What is our primary use case?
I work for a consulting company and we provide support for government institutions. They favor on-premises deployments and tend to avoid any applications based in the cloud environment, so we always implement on-prem deployments.
The Discovery feature provides a clear network overview, while the solution also provides security options with features like robust DNS security.
What is most valuable?
Regarding DDI, I would say the best feature of Infoblox is the DNS security. DNS tunneling is a significant security issue and is very difficult to protect against based on our tests with other types of security devices. However, Infoblox eliminates this issue and provides excellent security against a difficult threat.
We chose this product because it provides us with IP management and a DNS and DSTP solution. From a security engineer's perspective, Infoblox DNS security is the best in the industry.
Regarding the product as an IPAM solution, I would say the best feature is the Discovery feature, which provides enhanced visibility over the entire network infrastructure and automatically creates DNS records for discovered IP addresses.
There are many tools on the market; however, the other products don't combine DNS, DSTP and IP management in one solution. The power of Infoblox IPAM is that it offers all of those, opening up capabilities such as creating IP management tables and providing an overview of the network infrastructure.
What needs improvement?
The solution is not easy to use; the GUI and CLI are challenging to use, limiting end-user capability. We can't use Linux terminal features with Infoblox, as it struggles to detect and troubleshoot problems. We generally use troubleshooting tools like tcpdump in our network security area and we can use that in Infoblox with limited features.
The solution's GUI requires improvement; all the features fall under just a few top menus, making it challenging to find the feature I'm looking for promptly. I use other products like Fortinet FortiGate and an F5 network solution, which feature much better GUIs to find what I'm looking for easily. The Infoblox GUI isn't necessarily hard to use but isn't straightforward, either. Ultimately, the GUI is acceptable, but the CLI needs improvement. A better CLI would save time for the end user and increase their capability with the solution.
For how long have I used the solution?
I have been using the solution for about four and a half years.
What do I think about the stability of the solution?
The solution is very stable; it's better than the other solutions we used. We haven't experienced many bugs or security issues, and the customer service side of Infoblox is solid; they release fixes or provide solutions very quickly when there is an issue. Of all the products we used in this area, we confronted fewer problems with Infoblox.
What do I think about the scalability of the solution?
The solution is highly scalable, and the Infoblox Grid Manager simplifies scaling. We add a new product to the Grid, and the new device will take on the configuration of the Grid Master. No further modification is required.
How are customer service and support?
We contacted technical support before by email. They investigate the log messages to provide us with a fix or carry it out themselves. Phone support is available, but only for two critical issues.
How would you rate customer service and support?
How was the initial setup?
The initial deployment is straightforward. For SMBs, we can carry out the initial deployment in an hour, with the deployment of Discovery and DNS features requiring another 30 minutes to an hour. We can deploy Infoblox for SMBs in a maximum of two hours, but it takes three to four hours for larger customers with many networks, significant DNS infrastructure, and many IP blocks.
What's my experience with pricing, setup cost, and licensing?
We purchase yearly licenses, and I don't know the exact price as I'm not involved in the finance or sales departments. Infoblox is one of the more expensive products in the DDI environment, so I would say that for organizations looking to combine DNS, DSTP, and IP management with security features, the solution is worth it. However, for organizations only looking for an IP management tool, for example, many more affordable options are available.
Which other solutions did I evaluate?
We tested a Rockset product, and it's suitable for IP management and DNS solutions, but it failed our security tests as we found it isn't resistant to DNS tunneling.
We also evaluated SolarWinds IPAM, and it's a good product, but it doesn't have a Discovery feature like Infoblox. The ability to scan the whole network and add IP addresses to the dynamic DNS record is invaluable. Hence, as an IPAM solution, Infoblox has the greater capability and is more valuable to us.
What other advice do I have?
I would rate the solution an eight out of ten; it loses two points because of the CLI and the high price.
Infoblox offers a three-month free trial, and the virtual solution is easily deployable on any data center, so I would advise anyone to try it for themselves.
Which deployment model are you using for this solution?
On-premises
Disclosure: My company has a business relationship with this vendor other than being a customer: Customer/Partner