The Infoblox is a family of "network services applicances". That is, the devices run the core network services upon which you can build your network infrastructure: DNS, DHCP, RADIUS, FTP and so on. Although you can, of course, host these services perfectly well under Windows or Unix/Linux, there's something to be said for having them provided by separate devices which are dedicated to the job.

The 1050 is roughly in the middle of the range. It's a 1U device with a little LCD panel and four navigation buttons at the front left, plus a USB port and four network ports (management, HA, LAN1 and LAN2). The HA port, unsurprisingly, is for hooking a "heartbeat" line to a second unit in order to run them as a high-availability pair.

There's also a DB9 console port for serial management, and although you can configure the unit's IP address from the navigation buttons, we chose to use the serial console. After a couple of minutes dismantling the console cable (it's an RJ45 with those damned RJ45-to-DB9 adapters whose plastic casing fouls the serial port surround on most laptops, mine included) we were in and had set the IP address and enabled SSH command-line access for future use (sensibly, this is disabled by default). Once you've got the IP address set, you're unlikely to need the console port again since there's a nice GUI that you can use instead.

The GUI management system is Java-based and is accessed via an HTTPS browser connection. After the usual couple of queries from the browser about whether you're happy to accept the digital certificate the application downloads; after a one-off trip through a bijou wizardette that rattles through the licence agreement, time settings and the like you can start to find your way around the Grid Manager GUI.

The user interface is very clearly laid out in a tabbed page; on the far left is a tree view of the devices in the Grid (more about that later); within the grid as a whole or an individual device are service entries for the various features: DHCP, DNS, TFTP, RADIUS, NTP, HTTP and FTP (the latter two being designed really only for file distribution, not to run production sites). The services seem to have been implemented in great detail - so, for instance, the DHCP supports vendor-specific fields (something I rely on in real life for my VoIP-based phone system) and secure automated DNS updates (so the DNS name pool can be kept in sync with addresses the DHCP server has dished out). Likewise the DNS feature includes nice touches such as customisable regular expression validation of hostnames (which lets you enforce corporate naming schemes - something I wish I had in my day job). The way in which the split between grid-wide and device-specific settings works is very intuitive; so, for instance, you can define a default DHCP lease time at the top level, then within each device-specific section you can choose to override the general setting and specify different values.

Now, we said we'd get back to the concept of a Grid. Anyone with a multi-site organisation knows that services such as DHCP aren't directly routable - after all, they rely on layer 2 broadcasts which don't span layer 3 subnets. Infoblox units can be implemented as centrally managed grids, with each grid made up of sets of either individual units or HA pairs; within each grid one unit/pair is the "master" and the other(s) are "slaves". It's a very neat way of providing centrally managed core network services in a distributed environment.

Infoblox is a cunning idea that has been implemented very cleverly and completely, and is sufficiently interesting that I'm actively considering it for the ten-site global network I run.

Although the high-end units in the range such as the IB 2000A have high five-digit price tags, to be fair they are rated to support 1,000,000 users so the kind of organisation that will use it will have serious numbers of users and thus the budget to match.

At the entry level the IB 250A (rated at 1,000 users) is less than £3,000, with the IB 550 (10,000 users) around £4,600. These are pretty affordable for the kind of organisation that has that level of usage; in the company I work in, for instance, I could justify this cost pretty easily to the investment committee because it's a reasonable price to pay for being able to get these services off Windows servers and onto dedicated appliances.


You could do everything the Infoblox does using Windows or Unix/Linux servers, but with Infoblox you gain the benefit of manageability as well as splitting your core network functions off into dedicated systems that have no risk of being trampled on.