Leading Crypto Trading Company Powers and Secures Its DevOps Environment with Infoblox
Overview
A leading blockchain and digital asset trading company, with over eight million customers and daily users exceeding four million, was keen to provide the world’s most reliable and secure global crypto currency trading platform. Key to this business strategy was the company’s blockchain-as-a-service offering, which accelerates the development of web3 apps with secure and scalable node infrastructure, enhanced APIs and developer tools. To maintain a highly secure DevOps environment, company decision makers knew they would require a secure DNS capability that would prevent data leaks. The firm’s IT team designed a modern, cloud-first solution on AWS with solutions from Infoblox and Zscaler, a cloud access security broker, to supply secure access to developers for cloud-based trading platform applications.
The Challenge
Finding the Best Secure DNS Solution
The company’s existing solution employed a cloud-based managed external public DNS service provider for internal private DNS that developers used to create new trading applications. This mismatched approach was less than deal because it left open the possibility of DNS records of internal trading applications becoming exposed during the development process. The trading company wanted to not only limit exposure of the DNS services to their authorized application developers but also provide fast DNS query response times. These crucial business needs called for a modern, cloud-native private DNS solution—one that offered geo-local DNS services for application workloads but could also be managed entirely in the cloud.
The Solution
BloxOne DDI from Infoblox
Since its application workloads were on AWS virtual private cloud (VPC) instances, the company considered using AWS’s native Route 53 DNS web service for its internal DNS operations. The IT team concluded, however, that Route 53 did not supply API calls to developers in a simple and unified way across different VPCs. Support for developer APIs was a critical technical requirement for providing a secure, agile and extensible platform for crypto trading.
Customer Profile: Digital asset trading platform providing a wide range of next-level services with a focus on blockchain and fintech.
Industry: Finance/cryptocurrency trading and services
Initiatives: Modernize and secure the firm’s trading platform with optimized DNS and CASB capabilities, Implement a cloud-native DNS solution that gives developers simple, unified APIs across different AWS VPCs, Gain better manageability over DNS operations
Outcomes: Improved control over DNS operations via a single pane of glass management console in the cloud, Eliminated bottlenecks in the DevOps pipeline caused by slow DNS provisioning, Accelerated application development and deployment timelines
Infoblox Solutions: BloxOne DDI, BloxOne DDI on-premises host appliances
The company’s security team led the effort to modernize and secure its trading platform. Working with a local technical consulting partner, they selected Zscaler, the leading provider of cloud access security broker (CASB) solutions, to offer their developers secure, private access to AWS workloads. During these discussions about expanding CASB private access services, the channel partner introduced Infoblox to decision makers at the trading platform company as the market leader in DDI.
The Infoblox team initially proposed a solution built on Infoblox vNIOS as the preferred internal DNS solution but quickly realized that BloxOne® DDI was better suited to the trading platform for two reasons. First, BloxOne DDI is fully cloud managed. Second, as a cloud-native solution, built from the ground up using micro-services architecture, it was ideal for providing simple and unified APIs across different AWS VPCs to their cloud application developers.
BloxOne DDI is the industry’s first cloud-managed solution for distributed environments, and it is purpose-built for today’s DevOps-oriented software development environments. It offers reliable direct Internet access for distributed sites and full API support for integrating into new and existing applications. BloxOne DDI is locally hosted using a Docker container or virtual machine, simplifying and centralizing remote IT management and control across all sites and locations. It works in hybrid environments as well and delivers the high availability and resiliency needed in mission-critical fintech settings.
Further, because it is cloud managed, BloxOne DDI eliminates the need for the IT team to manage software upgrades and perform routine maintenance, reducing labor time and cost. BloxOne DDI also supports authoritative and recursive DNS, DNS security extensions, active-active or active-passive DHCP and authoritative IPAM (collectively known as DDI). These features, along with BloxOne DDI’s ability to scale from tens to thousands of locations, are future proofing the trading platform provider against business growth needs. In addition, BloxOne DDI furnishes added efficiencies through the automation of configuration, provisioning, templates and policies, and centralized reporting and visualization.
The Results
Securely Developing Crypto Trading Apps Faster Than Ever Before
The Infoblox sales team presented a demo showing how internal DNS would work in the company’s AWS environment. The IT decision makers were enthusiastic about how BloxOne DDI performed, particularly the management portal in the cloud, which delivers fine-grained control over all DNS and related operations through a single pane of glass. Concluding that Infoblox is the only solution provider meeting their standards for highly secure cloud DDI, the company’s IT team decided to move forward with a full implementation of BloxOne DDI. Currently, the trading company has two BloxOne DDI on-premises hosts (OPH1 and OPH2 in Figure 1) deployed in the local AWS PoP with 500 server instances.
As the IT team leader explained, BloxOne DDI’s ability to elastically scale will be important to the platform company’s growth plans: “We’re at 500 server instances currently, but these numbers are expected to increase rapidly. BloxOne DDI is the ideal solution for us as we continue to build out our trading platform in the months and years ahead.”
He was also excited that the implementation had optimized their developer environment, explaining, “Because BloxOne DDI automates provisioning, our team members won’t have to step in to get developers up and running on new projects. Developers can quickly test and deliver new apps and services all on their own. The extensive APIs and out-of-the-box integrations with top DevOps tools mean that we’ll be able to deploy apps faster than ever before. And because BloxOne has a central point of control, managing our DNS operations is much simpler than with our previous toolset.”