Enterprise Security Architect at a tech services company with 51-200 employees
Real User
Top 5
Nov 4, 2025
What we are aiming to do with our modernization and transformation is to be able to build security context-separated pipelines for DNS changes that we can automate. We are going to be breaking that down into probably making use of resource policy zones in Infoblox BloxOne DDI as well as a zone hierarchy. It is not very deep. It is probably going to be only two to three layers. However, having the sub-zone delegation set up allows us to segregate off non-production from production and some of our core application systems from the other things that are perhaps in more of a corporate context. Separating corporate context from customer-facing application context will enable us to give essentially credentialed or privileged and titled pipelines to effect DNS change in support of a larger pipeline. They will be having to call those with change numbers, and we are building out what we think will be our non-man-in-the-middle, non-human-in-the-loop approval chain so that those things can go through. You can have a release manager role see that all of the required things are in place for a pipeline to execute successfully. We want the confidence that all of the tests are able to run before a pipeline is actually utilized for a production change because we want to do those things unattended and outside of normal business hours. That is the approach we are taking with automation. We are going to be bringing most of that, and we are going to be doing that with GitHub Enterprise, GitHub Actions, and direct webhook calls into Infoblox BloxOne DDI where we have to and Terraform where available. I think it is probably too early for me to be able to comment on what I would want to improve in Infoblox BloxOne DDI. I do not think I know enough to be able to critique it, really, at the moment. I am sure there will be things that we uncover. However, I have myself and a couple of other people doing quite a lot of self-led training at the moment, and we have a summit coming up later on in the year to skill up on that. I would rate Infoblox BloxOne DDI a nine based on my current experience. I think technically it is very, very, very good. I am actually pushing them on some things that I would want to see in the SaaS service. I look at what they are offering and their roadmap and say, that is good. So how soon are you going to introduce things such as hosted DNS as part of your SaaS, which is shifting more into Cloudflare's DNS and Cloudflare Spectrum type of functions. I am expecting them to add even more features. Infoblox BloxOne DDI absolutely. Cloudflare is transforming all the time, but I expect Infoblox will be gaining a lot of customers who have. Infoblox BloxOne DDI would not be for smaller companies. I think if you are under 1,200 staff, you probably want to look for a professional service or something that is integrated into the platforms you have already got. I would say 4,000 to 5,000 customers and up is ideal, and then bigger is absolutely necessary to have something such as Infoblox BloxOne DDI. Unless they are a really big company, I do not recommend it. I am in New Zealand, where we have got three telcos of a reasonable size, but they think they are big companies and they are not because our market is only 5 million people. Those types of ISPs absolutely should be deploying something such as Infoblox BloxOne DDI as a service. Whether they offer that as an MSP service, I do not think it is positioned quite right. Any banks or the insurance sector should consider utilizing Infoblox BloxOne DDI as well. I wanted to deploy Infoblox BloxOne DDI at one of the logistics companies here in New Zealand while I was there, but they did not see the value of it, even though now they have since asked me and followed up on conversations about what they might do because they are realizing they have a significant number of blind spots in terms of how they manage DNS across three out of four main clouds. I have been in the middle as a customer and a partner of Infoblox BloxOne DDI. I am a contractor, normally a freelance contractor. I am often representing the customer I am engaged with at the time or dealing with Infoblox BloxOne DDI and the resellers. However, I am not, legally or financially, the end customer. I am putting together all the decision support and the architecture to start with, and then usually I am continuing on in terms of the implementation and the technical side. I would rate Infoblox BloxOne DDI a nine based on my current experience.
I would recommend Infoblox BloxOne DDI to others because it is a centralized platform for managing DDI devices. It is not difficult for others to use, and with a basic overview, they can understand its operation better. I rate Infoblox BloxOne DDI a nine out of ten as a basic user. If user interface enhancements and AI features are implemented, it could improve my rating to a ten. The overall product rating is 9.
This is not highly recommended because the organization size is not very large. Customers use BlockPoint DDI, suitable for medium to enterprise levels. The overall product rating is ten out of ten.
Overall, I would rate the solution an eight out of ten. I will recommend other users negotiate with Infoblox on their pricing, or they should look at Infoblox's competition. Infoblox moved to user-based licensing and subscription-based licensing. We already had Infoblox in our environment, so when you have something in your environment, your reluctance to change is quite high. But if you are looking for something new to implement, to move away from Active Directory, you should look at the competition and negotiate with Infoblox for a multi-year pricing deal.
IP Address Management (IPAM) Tools are crucial for efficiently managing the allocation, administration, and tracking of IP addresses in a network. These solutions help streamline IP address workflows and ensure smooth network operations.
