Jet Propulsion Laboratory (JPL) is managed for NASA by the California Institute of Technology. JPL’s exploratory missions turn a watchful eye on Earth, using spacecraft and instruments aboard NASA satellites to expand knowledge of earth. They also reach far beyond earth’s planetary neighborhood and into the cosmos to learn more about the origins of the universe.
Because of the mission-critical nature of JPL’s business, providing nonstop domain name resolution and reliable management of zone data is an essential requirement for 24x7 network operations. JPL’s IT systems support space exploration missions and are used to store, correlate, analyze and transmit data collected by spacecraft instruments aboard NASA satellites. The need for reliable operations is especially acute: When a spacecraft is passing its target at 23,000 miles per hour there are no second chances.
Previously, JPL’s domain name system (DNS) infrastructure, which performed essential internal domain name resolution services, included approximately 25 servers using various hardware platforms with different operating systems and versions of BIND. This ad-hoc solution required constant building and maintenance of various hardware platforms with different versions of BIND and several operating systems. The old system was a burden for JPL Deep Space Mission Systems (DSMS) IT staff, especially given the 20-30 DNS zone change requests the department receives each month that were handled via manual file edits.
In addition to the administration required and the lack of a single technical support option in the event of problems, the old system offered little in the way of redundancy and overall reliability. Further, JPL operates worldwide with multiple remote locations and the organization works intimately with multiple space centers and tracking stations, sharing essential information. As a result, the JPL DSMS IT staff recognized a need for a new solution that is not only flexible and scalable, but also secure.
To replace its legacy network identity infrastructure (NII), JPL established the following requirements:
After reviewing its complete list of requirements, the JPL IT team recognized immediately that the best option was to focus on appliance-based solutions because of the inherent deployment, management and security benefits. JPL chose an Infoblox solution based on the built-in faulttolerant features of the Infoblox devices, which help ensure nonstop delivery of the critical domain name resolution and IP address management services required for 24x7 network availability.
Another key requirement for JPL was the ability to allow the IT staff to delegate responsibility for management of specific zones to certain departments, dramatically reducing the administrative overhead on the core IT team and placing DNS zone update responsibility within the remote sites and departments.
Executing a phased deployment, JPL initially purchased 7 Infoblox appliances with the DNSone package to commence replacement of the 25 ad-hoc servers performing internal DNS services. Two Infoblox appliances were established as authoritative devices and configured in highavailability (HA) mode. The two authoritative appliances sync in real-time with five secondary DNS appliances to process internal domain name resolution requests.
After the successful deployment of the phase one DNS infrastructure, JPL purchased 15 more Infoblox appliances running the DNSone package for its phase two DNS deployment, where devices are installed in multiple space centers as well as NASA and several affiliated universities, replacing the old systems.
Because of Infoblox’s appliance-based approach and unique product features, such as onebutton upgrades and automatic, real-time DNS updates, JPL has experienced a reduction in the DNS-related administrative overhead and operating costs. The Infoblox system offers a truly secure solution that provides unparalleled resiliency with failover capabilities, including the ability to easily change the authoritative devices in the event of disaster, as well as the ability to manage the units centrally, effectively operating all the devices as a single, resilient ID grid. Additionally, features allowing delegation of DNS management responsibility enable the team to assign control to specific departments, further reducing IT administrative overhead.
With its new Infoblox network identity infrastructure, JPL employees, information specialists, analysts and affiliate representatives now benefit from nonstop network identity services, allowing the team to consistently leverage the network to keep the space missions on track and deliver appropriate information to the right hands and thereby progress its mission of expanding the world’s knowledge of the earth and the universe.
A NASA affiliated organization specializing in research of the Earth and its neighboring cosmos
Internal DNS solution
Needed 24x7 reliability and simplified administration for internationally distributed network
More than 20 Infoblox appliances with the DNSone® package for:
