PowerPoint Presentation - PDF 무료 다운로드

1 2017 2013 Infoblox Inc. All Inc. Rights All Reserved. Rights Reserved. 더향상된차세대데이터센터구축방안 신성균부장, Pre-Sales SE 14 SEP 2017

Agenda Infoblox의차세대데이터센터에대한 Vision NGDC 구축시여러가지도전과제들 NGDC에적용가능한 Infoblox 솔루션 Infoblox 솔루션도입고객의 Case Study 2 2017 2013 Infoblox Inc. All Inc. Rights All Reserved. Rights Reserved.

Major IT 트렌드 NGDC/NFV로의이동 Borderless Enterprise - Mobile, IoT, Cloud 기업내 SaaS 솔루션도입증가 DNS 보안의위협증가 Big Data Analytics 3 2017 2013 Infoblox Inc. All Inc. Rights All Reserved. Rights Reserved.

Before Infoblox Clients/IoT SECURITY INFRASTRUCTURE ISC DHCP SaaS Business Services Traditional Campus/DC AWS Route53 DNS Public Cloud BIND DNS SaaS Consumer Services Lack Security Management of Insight Vulnerabilities Silos Microsoft DNS / DHCP On-Prem Business Services Private Cloud Excel IPAM 4 2017 2013 Infoblox Inc. All Inc. Rights All Reserved. Rights Reserved. Malicious Domains

Infoblox Deployed Clients/IoT SECURITY INFRASTRUCTURE Traditional Campus/DC Control 민첩성을위한자동화 Business 중앙에서Service 통제 가용성과탄력성의보장 Public Cloud Private Cloud DNS & DHCP (virtual) DNS & DHCP (AWS, AZURE) DNS Firewall Threat Insight Network Intelligence Reporting Microsoft Secure DNS & DHCP 외부 DNS (physical) 공격으로부터의보안 Client의 Malware/Ransomware 보호 DNS를이용한 Data Loss로부터의보호 IPAM Consumer Service Analyze 다양한DNS IT환경의 & DHCP 통합된가시성제공 (Infoblox Cloud) 통계정보를이용한서비스품질및컴플라이언스확인 타벤더솔루션과연동을통한자동화확장 Malicious Domains 5 2017 2013 Infoblox Inc. All Inc. Rights All Reserved. Rights Reserved.

Control 영역의비전 민첩성을위한서비스의자동화 확장성있는프로토콜서비스 운영효율성 네트워크인텔리전스 수직 & 수평확장 각시스템들의성능향상 정책기반의프로토콜서비스 다양한플랫폼통합 자동화와 API 워크플로우와템플릿 Audit 정보및통계정보 쉬운트러블슈팅 예측가능한분석 6 2017 2013 Infoblox Inc. All Inc. Rights All Reserved. Rights Reserved.

DNS DoS Exploits Reflection Amplification Secure 영역의비전 상황인식이가능한 DNS 보안 DNS 서버의보안멀웨어와 Data 유출방지 Threat Intel Data 제공 Open Source Govt Commercial & Shared NAC SIEM Vulnerability Endpoint Ecosystem Analytics Threat Intelligence Data Sharing 7 2017 2013 Infoblox Inc. All Inc. Rights All Reserved. Rights Reserved.

Analyze 영역의 Vision 가시적인정보와솔루션의확장 다양한환경에서통합된가시성을제공 온프레미스시스템과클라우드시스템의정보통합 3 rd Party 제품들과연동하여실행가능한기능들 Infoblox Cloud 고객의 IT 및보안운영솔루션 ABC Company JKL Company XYZ Company Microsoft AD User Data 고객의 On-Premise 리포팅 Vulnerability Scanning End Point Management SIEM Infoblox DDI and ActiveTrust Help Desk & Asset Mgmt NAC Threat Intelligence Platforms 8 2017 2013 Infoblox Inc. All Inc. Rights All Reserved. Rights Reserved.

아키텍처와기술부분의 Vision 유연한배포오픈아키텍쳐클라우드기반의민첩성 Infoblox Cloud Recursive DNS FW Security & Ops Analytics External Authoritative DNS ActiveTrust TI Platform Customer Portal (licensing, billing, health, support) IPAM Unified Control, Security and Analytics 로밍 / 모바일로근무하는직원들 지사 (with proxy) Public Cloud IaaS 9 2017 2013 Infoblox Inc. All Inc. Rights All Reserved. Rights Reserved. Private Cloud IaaS 본사 DC

NGDC 구축시여러가지도전과제들 10 2017 2013 Infoblox Inc. All Inc. Rights All Reserved. Rights Reserved.