IPAM Tools assist IT departments by automating and simplifying IP address management tasks. These tools help prevent IP conflicts, ensure accurate network documentation, enhance security, and support scalability. They are essential for maintaining...
What we are aiming to do with our modernization and transformation is to be able to build security context-separated pipelines for DNS changes that we can automate. We are going to be breaking that down into probably making use of resource policy zones in Infoblox BloxOne DDI as well as a zone hierarchy. It is not very deep. It is probably going to be only two to three layers. However, having the sub-zone delegation set up allows us to segregate off non-production from production and some of our core application systems from the other things that are perhaps in more of a corporate context. Separating corporate context from customer-facing application context will enable us to give essentially credentialed or privileged and titled pipelines to effect DNS change in support of a larger pipeline. They will be having to call those with change numbers, and we are building out what we think will be our non-man-in-the-middle, non-human-in-the-loop approval chain so that those things can go through. You can have a release manager role see that all of the required things are in place for a pipeline to execute successfully. We want the confidence that all of the tests are able to run before a pipeline is actually utilized for a production change because we want to do those things unattended and outside of normal business hours. That is the approach we are taking with automation. We are going to be bringing most of that, and we are going to be doing that with GitHub Enterprise, GitHub Actions, and direct webhook calls into Infoblox BloxOne DDI where we have to and Terraform where available. I think it is probably too early for me to be able to comment on what I would want to improve in Infoblox BloxOne DDI. I do not think I know enough to be able to critique it, really, at the moment. I am sure there will be things that we uncover. However, I have myself and a couple of other people doing quite a lot of self-led training at the moment, and we have a summit coming up later on in the year to skill up on that. I would rate Infoblox BloxOne DDI a nine based on my current experience. I think technically it is very, very, very good. I am actually pushing them on some things that I would want to see in the SaaS service. I look at what they are offering and their roadmap and say, that is good. So how soon are you going to introduce things such as hosted DNS as part of your SaaS, which is shifting more into Cloudflare's DNS and Cloudflare Spectrum type of functions. I am expecting them to add even more features. Infoblox BloxOne DDI absolutely. Cloudflare is transforming all the time, but I expect Infoblox will be gaining a lot of customers who have. Infoblox BloxOne DDI would not be for smaller companies. I think if you are under 1,200 staff, you probably want to look for a professional service or something that is integrated into the platforms you have already got. I would say 4,000 to 5,000 customers and up is ideal, and then bigger is absolutely necessary to have something such as Infoblox BloxOne DDI. Unless they are a really big company, I do not recommend it. I am in New Zealand, where we have got three telcos of a reasonable size, but they think they are big companies and they are not because our market is only 5 million people. Those types of ISPs absolutely should be deploying something such as Infoblox BloxOne DDI as a service. Whether they offer that as an MSP service, I do not think it is positioned quite right. Any banks or the insurance sector should consider utilizing Infoblox BloxOne DDI as well. I wanted to deploy Infoblox BloxOne DDI at one of the logistics companies here in New Zealand while I was there, but they did not see the value of it, even though now they have since asked me and followed up on conversations about what they might do because they are realizing they have a significant number of blind spots in terms of how they manage DNS across three out of four main clouds. I have been in the middle as a customer and a partner of Infoblox BloxOne DDI. I am a contractor, normally a freelance contractor. I am often representing the customer I am engaged with at the time or dealing with Infoblox BloxOne DDI and the resellers. However, I am not, legally or financially, the end customer. I am putting together all the decision support and the architecture to start with, and then usually I am continuing on in terms of the implementation and the technical side. I would rate Infoblox BloxOne DDI a nine based on my current experience.
I would recommend Infoblox BloxOne DDI to others because it is a centralized platform for managing DDI devices. It is not difficult for others to use, and with a basic overview, they can understand its operation better. I rate Infoblox BloxOne DDI a nine out of ten as a basic user. If user interface enhancements and AI features are implemented, it could improve my rating to a ten. The overall product rating is 9.
This is not highly recommended because the organization size is not very large. Customers use BlockPoint DDI, suitable for medium to enterprise levels. The overall product rating is ten out of ten.
Overall, I would rate the solution an eight out of ten. I will recommend other users negotiate with Infoblox on their pricing, or they should look at Infoblox's competition. Infoblox moved to user-based licensing and subscription-based licensing. We already had Infoblox in our environment, so when you have something in your environment, your reluctance to change is quite high. But if you are looking for something new to implement, to move away from Active Directory, you should look at the competition and negotiate with Infoblox for a multi-year pricing deal.