Tohoku Gakuin University Transforms Campus Connectivity with Infoblox
Tohoku Gakuin University, with three campus networks to manage, takes the time and effort out of DNS and DHCP a centrally managed solution.
THE CUSTOMER – TOHOKU GAKUIN UNIVERSITY
Tohoku Gakuin University was first established as Sendai Seminary in 1886 and was renamed in 1891.
Currently, Tohoku Gakuin University has six faculties: arts, economics, business
administration, law, engineering, and general education, as well as a graduate school. It has a total enrollment of about 15,000 students on its three campuses in Tsuchitoi, Tagajo, and Izumi. The university provides a character-building education that is based on Evangelical Christianity. So far, approximately 170,000 students have graduated from the university.
THE CHALLENGE
Reliably Scaling Without Overcomplicating the System
Before the introduction of Infoblox application management was carried out using generic Linux servers for both DNS and DHCP. For DNS, BIND operations were handled by five generic DNS servers: one for internal use in each of the three campuses and two for external use. Because multiple views had to be run using the “view” function in BIND, copying zone data was a complex process. Some views had to be copied manually, and updating DNS zone data was troublesome. It was also difficult to enact plans for implementing BIND version upgrades to address DNS security vulnerability issues.
Where DHCP is concerned, operations were also carried out using generic servers. One DHCP server was installed on each campus, and fixed IP addresses were assigned from the DHCP server to the MAC addresses of all the terminals connected to the network. Whenever there was a request from a teaching staff member, the MAC address of the terminal and fixed IP address were manually registered in the DHCP server.
Customer: Tohoku Gakuin University
Industry: Education
Location: Sendai, Japan
Objectives: Replace standalone, generic DNS and DHCP servers, Improve system reliability, Reduce time and effort required for design and construction, Simplify network management
Results: Significant savings in time and effort on design and construction, Ease and assurance in security updates, Elimination of direct manual IP address registration, Automatic failover in the event of a malfunction, Management from a single web screen, Reduction in application management load
Products: NIOS DDI
In the automatic payout method where the address pool was defined and an IP address was automatically paid out from the DHCP server, it was not possible to immediately identify the terminal affected when an incident occurred, and so a fixed IP address had to be assigned. Naturally, as the number of terminals connected to the network increased, the management load was also increasing, making it necessary to adopt counter measures.
Redundancy in the DHCP servers was also not being carried out, because the use of generic servers would have made the system too complicated.
THE SOLUTION
An Upgrade from Generic Servers to Dedicated Appliances
Reducing the time and effort required for design and construction, as well as application management, were key reasons for updating the entire network system. A simpler and more robust system in which the number of servers was reduced by using dedicated appliances was required.
When using generic servers to build a new DNS and DHCP system, many basic design features and settings, including security measures for the generic servers themselves, have to be carried out. By contrast, with Infoblox a lot of time and effort can be saved in designing and configuring the DNS and DHCP functions
Previously, it was difficult to establish working plans to apply security patches in DNS servers. So another major advantage offered by Infoblox is that with appropriate support from the manufacturer and certified security patches, security updates can be carried out with ease and assurance.
It also would have been difficult to adopt a redundant configuration in the legacy system, but Infoblox offers Tohoku Gakuin University the ability to do so without wasting IP address space, thereby improving reliability. Furthermore, by combining the use of Infoblox with a new MAC address management system that can centrally manage information, such as MAC addresses and IP addresses, direct manual registration in DHCP servers is no longer necessary.
NIOS DDI also makes it possible to easily configure DNSSEC and offers a failover function that automatically switches to a standby machine in the event of a malfunction in the DNS and DHCP servers.
Tohoku Gakuin implemented a total of six Infoblox Trinzic 1410 appliances in its data center to manage the campus network. Two DNS content servers and two DNS cache servers were installed with high-availability (HA) configurations. Using patented Infoblox Grid technology, overall DNS server management can now be carried out from a single web screen. Access from within the campus is processed on the cache server side while access from outside the campus is processed on the content server side.
Two Trinzic appliances were also installed as DHCP servers to pay out IP addresses to the approximately 3,000 terminals on the campus. Fixed IP addresses are assigned to a portion of the terminals, such as printers and servers. For other terminals, the operation was changed to assign IP addresses from the address pool.
THE RESULTS
Major Productivity Gains Justify Significant Expansion Plans
The Infoblox solution has resulted in a large reduction in the amount of effort and time required for design and construction. To cite some specific examples, time is no longer required to design and configure generic servers, and design can now be focused exclusively on the DNS and DHCP functions.
The issues related to DNS and DHCP operations using generic servers have also been resolved, resulting in a large reduction in the application management load. Operations, such as copying zone information for each DNS view and upgrading DHCP software versions, for instance, have become much easier since changes can be applied to the entire system simply by applying them to the Grid Master. Since operations can be carried out from a web interface, various settings besides version upgrade can also be easily carried out. And the adoption of an HA configuration for both DNS and DHCP makes it possible for service to continue even if a malfunction occurs on the active end by automatically switching to the standby end.
Going forward, Tohoku Gakuin intends to update and significantly expand the wireless network system within the campus, expanding the NIOS DDI system by adding two more Infoblox appliances.