Infoblox IPAM Reviews

Infoblox IPAM is used primarily in the banking sector, where policies and requirements take time to implement. The deployment timeline also depends on how many services have been adopted, whether organizations are using only DNS, all three DDI solutions, or BloxOne as well.

Infoblox IPAM's integration with DNS and DHCP helps me streamline my network operations as an internal process. It is automatically connected with DHCP, and IPAM is internally connected with DHCP.

I utilize the automated IP address discovery feature with Infoblox IPAM, which is called Network Discovery. For Network Discovery, it actually helps with workflow because we have to configure the seed routers, then SNMP credentials, then CLI credentials. There are different ways to configure the different types of devices, such as devices in firewalls, devices in SDN elements, and devices connected with a switch. There are multiple ways to discover the devices.

For the valuable insights I have gained from Infoblox IPAM's real-time visibility and analytics, we have to set the SNMP polling. For the discovery, it may take approximately 24 hours to fetch all the details and get all the updates, including all discovered devices and their fetched details.

Since Infoblox IPAM fulfills the requirement of the customer currently, in my perspective, there is no additional information that could be improved about Infoblox IPAM. However, in future updates of IPAM, I would like to see features such as more customization and better AI functionality.

I have been integrating Infoblox IPAM for two and a half years.

I am overall satisfied with Infoblox support. I have been working with Infoblox for approximately 2.5 years, and I appreciate Infoblox TAC support. They are very supportive and patient persons, which is why I very much appreciate the Infoblox TAC support.

Usually, how many people from my side take part in the deployment process depends on the situation, but at the time I am the only person who will be deploying Infoblox DDI on one client. If I want help, my colleague will help me and join me for the implementation.

I am not using Infoblox IPAM directly. I am currently working for a partner and have implemented Infoblox in various different customers. As an implementer, I can tell you that deployment of Infoblox IPAM is quite a step forward. There is no issue while deploying the device or any services on the members. It usually takes approximately one year to deploy it because it depends on the banking sector. I use the threat intelligence feature with Infoblox IPAM for DNS perspective. The review rating for this product is 7.5 out of 10.

Infoblox IPAM is a critical foundational piece of any network infrastructure, whether DNS, DHCPE, or IP address management. The pieces integrate with your IP address management, getting data and information from the DATP server. Then they can auto-populate DNS for you. It is an integrated solution.

Infoblox IPAM provides visibility into what's on your network and helps fingerprint devices based on the OS, manufacturer, and other things along those lines.

Likewise, their Grid construct is a solid and well-tested architecture from a redundancy perspective, having multiple devices spread out, either gathering different information or serving as redundant to each other.

The biggest thing for Infoblox to improve isn't so much from a technology perspective. Their biggest problem is with the corporate side of the house as far as getting a support response or getting a sales team response isn't always as efficient as it should be and as it used to be.

We've been a reseller for Infoblox IPAM for more than ten years.

The solution is rock solid. I haven't had many issues with it either going down or having problems or having issues with updates failing or updates breaking things. From that perspective, Infoblox IPAM is pretty reliable. And it's gotta be because it's a core piece of the foundation of any network, so if it's not stable, your network's not stable, and nobody will buy your stuff.

Their Grid architecture makes it extremely scalable. That's one of its strongest aspects.

Their customer support has declined over the last several years. It used to be good. I don't know if they're getting better at it or not.

Neutral

How difficult the initial setup is depends on how you're approaching it. If it's a greenfield install, the setup's straightforward. It gets complicated if you already have another DHCP or DNS service in place and you need to migrate off of those. That isn't so much an issue on the Infoblox side because it concerns the proprietary natures of Microsoft DNS and DHCP or big iron or any other solution you're replacing.

The time it takes to deploy Infoblox IPAM depends on whether it's a greenfield install or a migration. The migration can be tricky, especially if you have to do it in a scenario where you can't have any interruption at all to any of your users or clients.

The people who handled deployment were primarily system administrator types, the folks that handled the existing DNS and DHCP solutions. After that, it becomes your network team, and your service desk can access the recording functions to look things up. Most of the solution is back-end within the IT environment. It's pretty seamless to do it right to the end users in the organization.

The solution needs maintenance. It is not a very high-maintenance type of solution with updates coming up. Maintenance generally covers more troubleshooting issues, with some of the automated features not working for one reason or another. Infoblox has a smaller maintenance scale than a Microsoft solution, where you must maintain the OS, the DDE server, the DNS server, the clients, and so on. But Infoblox is not a complete set-it-and-forget-it.