기업내 IT 의위상과중요도의증가 IT 조직의우선과제들 민첩성 (Agility) 의향상 자동화를이용, 더적은노력으로더많은업무를수행 성능 / 사용자경험의증가 리스크감소 사업활성화를위한 IT 의활용 11 2017 2013 Infoblox Inc. All Inc. Rights All Reserved. Rights Reserved.

전통적인데이터센터의문제점들 콘트롤의부족 보안의위험요소들 통찰력의부족 $ Expensive to Scale Silos Vulnerable Malware Volumes of Data to Analyze Manual Processes Inefficient X Lack of Context X No shared Intelligence No Global Visibility Manual Orchestration Slow Remediation 12 2017 2013 Infoblox Inc. All Inc. Rights All Reserved. Rights Reserved.

NGDC 로의변화를요구하는기술들 VDI Datacenter Automation Data Center Consolidation Hybrid Cloud Migration SDDC/SDN Thin Client 로접속하여이용하는 Virtual Desktop 스크립트를이용한자동화, 어플리케이션을배포하고각팀간의업무협조를최소화하여 Agility 를높이는기술들 물리적인 Infra 에서가상 Infra 로업무를옮김으로써데이터센터의공간을최소화 On-Premise 시스템과 Private, Public 클라우드플랫폼을통합관리자동화할수있는오케스트레이션 소프트웨어정의기술들로서버, 스토리지, 네트워크장비등을소프트웨어정의기반으로운영및관리의효율성증가 DevOps 자동화된워크플로우를이용, 빠른테스트와소프트웨어배포가가능 13 2017 2013 Infoblox Inc. All Inc. Rights All Reserved. Rights Reserved.

차세대데이터센터로의전환 IT 를이용하는서비스에민첩성을제공하며, 가용성과자동화를보장 자원할당및프로비저닝의자동화 설치된플랫폼들의활용도증가 데이터센터자원들의중앙관리 향상된보안 SUPPORTING App B CLOUD VIRTUAL PHYSICAL * 차세대데이터센터로전환의중요성 - 민첩성, 가용성과비용효율성을보장 - 기존의서비스형식으로는이러한변화를수용할수없음 - 가시성, 관리가능성및보안이준비되어야성공적인전환가능 14 2017 2013 Infoblox Inc. All Inc. Rights All Reserved. Rights Reserved.

NGDC 로가는길에있는문제들 현실과의차이점 매뉴얼한절차들 다른종류의플랫폼들 가시성있는통합정보 보안과컴플라이언스 8/10 79% 81% #1 DNS 를수동으로관리하거나커스텀한스크립트를이용하여관리 3 개이상의다른종류의클라우드플랫폼을사용 새로생성되는자산들에대한탐색및제어를통해통합정보를원함 DNS - 가장공격을많이받는어플리케이션 DNS/IPAM 서비스를위한매뉴얼한절차로민첩성이저해됨 다른종류의플랫폼사용시운영의비효율성이발생 하이브리드환경을모두통합하여가시성있는정보제공이어려움 DNS 기반의익스플로잇등의공격으로 DNS 관련보안과컴플라이언스의증가 15 2017 2013 Infoblox Inc. All Inc. Rights All Reserved. Rights Reserved.

VM 배포를위한매뉴얼한절차들 VM 배포를위한매뉴얼한절차 VM 회수및 IP Address 회수 9 VM 배포 DNS Record 설정 IP Address 요청 대기 1 2 3 4 DNS Record 생성요청 Manual IP 관리문서화 IP Address 할당 IP Address 설정 8 7 6 5 Manual VM 배포및회수시몇일의시간이걸림 사일로처럼구분된팀간의비효율적인업무협조 효율성, 융통성의부족 IP 관리문서화 DNS Record 삭제 10 11 Manual DAYS 여러 VM 들을동적으로할당및회수가어려움 16 2017 2013 Infoblox Inc. All Inc. Rights All Reserved. Rights Reserved.

NGDC 에적용가능한 Infoblox 솔루션 17 2017 2013 Infoblox Inc. All Inc. Rights All Reserved. Rights Reserved.

