Financial Services Software Leader MYOB Automates Network Management in the Cloud with BloxOne DDI
“Before BloxOne DDI, the IPAM process required us to reach out and communicate with the networks team—which may or may not have been able to accommodate us right away. But now I can spin stuff up on my own in minutes and it’s invisible to me. It just works. I get a new IP block assigned for my account and I’m up and running straight away.”
- Joe Devereux, Senior Systems Engineer, MYOB
OVERVIEW
With deep roots in the Australian tech sector, MYOB provides leading-edge tax, accounting and business services software to both small and medium-size businesses as well as the enterprise market.
MYOB traces its origins back to the early 1980s, building a reputation along the way for developing and offering innovative accounting and business management applications that rivaled those of larger international software firms such as SAP and Oracle. The company embraces the credo, “We’re not here to tell you what success should be. Whatever you want for your business—we can help you achieve it.” In that spirit, MYOB serves organizations based in Australia and New Zealand with more than 30 distinct business management solutions—everything to help with accounting, payroll, payments, retail point of sale, CRM, professional tax solutions and more.
THE SITUATION
Committing to and Extending the Cloud-First Approach
For many years, MYOB had embraced a cloud-first approach whereby most of its catalog of business applications was available through a software as a service (SaaS) model. Yet even as an early adopter of the cloud-first ethos, much of the company’s networking infrastructure was still managed through physical data centers. Decision makers at MYOB realized that to maintain their competitive edge, transitioning the DNS infrastructure and related network management systems to the cloud was a logical and necessary next step.
“A big part of working to become a full SaaS/cloud business includes getting away from managing data centers,” explained Glenn Kerr, the manager in charge of MYOB’s networking engineering team based in Melbourne. “Just by moving key product development processes to the cloud, we were able to reduce our footprint from around 1,100 servers in five data centers down to 300 or even less than that. In moving our operations to the cloud, however, we realized we needed to rethink the way we were managing core network operations. It became clear that we needed to transition manual network management processes–such as IP address allocation–to automated cloud processes. That’s how we came across Infoblox.”
Customer: MYOB
Industry: Information Technology & Related Consulting
Location: Cremorne, Australia
Objectives: Automate and port DDI operations to the cloud to further reduce physical server footprint in the data center. Leverage code capabilities in the BloxOne DDI infrastructure to alleviate manual processes for DNS, DHCP, and IPAM. Implement cloud based DDI capabilities that could be handled on a multi-cloud basis across the major platforms, including AWS and Azure
Results: With BloxOne DDI, the MYOB team was able to automate manual tasks, maintain excellent network performance and execute on the company’s objectives to become a cloud-first organization. Created a process that performs an API call to BloxOne to populate an infrastructure as code template with IP address ranges, enabling the DevOps team to create and manage IP addresses without involvement from the networks team. DDI management is now completely automated, with built-in auditing high security
Products: BloxOne DDI
THE CHALLENGE
Bringing Automation to Manual Networking Tasks
Similar to many enterprises that grow organically, MYOB found that basic networking tasks that were once manageable through manual efforts or unspecialized point products became increasingly difficult as the company grew to become a mid-size organization with employees spread across 11 offices in the major cities of Australia and New Zealand. Another issue: With this advancing growth and digitization, increasing numbers of employees and divisions within the organization—especially DevOps and the systems engineering group—came to rely on the networks team to support their work.
For instance, DevOps depended on the networks team to assign unique IP address ranges to test new products and features as they worked to enable new cloud environments. When dev engineers were building an environment within Amazon Web Services (AWS) using legacy tools, they would avoid conflicts by manually allocating the IP address range from a central spreadsheet, which was a slow and error-prone process. A key priority for Kerr and other IT decision makers was to find a way not just to automate IPAM using infrastructure as code, but also to decouple the networks team from these processes altogether. The MYOB team had centered most of its data center modernization efforts in the AWS environment. Today, AWS is where most of the organization’s engineering and development work takes place, although MYOB maintains a massive Azure product footprint as well.
THE SOLUTION
Cloud-First BloxOne® DDI Powers Self-Service IPAM in MYOB’s AWS Environment
MYOB adopted the cloud native BloxOne DDI solution from Infoblox to augment the Microsoft Windows servers it had used to administer DNS and DHCP operations for many years. The industry’s first cloud-managed solution for managing DNS, DHCP and IPAM, BloxOne DDI eliminates the complexity, bottlenecks and scalability limitations of traditional DDI implementations. Also, because BloxOne DDI fully automates IP address management, Kerr and the networks team were able to eliminate the antiquated and very manual process of using spreadsheets to store, track and assign IP addresses, as well as remove the networks team from being involved. Automating these steps enabled the DevOps team to work at its own pace and consume its IP address allocation by code without needing to interact with the networks team.