Infoblox IPAM's ROI is high. I rate it an eight out of ten.

I rate Infoblox IPAM’s pricing a seven out of ten, since their price is up there. Infoblox IPAM is not a cheap product to get. From that perspective, it’s hard to compete with Microsoft where the DNS and DHCP servers are free with the Windows server license. But there are a lot of other capabilities and features and the ability to operate with other OSes that the Microsoft solution is not specifically designed to handle.

People need to look at the full aspect of what the solution gives you and not just look at the price tag. There are time savings to be had for your staff, and that adds up quickly. Many people just go, "Here's the PO I have to cut for this compared to free for the Microsoft stuff," and they don't look at the level of staff involvement required and the time cost to maintain, expand and troubleshoot.

I rate Infoblox IPAM an eight out of ten because of its cross-platform ability to detect and fingerprint multiple OS and manufacturer devices and the ease with which it integrates into the rest of the Infoblox suite with DNS security capabilities and Knack-ish capabilities. Since you control the DHCP server, you can control what types of devices are given addresses and what addresses are given. Infoblox has built many security capabilities into what is normally just a utilitarian networking foundational toolset. However, to leverage that, you have to buy multiple Infoblox products to integrate them, so you pick the capabilities you want, and Infoblox IPAM's license is based on that.

We had it in our company. We were an Infoblox customer, but we migrated from it just a couple of months ago. We are no longer a customer, but we used to be.

We're multinational. We had a part of the company in Europe that was spun off many years ago and then we got that company back. When we acquired that part of the company, we realized we have two different DDI systems. The most amount of data was in our VitalQIP system, which is a product by Nokia. It's off the shelf and a competitor to Infoblox. We also had Infoblox for this one part of the world, and we wanted to combine the two systems into one. We did an RFP to see which system we should use. Do we get a new vendor? Do we go with VitalQIP? Do we go with Infoblox? So, we started from scratch and sent out an RFP. We then made our decision to go with VitalQIP.

We were using Infoblox for pretty standard DDI functions. We were tracking all of our subnets. We were tracking the IPs within those subnets, and we were adding DNS entries. They were offering out DHCP scopes. So, it was pretty standard DNS, DHCP, and IP address management DDI. It'd be a pretty standard operation to be able to do that. For that part of the world, it was internal DNS only. It was not for our public DNS.

In terms of the version, we were a little bit behind the latest version. 

It was just the standard DHCP. The business problem we were trying to resolve was how can we easily, dynamically hand out an IP address and not have it be static. We wanted to have the helper addresses configured on the router to be able to say, "Okay, here's a DHCP scope." So, the business problem to be solved was to be able to hand out DHCP addresses automatically and quickly to all of our customers, and then, of course, we also had the ability to have static IPs for those things that needed static IPs and did not change. DHCP can change all the time. You don't really care what your address is. You just want to get on the network. We also had the ability to assign static IPs for servers, routers, switches, and printers where the address had to be fixed. We were able to use the tool to assign static addresses and dynamic DHCP addresses that can change all the time.

The features we found the most valuable were being able to handle DHCP scopes and handing out DHCP leases. We weren't doing some of the things that we can do, such as DNS query rate limiting. Our usage was pretty standard. We wanted to be able to track our IP addresses to create DNS entries and then create DHCP and manage DHCP scopes. We used the standard features the most.

How you track IPs within a subnet and how all of that works was not intuitive to me. If I compare it to VitalQIP, I create a subnet, and it's a slash 24 size. It's very easy. I look, and here are my 254 IPs. I can then see if I have assigned a static, do I have a DHCP scope, and what's the name of the device. That's all there in front of me. The thing that I found frustrating with Infoblox was that it was not very intuitive. There were certain things you could add, which I thought were confusing. It did not have a similar layout. You could add something as a normal object and you would get the DNS name, the IP address, and what's called a NAPTR record, or there was also something where you could just add a DNS entry tool, just the A record, but you won't necessarily see all of those showing up easily in a subnet. In summary, the graphical interface for showing what IPs are defined in a subnet was not very intuitive. It could have a better look and feel to it.

Infoblox is a stable product. They have a lot of customers. VitalQIP used to have the biggest market share a long time ago. Now, Infoblox seems to be the number one with market share. In general, it has a reputation as being a pretty stable product, and it was stable for us. When we had it, we were happy with its stability in terms of uptime.

