Upcoming Events

Cloud Connect
Santa Clara
Feb 13-16, 2012

Cloud Connect brings together the entire cloud eco-system to better understand the transformation we're experiencing and promises to be the defining event of the cloud computing industry. Learn about the latest cloud technologies and platforms from thought leaders in Cloud Connect’s comprehensive conference.

Register Now!

R E V I E W

Do It Yourself DNS

April 3, 2003
By Joe Hernick and Dean Ellerton

>> continued from previous page

Infoblox DNS One

	Issue TOC
	Print full article
	Print this page
	Download as PDF
	E-Mail this URL
	Discuss this article
	Flame the author

	In this article
	Introduction
	BlueCat Networks Adonis
	ApplianSys DNSBox300
	Infoblox DNS One
	Executive Summary \| How We Tested \| Related Links
	Report Card

The DNS One came in just behind the DNSBox300, primarily because of usability issues. When we first reviewed the venerable DNS One ("Building A Stable DNS, Block By Infoblox"), we were pleased with what we saw--and we are still impressed. Like the other offerings we tested, the Infoblox appliance is easy to set up and configure compared with a server-based DNS solution. DNS One also manages DNS via BIND 9, and provides backward compatibility with BIND 4 and BIND 8.

To establish its initial network configuration, the DNS One requires a connection with a provided serial cable to the small box. Front access ports eliminate the need to crawl around behind the racks. After digging up a PC to use as a terminal, we were up and running. This appliance requires a modern browser--anything capable of HTTPS and Java to access the client interface.

We began the appliance's setup sans manual, and it took us a little while to get this box to answer queries. We had to configure the network portion before we could add any zones. But anyone following the setup guide should have no problem getting up and running. Total setup time was a bit less than 10 minutes. DNS One could use better setup wizards, but compared with traditional DNS solutions, its installation was a dream.

Infoblox DNS One

click to enlarge

The client interface needs improvement. Usability is a problem: The browser-based client takes up a lot of screen, and the display is cluttered. It was difficult to view and manage large zones. A call to Infoblox's very good tech support helped us modify settings to get more information on our screen. They reduced the number of hosts pulled in by default to help the Java code perform faster. Despite this problem, the client did provide adequate wizards and tools for setting up initial configurations, importing existing DNS data, and setting up and calculating sub-networking structures. We did miss the extensive error-checking capabilities that Adonis offers. DNS One has simple system-reporting features, but it provides decent raw exports to play with and solid DNS query data.

Infoblox provides a clone feature to copy one appliance configuration to another. We tried this with the test appliances from Infoblox and it worked well. One minor note: The backup utility is a traditional PERL script. We'd like to see this moved to the GUI as in the DNSBox300.

All three appliances provide a standard autoupdate feature to check for and install patches and updates. Both Adonis and BlueCat allow automatic or manual updates, but ApplianSys requires an admin to kick off theirs. Our first attempt at updating locked the DNS One, forcing a hard restart. However, we were unable to repeat the lockup over our weeks of testing, and autoupdate worked fine after our initial mishap. We did not experience any difficulties with the other two appliances' update features.

Security for DNS One is password-based. The appliance relies on a secure HTTPS browser connection for configuration. All unused ports are unavailable, and all zone transfers are disabled by default. CERT (Computer Emergency Response Team) advisories are monitored by Infoblox, and the DNS One automatically pulls down patches from its site as they become available.

The DNS One does the best job of the three of administering multiple user accounts (administrator, super users and users) with filtered views, which permit views of designated zones or networks based on role. DNS queries and access to the management interface can be restricted for zones or networks using access lists.

DNS One, $7,000. Infoblox, (847) 475-8500, Ext. 155. www.infoblox.com

Joe Hernick is an IT director with a Fortune 500 firm; he has 12 years of consulting and project management experience in data and telecom environments. Dean Ellerton, MS.Ed, is the director of technology for a private New England boarding school. Write to them at jhernick@nwc.com.

Post a comment or question on this story.