MANAGEMENT API IPAM DHCP DNS TFTP HTTP NTP Infoblox DDI 솔루션 bloxsdb Database INFOBLOX NIOS SOFTWARE bloxha Failover bloxsync Data Assurance DEDICATED HARDWARE PLATFORM 전용하드웨어 / Virtual Machine 전용운영체제 (NIOS ) 전용데이터베이스 (bloxsdb ) 시스템레벨 HA 기술 (bloxha ) Grid 의멤버들끼리보안에안전하고정확하게데이터를동기화하는기술 (bloxsync ) 서비스별기능모듈 내부 / 외부 DNS DHCP / 인증 DHCP Authoritative IPAM 18 2017 2013 Infoblox Inc. All Inc. Rights All Reserved. Rights Reserved.

Infoblox GRID Administrator Internal Virtual Machines App App App App OS OS OS OS ESX Serv er VPN Tunnel Grid Master Database Grid Members Grid Master Candidate Branch Offices GRID Master 에서중앙관리및운영 ( 분산 DB 및 Configuration 공유 ) GRID Master 에서 GRID System 들의모니터링및리포팅관리 GRID Master Candidate 로지역이중화구현가능 GRID Master 에서 GRID System 들의설정및실시간변경 계층구조의설정으로 Grid 설정을상속하거나덮어쓰기가능 GRID System 사이는 SSLVPN 을이용한안전한통신 System 장애시 Spare 장비에간단한설정으로복구가능 (One Step Replacement) 19 2017 2013 Infoblox Inc. All Inc. Rights All Reserved. Rights Reserved.

Cloud 에서의 Infoblox 솔루션 Cloud 사용자 Cloud Network Automation Management UI OpenStack VMware vra Microsoft SCO/VMM 네트워크기능들 : Routing, switching, firewalls, load-balancers Cloud Management Platform Cloud Orchestration 계층 Hypervisors VMware ESXi / MS Hyper-V Compute Storage Network Physical Infrastructure Infoblox Adapter (Virtual Machine) Infoblox DDI Core Network Services Infoblox Cloud Network Automation 은 Cloud 구축시더적은노력으로 Agility, Scalability and Reliability 를제공 20 2017 2013 Infoblox Inc. All Inc. Rights All Reserved. Rights Reserved.

Infoblox Cloud 통합 - CNA AWS VPCs AWS Instances AWS Networks 21 2017 2013 Infoblox Inc. All Inc. Rights All Reserved. Rights Reserved.

DNS 서버보안 - ADP (IPS+DDoS) DNS 공격형태종류설명 DDoS DNS Protocol DNS reflection DNS amplification TCP/UDP/ICMP floods NX / Phantom Domain Botnet 기반의 DDoS DNS hijacking DNS-based exploits Protocol anomalies Reconnaissance IP 를변조한후 Open resolvers 를통한 DoS/DDoS 형공격 응답을증폭시킬수있도록특별제작된쿼리로공격 대량의트래픽을발생시켜서비스장애를발생시키는공격 존재하지않는 / 응답하지않는 Domain 에대한쿼리를대량발생 Malware 에감염된 CPE 에서대량의쿼리발생 로그 DNS 서버로접속하도록 DNS Record 를변조 DNS 소프트웨어의취약점공격 기형패킷및쿼리를전송해서버다운시킴 공격을하기전에네트워크환경에대한정보수집 Secure access ADP Infoblox Rule 서버 Attack 정상 DNS Traffic Attack DNS 서버역할을하면서, DNS 공격방어 DNS 공격처리 CPU와 Query 처리 CPU를분리 정상 DNS Traffic은공격중에도처리가가능 Infoblox Rule 서버로부터자동 Rule Update Rule의 Customizing 가능 공격 Traffic 정보제공 설치 / 운영 / 모니터링 / 관리가용이 22 2017 2013 Infoblox Inc. All Inc. Rights All Reserved. Rights Reserved.