It's a scalable solution. That was one thing that was probably better than VitalQIP. I just felt like it was more scalable. The database had room for lots of records in there. You could add additional appliances and have them all talk to Grid Manager if you wanted to scale to new locations.

There were over 1,000 people who were using the system one way. They may not be logging into it or doing anything, but they were using it for DNS resolution or getting a DHCP address.

Their technical support was good. It wasn't great, but it was above average. We struggled to get answers to some of the questions, but it was pretty good. I would rate them a 7 out of 10.

Neutral

That was VitalQIP. It's a product from Nokia. Our Europe business spun off from the main part of the company due to some regulations, and we ended up buying them back and putting them back into the company or integrating them again. So, for whatever reason, and again, before my time, the main part of the company used VitalQIP.  When they went off and were their own subsidiary or their own company, the Europe folks decided to go with Infoblox because, in a sense, they were two separate companies.

When the two companies merged back together, then it got confusing. It wasn't good to have two different DDI systems because we would create some automation for VitalQIP, the Nokia product, for example, and that was great. We would get that to work, but it would not work with Infoblox. We had to either live without that functionality, or we had to make a duplicate effort to try and do a similar process with Infoblox because there were totally different servers, different data, and different ways of processing. 

There were several catalysts for getting rid of Infoblox. One of them was the fact that we have tools that we automate with VitalQIP. VitalQIP had probably 80% of the company's data in the DDI space and only 20% was in Infoblox. So, we made the decision to go with QIP and get it all in one system so that the automation works.

We were also behind a little bit in terms of the version of Infoblox. One of the reasons for our decision was that it was time for renewal. If we had to renew the software to a new version, we had to renew the maintenance contract. It was also time to renew the hardware. As we looked at it, we made our decision. We chose to, for now, at least migrate out of that and put the Infoblox data into the VitalQIP system. So, we retired Infoblox in May, which is just the opposite because everybody else is doing the opposite. 

Infoblox has the biggest market share. Many people are moving off VitalQIP and going to Infoblox, for example. We were a rare occasion, going in the other direction. We are definitely not the norm. They have a bigger market share, but for us, based on what we were doing and our layout throughout the world, it just made sense for us to go to VitalQIP instead of taking all the VitalQIP data and going into Infoblox. So, we did it backward compared to most.

When we deployed the system, there was Grid Manager that managed all of the other appliances out there and communicated with them for zone transfers and DHCP servers and things like that. So, we had Grid Manager, and then we deployed servers in various offices or data centers within the region so that we had some diversity there. If you're handing out DHCP addresses in a certain office, you want to have a server somewhat close to that so that you get a good response time. The same thing is with DNS resolution. We made sure we had redundancy. We made sure that we deployed in multiple data centers so that if we ever had a data center that just went offline, we would have another backup where we could still receive services on the other data center.

I didn't deploy that system. That was done many years ago before I started with the company. We do have a partner we work with for our DDI system, and they helped us with both Infoblox, as well as with VitalQIP. We still communicate with them, and they still help us out with some things, but I don't know the history of whether, with the initial deployment, we used our value-added reseller (VAR). That was probably 15 years ago, and I've only been with the company for eight and a half years. In general, we have a VAR that helps us with questions that we have with both Infoblox and VitalQIP. Now, it's just VitalQIP because Infoblox is gone.

We were responsible for its maintenance. It needed maintenance. With any DDI system or pretty much any software, you're always going to have maintenance. So, we had to do the maintenance. We had to maintain the system to make sure it was running and it was backed up. We had to keep the software current and apply patches. We were very serious about security in our organization. So, if any vulnerabilities were found, we had to do maintenance and figure out how to fix them. We figured them out ourselves or had to call Infoblox and say, "We have this vulnerability that got identified. How do we fix it? Give us a fix or tell us some configuration parameters we need to make so that we are no longer vulnerable." So, there was definitely maintenance on it, and we did the maintenance ourselves within the company.

That would really be hard for me to quantify. I can't say, "Okay, we did this, and the return on investment came back in three years," or "This is how we definitely saved money." With the DDI system, for me, it's really hard to quantify the ROI.

They were expensive. They were known to be expensive. In general, they used to at least try to encourage you to upgrade to hardware every three years. Infoblox had a reputation as being one of the better solutions but also one of the more expensive solutions, whereas VitalQ was definitely a much more affordable solution.

