SOURCE: Infoblox

December 04, 2006 09:00 ET

New Infoblox Solution Enhances Security and Availability of Wireless Networks for Extended Enterprises

Appliance-Based Solution With Unique Grid Technology Overcomes Shortcomings of Traditional RADIUS Services for 802.1X Authentication

SANTA CLARA, CA -- (MARKET WIRE) -- December 4, 2006 -- Infoblox Inc., a developer of essential infrastructure for identity-driven networks (IDNs), today announced availability of new software package for its award-winning line of appliances. The Infoblox Network Services for Authentication (NSA) package delivers distributed Remote Access Dial-in User Services (RADIUS) across a collection of Infoblox appliances that can be easily deployed at multiple remote sites, reducing the cost and ensuring the security and availability of wireless networks for extended enterprises.

Forrester shows that more than half of the enterprises that it surveyed plan to increase wireless LAN (WLAN) spending in 2007. When asked which factor was most important when adopting on-premise wireless technologies to support voice or data, two network characteristics were, far and away, the most important to enterprise buyers -- reliability and security." ("WLAN Adoption In The Enterprise 2006," Forrester Research, Inc., November 2006)

To prevent unauthorized access to wireless networks, most organizations deploy wireless equipment that supports 802.1x authentication, which requires users to supply a valid user name and password prior to gaining network access. 802.1x authentication relies on RADIUS services to compare user-supplied credentials with those stored in a local directory or with a back-end user repository, such as Microsoft Active Directory. If the wireless equipment cannot reach the RADIUS server, users cannot connect to the wireless network.

As distributed organizations deploy wireless access across the enterprise, they face the challenge of ensuring the availability of RADIUS authentication services at remote locations. The traditional approach has been to provide a central RADIUS server at the data center and rely on WAN links to carry authentication traffic to and from remote sites. This approach is vulnerable to multiple points of failure. For example, a failure of the central RADIUS server or a WAN outage will prevent remote users from gaining wireless access.

To improve availability, some organizations provide redundant WAN links to remote sites; however, this can double the cost of WAN connections and still leaves remote sites vulnerable to a failure of the central RADIUS server. Another approach to providing RADIUS services that survive WAN or central RADIUS server outages is to deploy RADIUS servers at each remote site, using standard servers and commercial or open-source RADIUS software. But, conventional RADIUS servers must be managed and synchronized manually, one at a time, making it impractical to deploy them at a large number of sites.

Infoblox Network Services for Authentication Package

The NSA package from Infoblox addresses these shortcomings by making it possible, for the first time, to reliably and securely distribute RADIUS authentication services to remote sites with simple, centralized management, assuring high-performance authentication services that can be deployed with any desired level of availability and survivability at a cost dramatically below any alternative.

The NSA package includes the new RADIUS and Infoblox grid modules. Infoblox's award-winning ID grid technology centralizes and simplifies the management of a collection of distributed appliances and synchronizes data across all appliances in real time. Credentials (user names and passwords) that are stored in the appliances designated as the grid master are automatically replicated to all appliances throughout the grid. The optional Infoblox agent for Active Directory automatically synchronizes credentials from Microsoft Active Directory into the Infoblox appliances, allowing customers to use their existing user directories and eliminating the need to provision and manage user credentials specifically for wireless access.

The Infoblox NSA solution provides several layers of resiliency to ensure nonstop authentication services. Users at remote sites are normally authenticated using the local Infoblox appliance. This takes the load off of central directories and enables wireless deployments to scale easily. If the appliance at a remote site should fail, network equipment can be configured to authenticate to the Infoblox grid master located at the data center over the WAN link. Additionally, appliances at remote sites can be deployed in high-availability (HA) pairs, ensuring continuous service even in the event of multiple remote appliance and WAN link failures.

"Customers increasingly view wireless access as strategic to business operations," said Doug Laird, vice president of Marketing at Trapeze Networks. "As wireless networks become ubiquitous across the enterprise, the availability of supporting services that ensure security, such as RADIUS, must be assured. By providing a unique solution that makes it easy and inexpensive to provide survivable authentication services across remote locations, Infoblox is helping to extend mobile networking."

A Full Suite of Core Network Services

Infoblox solutions integrate, distribute and manage the core data that link networks and applications. The hardened appliance design of Infoblox's solution allows delivery of domain name system (DNS), dynamic host configuration protocol (DHCP), IP address management (IPAM), trivial file transfer protocol (TFTP), network time protocol (NTP), and RADIUS services with higher security, reliability and easier management than the traditional approach -- typically software deployed on general-purpose servers.

"Infoblox appliances are the only platforms available that provide DNS, DHCP, IPAM, TFTP, NTP, and now RADIUS services," said Richard Kagan, vice president of marketing for Infoblox. "Infoblox is delivering on our promise of providing customers with an integrated platform for the essential services that enable identity-driven networks."

Pricing and Availability

The Infoblox Network Services for Authentication package is now available worldwide on the Infoblox-500, -550, -1000, -1050, -1200, -1550 and -1552 platforms. Pricing for the standard NSA package on the Infoblox-550 appliance starts at $5,495 in the United States. The RADIUS module is also available as an optional upgrade for Infoblox appliances running the DNSone with the Keystone upgrade (enables ID grid technology), Network Services for VoIP, and VitalQIP™ Integration packages.

About Infoblox

Infoblox develops essential infrastructure used for establishing identity-driven networks (IDNs). Infoblox network identity appliances deliver nonstop DNS, DHCP, IPAM, RADIUS and related services with unparalleled reliability, manageability, scalability and security. Over 1,500 organizations worldwide, including many of the Fortune 500, use Infoblox solutions for the critical naming, authentication, authorization and IP management services that make their networks secure, robust, manageable and compliant. The company is headquartered in Santa Clara, CA and operates in more than 30 countries. For more information, call +1.408.625.4200, email, or visit

Contact Information