Infoblox Introduces First Enterprise-Grade DDI solution with Identity Mapping
Infoblox Inc. (NYSE:BLOX), the network control company, announced Infoblox Identity Mapping, which bridges the gap between network security and user identity by intelligently correlating two previously separate sets of data, making it easier for network administrators to locate the source of security events, track mobile devices, monitor network usage and more.
Infoblox is the industry leader in enterprise-grade DNS, DHCP and IP address management, the category known as DDI. With Infoblox Identity Mapping (www.infoblox.com/identity-mapping), IP address tracked by Infoblox can be linked to user authentication events in Microsoft Active Directory logs – the first time an enterprise-grade DDI solution has been able to make this connection. Until now, figuring out the relationship between network IP addresses and actual users has been difficult, error prone, and time-consuming.
Infoblox, a Microsoft Gold Partner, brings Active Directory data into its IP address management (IPAM) database, providing a single point of control where end-user identities are linked with IP addresses and network activity. No additional software or agents are required to provide this connection.
The deployment scenarios for Infoblox Identity Mapping include :
- Security event investigation. A network team discovers, for example, that a security event occurred two weeks ago and the associated application owner has narrowed down the source to a single IP address. Infoblox Identity Mapping determines which device had the IP address at the time of the event and reports on the user who was logged into the device at that time. This allows the team to quickly identify which user’s account or device may have been compromised.
- Tracking mobile devices. The IT department would like a better understanding of who is using mobile devices on their wireless networks, which is a challenge because mobile devices aren’t part of the Windows domain and typically don’t authenticate against the domain. However, it is likely these devices connect to the corporate Microsoft Exchange server in order to access email. Infoblox Identity Mapping correlates Exchange authentication to the user’s IP address, providing the necessary visibility—all without an agent on the mobile device.
- Notify users of a network outage. A network team needs to perform emergency maintenance on one part of the organisation’s network. Infoblox Identity Mapping allows them to see how many users are actively using that section of the network, and who they are, so the team can determine the impact of the outage, as well as notify the impacted users prior to the shutdown.
Beyond Microsoft Active Directory, Infoblox has created Application Programming Interfaces (APIs) that allow customers to connect their DDI platforms to other third-party data sources to further enrich that value of their IPAM data.
“Infoblox built its business on elevating raw network data into actionable information, and we’re continuing that commitment to innovation with Infoblox Identity Mapping,” said Jonathan Gohstand, vice president of product management at Infoblox. “Network administrators, security teams and other IT groups will be able to work together more effectively by harnessing the expanded insight created when IP address information is linked to end-user identities.”
About Infoblox
Infoblox (NYSE:BLOX) delivers critical network services that protect Domain Name System (DNS) infrastructure, automate cloud deployments, and increase the reliability of enterprise and service provider networks around the world. As the industry leader in DNS, DHCP, and IP address management, the category known as DDI, Infoblox reduces the risk and complexity of networking.
The opinions expressed in this post belong to the individual contributors and do not necessarily reflect the views of Information Security Buzz.