With Infoblox, anytime you replace hardware, there would also be the cost of the hardware upgrade. So, besides the software licensing fee, there were also hardware maintenance and hardware upgrade fees. I would rate it a 3 out of 10 in terms of pricing.

I helped write most of the request for proposal (RFP) for this because we were trying to decide, "Should we get rid of VitalQIP and go to Infoblox? Should we get rid of Infoblox and go to VitalQIP?", which was our decision. There was a series of four vendors that we analyzed. For that RFP process, I would suggest taking a look and figuring out:

• What are your requirements?
• What do you need?
• What are you trying to accomplish?
• What are you currently using?
  

If being in the cloud is important to you, and you definitely know that you want to have a cloud or a hybrid cloud solution, then write that requirement down and know why you're going to be in the cloud. After that, talk to the vendors within the space. In our case, we had four different, and we had a bunch of questions. So, if the cloud is important to you, ask them, "How do you work in the cloud? What are your advantages?" Also, ask yourself, "Is this system going to do public data that the whole world is going to use, or is it just for your internal corporate DNS within the company?" That makes a difference for me because, with DNS, you're going to want to have rate limiting and protection in there. You would need to have more security from DDoS attacks and things like that, whereas if you're doing internal DNS, you've got firewalls to protect you from some of the bad actors, like somebody in China, Russia, etc. So, basically know:

• What are your DNS and DHCP needs?
• Are you going to be in the cloud or not?
• How many locations are going to be to spread out your server?

Get all your requirements done, and then my suggestion would be to ask the vendor. Have a set of questions to ask the vendor. Then, of course, before you buy anything, you would want to prototype it in the lab. Before you go to Infoblox, get into the lab, test everything, and see how this looks.

First and foremost, it shouldn’t break anything that you have right now. So, make sure that works. Typically, everybody seems to have a DDI system, they just may decide, "It's time for us to change. We're going to go to Infoblox." What you would want to do is spend time with Infoblox to say, "Hey, this is what our current system does. Can you do this?" That's because you want to make sure you don't go backward or lose any functionality, or something is going to break when you migrate.

You've definitely got to document all of the functionality of your existing system and what you want the new system to do and then ask Infoblox. If you're not happy with your existing DDI system and you're thinking Infoblox is going to be better, what you want to do is ask them, "Okay, why is this going to be better?" or, "Hey, here's some functionality that I need that my current system can't do, and can you do this for me? If so, let's prototype it in the lab." I strongly suggest prototyping it in the lab.

It's pretty stable, and it's scalable. I wasn't using it all the time, but I do know the person who used it and he seemed pretty happy with it. He understood the system. So, based on his feedback, I would rate it an 8 out of 10.

In my previous organization, we were using it for the reservation of IPs. We used it to reserve an IP or give an IP to a server or machine. In my current organization, we are using Infoblox as DNS. On my end, I have the responsibility to add or remove any A record or PTR record for an IP. We are adding the Alias name, CNAME, and we have multiple domains. In my security role, this is one of the products I work on. I have one domain under my control, and if any request comes to assign an IP, backup IP, or anything we need to resolve, I assign the Alias name accordingly and create the A and PTR records.

It helps to avoid manual mistakes and we can add the proper DNS if we add an Alias name to that. We are aware of the CNAME we need to use. By using Infoblox as a DNS, we can add the A and PTR records, which is helpful for the lookup as well as the reverse lookup. 

Technically, it has most of the features, such as VLAN tagging and Zone tagging.

The challenge I faced was to extract the VLAN data or all the IP address details, but we were able to troubleshoot that. That was because I didn't have the rights. So, my automation team wrote a script. 

When we do a host entry, it also reflects in the lookup. We should be able to filter that part. If we do only the A and PTR records, we need to reflect only that part in the lookup.

I have been using this solution for seven years.

Based on my experience of using Infoblox, it is a stable product. I haven't faced any issues yet. If we keep a track of when the licenses are expiring, it is very smooth.

It is pretty scalable. On Infoblox IPAM, we have a total of five segments of slash 16. It is a vast network. Apart from that, there are multiple domains. I support French companies, and they have multiple domains. That DNS is also a part of Infoblox for which we need to do the entries.

It is used on a daily basis in operations. If we face any issues, such as the IP is not reachable, the first thing we'll check is whether it is resolving or not. If we consider nslookup, it will also go to DNS. So, it is used daily.