“With the old system, if someone wanted to allocate an IP address, you had to chase down the Excel spreadsheet—it was an entirely manual process,” said Kerr. “When the networks team needed to be involved with the DevOps teams for IPAM, it could create hours or even days of delays working around the network team’s priorities. With BloxOne DDI in place, the networks team didn’t need to be gatekeepers for IP allocation anymore. We created a process that would perform an API call to BloxOne to populate our infrastructure as code template, with the next available address range. With the rich API library available with BloxOne, we were able to do just that.” By automating these IP address management processes, the team was able to create a giant IP pool inside the BloxOne SaaS portal purely for cloud allocations. From then on when an engineer needed to allocate the IP address range for their cloud environment, the code in the infrastructure bootstrap used the BloxOne API to reserve, allocate and audit that IP address block allocation from BloxOne to the AWS VPC’s CIDR block.
According to Kerr, “It’s fully automated, fully self-service for the DevOps teams, and the networks team doesn’t need to be involved at all. We’ve also recently taken the code responsible out of the bigger infrastructure bootstrap template and made just the necessary code available and downloadable from our AWS service catalog. This is good if an engineer just wants to automate the IP address range allocation inside their own code.”
THE RESULT
Increased Agility to Innovate and Accelerate Business Priorities
From the perspective of Kerr and the networking team, BloxOne has been a resounding success in terms of automating manual tasks, maintaining excellent network performance, and executing the company’s objectives to become a cloud-first organization. “BloxOne enabled us to offer automated IP address management into the AWS codebase we use to deploy and manage our cloud resources, while also being able to solve unique IP addressing,” said Kerr. “It’s completely automated, has auditing built in, and it’s also highly secure. When invoked, our code also automates sending the account number and VPC name to BloxOne, which is then recorded against the prefix that BloxOne allocated to call—all using the API key and security provided by BloxOne.”
Kerr continued: “For a DevOps user working in AWS, they can use code to submit a call saying, ‘these are my AWS details, and this is the size of IP allocation I want.’ The BloxOne API then receives the call, records the AWS details against the new allocation, and returns an IP address block for the AWS VPC to consume. We built this all in AWS originally, but we have some engineers who work in Azure and are looking to create the same functionality for Azure as well. It’s likely we’ll use BloxOne DDI in other cloud platforms in the future if the use case arises.”
For the company’s systems engineering team—the people who actually carry out IP allocations and server deployments—the benefits of cloud-based automation through BloxOne DDI have been a game-changer. “I’m more on the consumer end of this project, and from my point of view, it’s sort of ‘the invisible thing,’ and that’s good,” explained Joe Devereux, a senior systems engineer at MYOB’s Melbourne headquarters. “Before BloxOne DDI, the IPAM process required us to reach out and communicate with the networks team—which may or may not have been able to accommodate us right away. But now I can spin stuff up on my own in minutes and it’s invisible to me. It just works. I get a new IP block assigned for my account and I’m up and running straight away. The more stuff you can get automated and working, the easier my life becomes. And that’s what we got with BloxOne DDI.”
Kerr added that transitioning to a cloud-first model with Infoblox is increasing the agility of multiple stakeholders within the organization to innovate and accelerate on business priorities. “In the old days, you had an IT department that was responsible for all of the server infrastructure, patching, security and all those kinds of tasks inside a central data center. Then there would be an application on top afterwards. The model that we have now is actually building the infrastructure as code for all of those capabilities. We can hand the keys over, and everything’s defined as code for you. Our DevOps team gets all the same networking capabilities, but it’s right at their fingertips, and it doesn’t matter if they aren’t experts in provisioning IP addresses or server management. They can just concentrate on building great products.”
While automating IP allocation was the initial impetus for deploying BloxOne DDI, ultimately Kerr and team were able to migrate both DHCP and DNS operations away from Windows Servers in the data centers and onto BloxOne in the cloud. “Infoblox gives us a single portal for network management using distributed, lightweight and redundant architecture on a SaaS model,” concluded Kerr. “The big value we get from BloxOne DDI is that our engineers can concentrate on our feature stack, and not on hours of upgrades.”