haven't seen any degradation, and we have the enhancements of increased manageability and dynamic DNS updates.''
The city of Houston is not alone. Many organizations are replacing aging DNS software and servers with modern appliances that offer enhanced security and easier management. Other organizations that have made the switch to DNS and DHCP appliances include EMC, Banker's Life and Casualty, and Pima Community College.
"We've seen a lot of renewed interest in IP address management, DNS and DHCP over the last 18 months,'' says Dan Golding, senior analyst with Burton Group.
For the last 20 years, most IT shops have used free software such as BIND running on Unix or Linux servers to handle DNS resolution. However, BIND as well as free DNS software from Microsoft are increasingly under attack by hackers. Today, network managers are becoming aware of the vulnerabilities of these older software applications as well as the affect DNS or DHCP outages can have on corporate productivity.
IP address management "was very low down on the priority list,'' Golding says. "People sort of woke up one day and noticed that their authoritative DNS servers were supporting major Web services and were running on Pentium or ancient Solaris boxes. They were very rickety. The software was old and might have been running on Windows. Then they started reading about all these DNS-based attacks.''
Some companies use special-purpose IP address management software such as Cisco Network Registrar (CNR), Lucent's QIP or Nortel's NetID. However, these products are expensive to operate and are infrequently updated. (Read our Technology Insider on IP address management .)
"The older IP address management platforms are software based, and they require systems administrators, database administrators and network engineers,'' Golding says. "They require a team of high priests to keep them running, so it is very expensive. A lot of them require Oracle licenses, too."
Without protocols such as DNS and DHCP functioning, corporate networks don't work. Web sites go down, e-mail won't go through, and mission-critical ERP applications that depend on the Internet won't function.
"DNS has become critical to IP networks,'' says Cricket Liu, vice president of architecture at Infoblox. "DNS is the preferred method for internal naming, as well as the Internet. It handles resolving URLs and sending e-mail. DNS is also used by Microsoft Active Directory implementations. All of a sudden, the dependency on DNS goes from network domains to network servers to desktops.''
At the same time that DNS has become more critical to corporate networks, it has also become more complex. The basic documentation for BIND is more than 100 pages. In addition, BIND is more vulnerable then ever, with the CERT issuing regular warnings related to BIND and other DNS-related issues.

It's safe to say that most companies, if presented with hard numbers on their energy consumption...
Secure Wireless Printing OptionsDiscover how you can reduce the TCO of your wireless printers in this whitepaper. Learn how to...
Tuning ERP and the Supply Chain for Profitable GrowthThe supply chain is, of course, the primary processing mechanism of every manufacturing company....

Double-Take (r) Software and Microsoft are teaming up on September 9, 2008 for a webinar focusing...
PoE Plus: Impact on the PoE MarketThe standard for Power over Ethernet (PoE), IEEE Std. 802.3af(tm)-2003, advanced networking,...
Harnessing the power of communications to increase workplace performanceDue to the convergence of IT and telecommunications technologies, the business workplace has been...

Increasingly popular technologies such as virtualization, wireless networking and data center...
Virtualization Reality CheckFind out why analysts say approaching virtualization with an ounce of caution is wise. And also why...
Closing the Loop: Extending Wireless LAN Security to Wireless PrintersEnterprises cannot overlook wireless printers when assessing network security. The print jobs and...
Partner Content
CA Network & Voice Resource Center
Comprehensive Network & Voice Management Visit CA Network & Voice Management Resource Center and get insights into industry best practices, information that helps you to address your challenges.
CA Network & Voice Management Resource Center
Managing Voice Over IP for Successful Convergence
Voice over IP (VoIP) has much to offer in cost savings but some customers have concerns about VoIP call quality compared to the quality of traditional voice services. This white paper will help you learn how to take the right steps so that voice quality is assured.
Managing VoIP for Successful Convergence
The Changing Face of Network Management
Managing your network is serious business. This paper discusses the benefits of integrating configuration change-awareness into your network fault management solution
Download Whitepaper
Comments (1)
Appliances replace DNS, DHCP softwareBy Anonymous on January 16, 2007, 1:02 pmAppliances are not a panacea. The GUI's are clunky and don't lend themselves to mass change. Information might be easily imported to the appliance but is difficult...
Reply | Read entire comment
View all comments