I haven't faced many issues in Infoblox. So, I haven't contacted them much, but we have direct support with Infoblox and they are cooperating. The support is good because I can raise P1 to P4 tickets. According to the issue, I can raise a ticket with support, but most of the time, we face issues with the other product and not with Infoblox. I would rate their support a five out of five.

Positive

I have the BlueCat IPAM as well in my current infra. Infoblox is easier and handles DNS entry better. We are not using BlueCat as a DNS here. We are only putting the entry for the management IPs and management segments in BlueCat. In addition, I have contacted BlueCat support, and their support is average. I would rate their support a three out of five. We are thinking of moving our management segment to Infoblox and decommissioning BlueCat.

Our project team is responsible for the setup. It first goes to the project team for the setup, and as a part of the security team, it comes to me for providing the required access. I need to tag the zone or IP we are giving to the Infoblox console. HTTPS and SSH are two ports that we need to allow from our firewall and provide the IP. I also need to check the connectivity. After setting up everything, the project team adds the IP segment and other things, and then after the completion of the project, they hand it over to me.

Overall, I would rate it a 3 out of 5 in terms of the setup. It is not the most complex, but it is not for someone who doesn't have any experience doing it. I have been a part of a network team for the last seven years, and its setup doesn't seem complex. If I have to deploy it, I will check the point-to-point connectivity, the validity of the license, and the support part. After that, I would assign the IP address to Infoblox and open the required port. After the device comes to the network, I can add the subnet. There is a feature in Infoblox to do bulk entry of A and PTR records.

I would recommend it to any team and for any project. The product is good. However, I would advise restricting access. If we provide access to many users, there will be a glitch. We are managing multiple segments, and there is the part of adding entries, as well as removing entries. While decommissioning, we need to cross-check and track that we are removing the old DNS entry from the IP and doing the same entry to the new IP. The main challenge I have faced in my infra is that the technical team or the OS team with Infoblox access is not removing the DNS entries for the old IPs. So, when a client checks, it results in both IPs, which is not a correct practice. We need to filter the authorization or the permission part.

Based on my experience using it for the past seven years, I am rating it a 10 out of 10. I haven't faced any major issues with this product. The product is smooth.

Infoblox IPAM is a full DDI solution. 

We use it for DNS, DHCP as well as IPAM.

I think the product as a whole is very simple to use. 

The graphical user interface is very user-friendly and simple to use. It is very simple to use if you have never used it before. 

I would say that the overall usability is excellent.

I really like how the product works, it has been very beneficial to us.

From an IPAM standpoint, DHCP is an area that needs to be improved.

I have used Infoblox IPAM in two stints, in two different locations. I have used this solution for three or four years.

I believe we are working with the most recent version; if not, it is very close.

Infoblox IPAM is a stable solution.

Infoblox IPAM has been extremely scalable for us.

We have approximately 5,000 users in our company.

We plan to increase our usage.

I only recently contacted technical support. The technical support is poor.

I will admit that the problem may have been a little bit because of me. And the reason is that I couldn't figure out how to physically communicate with someone.

I had been traveling a lot, and I made the case expecting someone to call. I never received a call. 

Then I had been traveling for a long time, so there was no resolution. It just remains there. I will have to file another case in order to get the resolution.

Previously, I used SolarWinds for an IPAM. SolarWinds is probably what I have used the most.

We switched to Infoblox IPAM because it is better.

I have to admit that it was always existing in the places I have always gone. I have never had the pleasure of configuring it myself.

Based on what I have learned from the team that is currently using it and the location where I am now, it's fairly simple to set up. It doesn't appear to have been too difficult to implement.

I believe the initial deployment took a week, based on what I was told.

It was deployed in-house.

We have a team of six and two are required to maintain this solution.

We have a distributed deployment. We have appliances in multiple locations throughout the company.

We have seen a return on investment.

I have worked in environments with up to 10,000 users, and just managing IP addresses can be a struggle. It is very easy to get lost without the automated scans that the Infoblox system performs, without the management, and without the control that it has in place. 

There are an enormous number of IP addresses. Having that in a single pane of glass where everyone in IT can see it is a huge benefit for us.

At this time, I am not familiar with the pricing. My role will soon change, and I will be more involved with pricing, but this has not yet occurred.

In my opinion, the distributed model, while slightly more expensive in terms of hardware, is by far the best way to go.

I have worked in environments where we had a centralized deployment, where we only put them in our data center, and that was a lot more difficult. Even though it is more expensive, I would recommend going with the distributed model.