DNS 에서멀웨어방어 - DNS Firewall Malicious hostnames 4 ActiveTrust Infoblox 자체 Threat Intelligence Feed INTERNET Malware 1 2 Infoblox DNS Firewall 3 5 INTRANET 1 2 Malware/Ransomware DNS 를이용한 Callback 감염된단말이내부망으로들어와다른단말들에게전염 Malware 는 Botnet/C&C 와의통신을위해 DNS Query 를발생, DNS Firewall 은이 Query 를탐지해서설정된정책적용 (Drop/Redirection to Walled Garden, etc.) 서비스차단 Block / Redirection / Log Only 3 rd party 솔루션 ( 정보교환 ) 3 감염단말확인 : 4 Infoblox Feed 서버에서 Malware Device IP address DB를주기적으로자동 Update Device MAC address Device type (DHCP fingerprint) 5 FireEye 등의 3rd Party 솔루션과 Device host name 연동하여자동화된, 더욱완벽한 Device lease history 보안제공 23 2017 2013 Infoblox Inc. All Inc. Rights All Reserved. Rights Reserved.

DNS 를이용한 Data 유출방어 - Threat Insight Data Exfiltration 공격의특징 복잡하며, Zero-day attack 이많음 Malware 가민감한 Data 가들어있는 File 에접근 암호화하여형식을변경 DNS 를통해유출할수있도록적절한단위로나눔 DNS Domain 혹은 TXT Record 등으로유출 유출된정보는 C&C 에서재조립 예 ) Iodine, OzymanDNS, SplitBrain, DNS2TCP Slow Rate (1PPS) / 소스 IP Spoofing Data Exfiltration Encoding Example: Before Encoding After Encoding MarySmith.foo.thief.com SSN-543112197.foo.thief.com DOB-04-10-1999.foo.thief.com MRN100045429886.foo.thief.com 123048re230.sad0f.thief.com sodfpwqe.asofos.thief.com fff.saoos.fodlf.woof.thief.com 21298746.120923.theif.com Attacker controller server- thief.com (C&C) C&C commands DNS server Infected endpoint NameMarySmith.foo.thief.com MRN100045429886.foo.thief.com DOB10191952.foo.thief.com Data INTERNET ENTERPRISE NameMarySmith.foo.thief.com MRN100045429886.foo.thief.com DOB10191952.foo.thief.com 24 2017 2013 Infoblox Inc. All Inc. Rights All Reserved. Rights Reserved.

Infoblox Ecosystem 25 2017 2013 Infoblox Inc. All Inc. Rights All Reserved. Rights Reserved.

Infoblox DTC(GSLB) DC1 Web/App Server (www.abc.com) DC2 1.1.1.1 2.2.2.2 Health Check Q: www.abc.com R: 1.1.1.1 R: 2.2.2.2 Traffic을최적의 Data Center로연결 Server의 Health 상태를기반으로 Response 성능최적화및 100% 가용성을보장 위치기반의응답으로 Response Time 개선 Auth-DNS에 GSLB기능통합 단순하고집중화된관리 26 2017 2013 Infoblox Inc. All Inc. Rights All Reserved. Rights Reserved.

IP 관리의확장 - Network Insight DDI 장비와 Grid 로연동 IPAM 창에서연결된스위치정보확인가능 해당 Client 가접속된스위치 Port 정보확인가능 Vlan 번호, Port Speed, Duplex 등확인 주기적인 Discovery 로초기탐색시간과최종탐색시간을제공 Cloud 환경정보 (vswitch, vnic, VM name) 제공 Multi-vendor 환경의 Router/Switch 탐색제공 각장비들의 Type, Model, 이름및 OS정보제공 장비별 Interface의 MAC, IP주소및상태확인 각장비의 Port 사용현황및연결 Client 확인 각장비별 Inventory 및 Serial 번호확인 Unknown 장비발견시 Email과 SNMP Trap 전송 27 2017 2013 Infoblox Inc. All Inc. Rights All Reserved. Rights Reserved.

Infoblox Reporting/Analysis Report Type DNS Reports: 쿼리트렌드, Top 쿼리 Client, DNS 성능등 DHCP Reports: Lease history, Top DHCP 요청 Client 등 IPAM Reports: Block 내 IP 사용율, Top IP 사용 Network 등 System Reports: 성능통계, CPU/Memory 사용율, Traffic 사용량등 Security Reports: Top 접속악성도메인, FireEye Alert, 시간대별 /Rule 별공격현황등 DTC(GSLB) Reports: Load 분배, GSLB 가용성, Pool 가용성등 Device Reports: 장비별 Port 사용량, Port 사용트렌드, IP 별 Vlan 등 특정 Report 를위한필터링제공 : 날짜 / 시간별, 시스템별, TopN 수등 28 2017 2013 Infoblox Inc. All Inc. Rights All Reserved. Rights Reserved.

