How Infoblox’s DDI Solutions Simplify Network Management at the Munich Airport
“The DNS operations are extremely important for us at the airport. If the DNS doesn’t work, we have planes at a standstill.”
The Customer
The Munich Airport’s smooth operations ensure that vacationers can enjoy their time off. Several international awards confirm this. In 2019, nearly 10,000 employees made sure that almost 48 million passengers got to their destinations and back. Yet the airport microcosm consists of more than just flight and passenger processing. Similar to a small city, the airport complex is home to all kinds of facilities for everyday needs. From shopping and restaurants to medical facilities, a fire department and fitness options, the Munich Airport combines many different amenities. It goes without saying that, in order to manage all of this as smoothly and efficiently as possible, the behind-the-scenes IT systems need to function perfectly. These include the website, which as visitors’ first point of contact, and the informational monitors in the airport itself. If they don’t work, chaos quickly ensues, and the customer experience suffers. For this reason, the Munich Airport chose the Infoblox DDI (DNS, DHCP, and IPAM solution) in order to gain complete control over its own network.
Customer: Munich Airport
Industry: Aviation & IT services for the airport
Initiatives: Centralization of DNS at Munich Airport, Simplification of the DDI aspect of network management
Outcomes: Better insights into the network, Smoother processes, Increased efficiency thanks to simple DDI network management and help with automation
Solution: Infoblox DDI
The Challenge
Diverse, Non-Intergrated DNS Infrastructure
The Munich Airport’s goal is to provide the best possible experience for every passenger, from the moment they decide to travel to the moment they return home. But a facility as complex as an airport also relies on a complex IT infrastructure, ranging from the website, which is usually the customers’ first point of contact with the airport, to passenger guidance systems, where more than 2,000 monitors are used to display information. It also includes check-in systems and IT connectivity for the stores on the premises. Before the Infoblox solution was implemented, the lack of integration of the IT landscape had resulted in a variety of external DNS servers, internal Unix DNS servers and, of course, a large number of Windows DNS servers being used. In total, the infrastructure engineering team and Hubert Bösl, Chief Solutions Manager for Infrastructure at Munich Airport, had to maintain nearly 20 different DNS servers. In addition to all these different servers, the high degree of segmentation was a key factor in Hubert Bösl’s decision to research centralized network management solutions. In order to simplify the DDI aspect of network management, the “Introduction of a Unified IP/DNS/DHCP Concept” project was launched in 2017. The goal was to make the solutions management team’s work easier with the help of a central management platform. These smoother processes would also benefit other domains. “We needed an overview of what we were actually talking about when it came to DNS, DHCP, and IP addresses,” recounts Hubert Bösl.
The Solution
User-Friendliness as the Most Important Factor
The “Introduction of a IP/DNS/DHCP Concept” project at the Munich Airport began in 2017 with proofs of concepts from two vendors. Given the importance of the “user-friendliness” criterion, the team ultimately chose the market leader—Infoblox. “What tipped the scale for us was the ease of use of the Infoblox solution. It also became clear that the solution behaved as we expected in all cases,” says Hubert Bösl. “And that’s crucial if you want control of your IT landscape.” Infoblox DDI combines DNS, DHCP, and IP address management (DDI) into one platform. This not only gives administrators a central overview of their network, but also makes it even easier to manage. This saves time, optimizes network workflows, and eliminates possible sources of error.
As Complex as Necessary – as Simple as Possible
Nevertheless, not all of the Munich Airport’s IT systems are integrated into the Infoblox solution. This is because of the requirements of the German Federal Office for Information Security (BSI, Bundesamt für Sicherheit und Informationstechnik) and because the airport is classified as critical infrastructure. For example, the surveillance cameras are required to have their own closed IT network. In this particular case, this helps the team simplify and minimize the fault rate necessary to meet the BSI requirements. The Infoblox network management tool also provides support for that type of networks since even airport IT systems that are not fully integrated into the Infoblox solution can be visualized in the overview. That helps standardize and simplify management.
The Result
Smooth Processes for Customers and Teams
The goal of project manager Hubert Bösl was for the airport’s Infrastructure Engineering team to be able to manage its own IT ecosystem, “with no if, ands or buts.” Through the use of a targeted selection of Infoblox functions, the project managers were able to make everything run smoothly without introducing unnecessary complexity into the system.
As a whole, all projects and workflows at the airport are about providing the best possible experience for customers. Infoblox DDI takes the pressure off the airport’s IT teams and quickly makes any problem manageable. One of the best examples is the regular emergency drills that the airport and its IT systems have to carry out as critical infrastructure. One of these drills played out the following scenario: main domain of the Munich Airport was deleted in Infoblox. This would be a disaster for flight operations, since without the Domain Name System, “DNS” for short, any online activity would be a complicated affair. The DNS ensures that URLs that are entered are converted into “router-ready” IP addresses, which are much more complicated than what is typed by a customer. Without the help of the DNS, any users who wanted to communicate would have to know the exact IP address and enter it themselves. The result: the DNS fails, planes are grounded. After the service desk identified the problem from the emergency drill based on the error patterns, a system engineer at the airport was able to import the backup following an emergency plan recovery step. This plan only required a single sheet of paper, so the DNS was up and running again within half an hour without any concerns.
In addition to the direct benefits, this example also shows why a centralized DDI solution is resource efficient. “We actually only need to put a short emergency documentation on paper to quickly restore our ability to act in the event of an incident. If we had to create emergency plans for several different systems and maintain them regularly, that would not only be a lot of work, but would also waste valuable time during an emergency,” says Hubert Bösl.
IT security also benefits from the central management and overview provided by the Infoblox solution. If suspicious activity occurs within a specified IP address range, it is identifiable at a glance. Therefore, the team no longer has to chase a potential threat across multiple systems. They can monitor all the network activity directly and take appropriate action if necessary.
DDI Made Simple
“We have not reinvented the IT systems or our network at the airport,” explains Hubert Bösl. “But with the Infoblox solution, we can manage the entire network much better and more easily.” This is evident in a wide range of applications. For example, for container virtualization, the Infoblox solution helps his team reserve IP address ranges so they’re not simultaneously used by other functions. For automation, Infoblox supports the team with its API, which gets a lot of use. For example, when installing a new Linux server, employees only need to fill out the GUI form correctly to make sure the IP addresses are reserved immediately. In addition, the Infoblox solution also simplifies the process of matching the documentation to the actual IT environment. This helps the infrastructure engineering team ensure that the network overview is always up to date and contains no obsolete elements. Infoblox DDI helps the Munich Airport manage its digital processes smoothly. This not only makes the airport IT staff’s work easier, but it also gives passengers the best possible user experience during their travels.