I would rate Infoblox IPAM a nine out of ten.

We use the product to reserve subnets. 

We can specify the availability of subnets when we create them. 

CLI needs to be user-friendly. There should be an option to commit changes. 

I have been working with the solution for four years. 

The solution is stable. 

Infoblox IPAM is scalable. 

The tool's deployment is easy and takes around one hour to complete. 

I rate Infoblox IPAM an eight out of ten. 

We're using Infoblox IPAM mainly for internal DNS appliances. The designs vary as we have different layers of structures that we run, but in general, we have branches, the data center, and we also have block storage on the cloud. We're using a combination of all Infoblox products that we manage both on the cloud and on-premises.

For me, the best feature of Infoblox IPAM is that you can use BloxOne DDI which means you can manage everything from the cloud and have security policies as well. I also like that Infoblox IPAM is plug-and-play.

Infoblox IPAM has improved and is better, but it needs to have an external GSLB functionality. Currently, the solution has a GLSB functionality for internal appliances, but for an external user, that functionality doesn't exist.

Infoblox IPAM also needs some improvement on its threat engine and RPZ policies, or DNS firewall or DNS policies.

An additional feature I'd like to see in Infoblox IPAM is zero-touch provisioning in terms of the appliances. Currently, there's zero-touch provisioning for cloud-based devices, but for physical appliances in branches, there's none, so you still have to do some configurations. For example, if you have existing DNS infrastructure and you need to set up Infoblox IPAM in new branches, and you need more appliances, you should be able to just plug the solution into the network, and there shouldn't be any manual interference required.

I've been working with Infoblox IPAM for more than five years in various organizations.

Infoblox IPAM is a stable solution.

Infoblox IPAM is scalable, especially because of BloxOne DDI, which lets you manage everything from the cloud.

I would rate the technical support of Infoblox IPAM as four out of five. I'm happy with the resolutions provided, but in terms of response time, that needs to be improved. It could be faster.

We chose to use Infoblox IPAM because of its scalability.

Another reason we use the solution is because of its DDoS protection and DNS threat response policies, also called the threat engine. Infoblox IPAM also has more protection features than other solutions.

We also use Infoblox IPAM because of its stability, for example, we never had any issues with DNS and DHCP.

The initial setup for Infoblox IPAM is easy. If you have a plan for your infrastructure, for example, you need to set up the solution for a new branch, the process would take thirty minutes max. If you need a new grid master and office setup, it could take four to five hours. How long the deployment of Infoblox IPAM takes would still depend on the use cases.

Infoblox IPAM is a licensed product, and my company pays for it yearly. It depends on the licensing model you choose because right now, the solution can also be subscription-based, specifically the cloud version, but the traditional licensing model for it is one that's paid yearly. The cost would depend on the organization. I know how much my company pays for Infoblox IPAM, but I won't disclose that information.

If your company has $10,000,000 or $20,000,000, for example, and you need stability, then I'd say the solution is worth it. If your company is a startup, then the solution may not be worth it, but it would still depend on the ability of your company because Infoblox IPAM is one of the costlier solutions in the market.

I'm using Infoblox and its various solutions, such as Infoblox IPAM and BloxOne Threat Defense, as well as the DNS and DHCP functionalities of Infoblox.

In my company, Infoblox IPAM has more than twenty thousand end users, forty developers, and twenty admins.

My advice to anyone who wants to use Infoblox IPAM for the first time is to consider how you scale, how many people will use the solution, and how you'll utilize Infoblox IPAM. For example, will your company use all the features or just some of the features of the solution? If you're only using DNS and DHCP features and won't need GSLB, security policies, etc., then it may be best to look into open-source solutions. If your company has good financial standing, good revenue, and it can afford Infoblox IPAM, plus it's planning to use multiple features of the solution, then you should go for it.

My rating for Infoblox IPAM is eight out of ten because of its stability and the features it provides. Support for it is also great and professional. The solution is also scalable. I didn't give Infoblox IPAM ten out of ten because, with its cost, there should always be an improvement in it. It's improving, but improvement should happen faster, otherwise, the cost should be lower.

My company is a customer of Infoblox.

I work for a consulting company and we provide support for government institutions. They favor on-premises deployments and tend to avoid any applications based in the cloud environment, so we always implement on-prem deployments.

The Discovery feature provides a clear network overview, while the solution also provides security options with features like robust DNS security.