Infoblox 솔루션도입고객의 Case Study 29 2017 2013 Infoblox Inc. All Inc. Rights All Reserved. Rights Reserved.

환경에맞는 Infoblox 솔루션 환경문제점 Infoblox 솔루션 Private Cloud 단일데이터센터 Multi-Cloud 다수의데이터센터 AWS Azure 공통 DNS/IPAM 자동화솔루션없음 가상화자원의가시적인정보부족 DNS/IPAM 자동화솔루션없음 통합된가시성을제공할수없음 서로다른클라우드플랫폼에서상호간의일관성을유지하기어려움 DNS/IPAM 자동화솔루션이없음 네트워크가시성의부족 리전을걸친통합관리의부족 DNS 서버보안 DNS Client 의 Malware 로부터의보안 Intelligent 한 DNS 응답 타벤더솔루션 API 연동 향상된 IP 관리 Cloud adapters Infoblox DDI / GRID Reporting Cloud adapters Infoblox DDI / GRID Infoblox CNA(Cloud 탭 ) Reporting Infoblox DDI / Grid Infoblox CNA(Cloud 탭 ) Reporting ADP (IPS+DDoS) DNS Firewall / Threat Insight DTC (GSLB) Eco system Network Insight 30 2017 2013 Infoblox Inc. All Inc. Rights All Reserved. Rights Reserved.

Private Cloud Case Study Major BioTech Firm 배경및문제점 : VM을생성하는데평균 3주, 매뉴얼한작업으로작업효율성저하 프로비저닝하는도중잦은에러가발생 IP 및 DNS 관련설정을위한다수의프로세스가필요 31 2017 2013 Infoblox Inc. All Inc. Rights All Reserved. Rights Reserved. 솔루션과결과 : Infoblox DDI + 클라우드어댑터 클라우드서비스를수행하는시간의감소 평균 3 주나걸렸던프로비저닝시간을몇시간으로감소 불일치한정보, 에러발생하지않음 민첩한클라우드서비스제공, 매뉴얼한오버헤드제거

Multi-Vendor Cloud Case Study Leading Vendor of Security Solutions 배경및문제점 : 민첩성과이중화를위해 3개의데이터센터에프라이빗클라우드를운영 VMware의 vra와 Openstack을통합관리가필요 IT Tool로연동가능한 OpenAPI 필요 32 2017 2013 Infoblox Inc. All Inc. Rights All Reserved. Rights Reserved. 솔루션과결과 : Infoblox DDI + CNA + 클라우드어댑터 Grid 로구성하고어댑터와클라우드플랫폼을각데이터센터에구축하여성능향상과 Local Survivability 를제공 가시성향상및프로비저닝시간의단축 통합된가시성을통해다수의플랫폼을관리

Public Cloud Case Study Video Adverting Platform on Amazon 33 2017 2013 Infoblox Inc. All Inc. Rights All Reserved. Rights Reserved. 배경및문제점 : 내부 DNS 를위해 AWS 에 MS AD 서버를사용하며, Ansible 과 Chef 를이용하여프로비저닝 10 개의 DNS 존에걸쳐 3,000 개의작업을수행하기가매우복잡하고어려움 예 )Reverse DNS 설정 프로비저닝시에러발생이점차증가함 솔루션과결과 : AWS 내 Infoblox EC2 Instance 사용 AWS 내에서엔터프라이즈급 DNS 사용 자동화된프로비저닝으로가시성의향상과실수최소화 AWS 에서 Freeware DNS 를사용했을때의복잡성을제거

Summary Key Takeaways 만일차세대데이터센터구축업무와관련된일을하고계신다면, 다음과같은문제들을직면하게될것입니다. 매뉴얼한 DNS/DHCP/IPAM 작업 / 절차들 보안과컴플라이언스 통합된가시적인정보확인 Infoblox 솔루션은차세대데이터센터에필요한민첩성, 확장성, 향상된가시성및보안을제공합니다. 34 2017 2013 Infoblox Inc. All Inc. Rights All Reserved. Rights Reserved.

Q&A 35 2017 2013 Infoblox Inc. All Inc. Rights All Reserved. Rights Reserved.