Regarding DDI, I would say the best feature of Infoblox is the DNS security. DNS tunneling is a significant security issue and is very difficult to protect against based on our tests with other types of security devices. However, Infoblox eliminates this issue and provides excellent security against a difficult threat.

We chose this product because it provides us with IP management and a DNS and DSTP solution. From a security engineer's perspective, Infoblox DNS security is the best in the industry.

Regarding the product as an IPAM solution, I would say the best feature is the Discovery feature, which provides enhanced visibility over the entire network infrastructure and automatically creates DNS records for discovered IP addresses.

There are many tools on the market; however, the other products don't combine DNS, DSTP and IP management in one solution. The power of Infoblox IPAM is that it offers all of those, opening up capabilities such as creating IP management tables and providing an overview of the network infrastructure.

The solution is not easy to use; the GUI and CLI are challenging to use, limiting end-user capability. We can't use Linux terminal features with Infoblox, as it struggles to detect and troubleshoot problems. We generally use troubleshooting tools like tcpdump in our network security area and we can use that in Infoblox with limited features. 

The solution's GUI requires improvement; all the features fall under just a few top menus, making it challenging to find the feature I'm looking for promptly. I use other products like Fortinet FortiGate and an F5 network solution, which feature much better GUIs to find what I'm looking for easily. The Infoblox GUI isn't necessarily hard to use but isn't straightforward, either. Ultimately, the GUI is acceptable, but the CLI needs improvement. A better CLI would save time for the end user and increase their capability with the solution.

I have been using the solution for about four and a half years. 

The solution is very stable; it's better than the other solutions we used. We haven't experienced many bugs or security issues, and the customer service side of Infoblox is solid; they release fixes or provide solutions very quickly when there is an issue. Of all the products we used in this area, we confronted fewer problems with Infoblox.

The solution is highly scalable, and the Infoblox Grid Manager simplifies scaling. We add a new product to the Grid, and the new device will take on the configuration of the Grid Master. No further modification is required.

We contacted technical support before by email. They investigate the log messages to provide us with a fix or carry it out themselves. Phone support is available, but only for two critical issues.

Positive

The initial deployment is straightforward. For SMBs, we can carry out the initial deployment in an hour, with the deployment of Discovery and DNS features requiring another 30 minutes to an hour. We can deploy Infoblox for SMBs in a maximum of two hours, but it takes three to four hours for larger customers with many networks, significant DNS infrastructure, and many IP blocks.

We purchase yearly licenses, and I don't know the exact price as I'm not involved in the finance or sales departments. Infoblox is one of the more expensive products in the DDI environment, so I would say that for organizations looking to combine DNS, DSTP, and IP management with security features, the solution is worth it. However, for organizations only looking for an IP management tool, for example, many more affordable options are available.

We tested a Rockset product, and it's suitable for IP management and DNS solutions, but it failed our security tests as we found it isn't resistant to DNS tunneling.

We also evaluated SolarWinds IPAM, and it's a good product, but it doesn't have a Discovery feature like Infoblox. The ability to scan the whole network and add IP addresses to the dynamic DNS record is invaluable. Hence, as an IPAM solution, Infoblox has the greater capability and is more valuable to us.

I would rate the solution an eight out of ten; it loses two points because of the CLI and the high price. 

Infoblox offers a three-month free trial, and the virtual solution is easily deployable on any data center, so I would advise anyone to try it for themselves.

We use this solution for IP management. Our organization has seven to eight servers across the globe. Millions of people are using it.

Infoblox gives us the flexibility to manage our internal networks and publish the data outside of the network on the internet. It's quite fluid to do it.

When we use the forwarders or when we're trying to connect to the internet, sometimes there are issues and the publishing time is longer. We want a robust mechanism so that creating records doesn't take that much time. It currently takes about one hour to duplicate things from our local network to the internet.

The security could be enhanced. There should be more detailed encoding so messages cannot be taken by a third party. It's encoded on our side, but we need to make it more complex because there are many sources that are able to decode it. If there is the smallest leak, then it's a beta problem.

In the next release, the UI could be improved. I would like to see a simpler version or a customizable UI.

It's a stable product.

The scalability is quite high. We can enhance it as we go.

Infoblox's support is pretty good. We can raise cases on support.infoblox.com. They have staff available 24/7 to handle all of our cases. They respond to us within one or two hours, and they're very knowledgeable. I would rate technical support as 4.5 out of 5. 

It's pretty complex. We have a physical box that needs to be present at the data center. That requires the CX guys to physically install wirings. Then, the network server guys need to connect to the virtual LAN network. Then we need the DDI engineering guys to maintain the IP infrastructure connected to the DNS server. Many teams are involved in the initial setup.

I would rate the initial setup as two out of five.

The amount of people needed for setup depends on the organization. For one Infoblox device, 10 to 15 people are needed. Maintenance requires a lot of attention.

Maintenance is needed regularly because sometimes we face cyber attacks. Sometimes the wire may get damaged, or there's damage due to network issues. We are controlling it virtually and physically.

Setup was completed in-house, but now we're doing everything virtually.

The cost depends on the scale at which we're deploying it. It's an annual subscription that ranges between $1,000 and $2,000.

I would rate the pricing as three out of five.

If the organization is large, the price is negligible. For startups and small-scale companies, the price may be a bit high.

I have also looked at BlueCat. The difference between Infoblox and its competitors is that it has a very good marketing structure. People normally identify DNS by Infoblox. It's like a Xerox machine. We buy Xerox, identify a photocopier, and only call it Xerox. In people's minds, DNS means Infoblox.

I would rate this solution as nine out of ten. 

I use Infoblox IPAM for DNS and DSCP IP assignments and DNS host records, and I also use it to maintain the complete network database for the company.

Before IPAM (IP Address Management) came into the picture, every user had to depend on an Active Directory engineer to get an IP assigned. With Infoblox IPAM, there's automation or auto assignment of IP addresses which is a valuable feature. There's also the capability of storing many networks in one place through the solution. Infoblox IPAM solved the major issue of needing an Active Directory engineer to assign an IP.

The only room for improvement in Infoblox IPAM is its compatibility and flexibility with IPv6. There's been an issue transitioning from IPv4 to IPv6, and though Infoblox is in the process of resolving the issue, it would be better if the team could come up with a solution in a quicker timeframe.

Better transitioning from IPv4 to IPv6 is what I'd like to see in the next release of the solution.

I've been using Infoblox IPAM for eight years.

Infoblox IPAM is one hundred percent stable.

Scalability-wise, I'd give Infoblox IPAM a rating of eight out of ten.

I've contacted the Infoblox IPAM technical support team while doing migrations, planning any tool developments, and whenever I face issues while deploying the tools. Support is excellent because the team is very well organized and gives me resolutions within half an hour from the time I make that call.

The main reason why my company preferred Infoblox IPAM was because of its flexible environment in terms of moving to automation. There are other tools in the market such as VitalQIP, BlueCat, and EfficientIP, but way before those started, Infoblox IPAM already had a complete and centralized structure where you don't need to search for anything in particular, and when it comes to the GUI, you have everything under one place, so Infoblox IPAM is the better solution.

The initial setup for Infoblox IPAM was really easy and user-friendly. The total time it takes to deploy the solution from start to finish depends on the number of networks available, the capacity, the plans, the number of cloud platforms, and how many DNS members you're going to register. On average, for a general case of 10 networks, deployment time hardly takes ten to twenty minutes.

I've seen ROI from Infoblox IPAM, and it's worth the money.

The licensing cost for Infoblox IPAM depends on your usage and also depends on your term plans, for example, you may want it for three months, six months, or only for seven days. I don't remember the exact licensing cost, but it depends on your organization's structure and how many networks you are going to need.

In my company, Infoblox IPAM is deployed on both private and public clouds.

More than one thousand people use Infoblox IPAM within the company, in particular, internal employees.

My advice to anyone interested in Infoblox IPAM is to use it. If you compare it with other tools, it may be a bit higher in cost, but if you're looking for a centralized data structure and user-friendly environment, Infoblox IPAM is the best solution for your requirements. I've worked on all the other tools such as BlueCat, EfficientIP, and VitalQIP, and I found that Infoblox IPAM has better functionality, easier automation, and it has that flexibility.

My rating for Infoblox IPAM is ten out of ten because you can use it to combine the work of ten employees into one. You won't need ten Active Directories because you only need one Infoblox as it's able to handle the complete Active Directory environment of your organization. Everyone looks into IPAM nowadays and doesn't want to depend on Windows Active Directory for IP requirements. Everyone is looking into the centralized database structure tool to use for IP assignments such as  Infoblox IPAM, so I'm giving it a perfect score.

I used to be a partner of Infoblox IPAM, and now I'm just a customer.