Most enterprise networks have integrated virtualized infrastructure into their environments, but organizations discover their DNS, DHCP, and IP Address Management (DDI) systems were not architected for these new challenges. Hardware appliances that worked reliably in less volatile networks can become scalability bottlenecks and, possibly, availability problems when lifted and shifted to networks that include one or more cloud/hyperscalers. The culprit is not virtualization itself but architectural assumptions in legacy DDI platforms never designed for hypervisor environments.
To understand how DDI vendors are solving this challenge, The Tolly Group spoke with Juha Holkkola, co-founder and CEO of FusionLayer. His team has built their DDI platform specifically for virtualized environments, taking an architecture-first approach that eliminates the traditional compromises organizations face when migrating critical network services.
The Lift-and-Shift Problem
The operational challenge with legacy DDI virtualization is straightforward. Organizations take hardware appliance architectures, wrap them in virtual machine images, and deploy them on hypervisors. Technically, the system runs. Practically, it creates problems that did not exist before.
"If you take a traditional kind of legacy DDI system, and you just lift and shift a virtual machine that is made out of this kind of hardware appliance footprint, and then you just pop it somewhere," Holkkola explains. "You don't really redesign the architecture. You don't basically give any special consideration to the fact that you're working with a new kind of infrastructure. So that actually rarely works out of the box."
The fundamental issue comes down to scaling models. Hardware appliances achieved scalability through bigger boxes. That model breaks in virtualized environments where resources get abstracted by the hypervisor. For organizations running business-critical applications, the consequences appear immediately. Scalability problems emerge as traffic grows, and availability issues surface when architectural assumptions about hardware reliability no longer apply.
Architecture Designed for Virtualization
FusionLayer's approach differs by starting with virtualization as the foundational assumption. Instead of scaling through larger instances, the architecture deploys mid-sized clusters that distribute load and provide inherent redundancy.
"Rather than taking this big box approach, which is kind of the classic way of scaling, what we actually tend to do is we deploy our systems as these sort of mid-sized clusters," Holkkola explains. The architecture uses intelligent load balancers that provide service IPs to customers. Behind those service IPs, multiple cluster members can be added or removed dynamically.
"Because all of that is placed behind a service IP, which remains the same all the time, when you look at it from the network perspective, you don't see any difference," Holkkola notes. "The cluster might get bigger, it might get smaller depending on the current situation, but you don't really see it from the network perspective."
This allows organizations to scale by adding or removing cluster members, or take individual nodes offline for maintenance without any network-visible disruption. The design extends to site redundancy and geo-redundancy through routing protocols that advertise the same service IPs from multiple locations. If an entire site fails, traffic automatically routes elsewhere.
The distributed design naturally handles traffic spikes and attack scenarios that would overwhelm single-instance deployments. Holkkola describes validation testing where the architecture weathered simulated attacks generating 8 million queries per second of malicious DNS traffic. "If you are taking in a lot of traffic into a single system, even if it's a big box, you can exhaust it," he explains. "But actually, if you're spread out, then the influence isn't so bad."
Telecom and Service Provider Focus
FusionLayer's primary market is telecommunications and service providers, environments where DDI systems must handle millions or tens of millions of subscribers while maintaining carrier-grade reliability. More than 80% of the company's customers are large telecommunications providers. The architectural decisions that support virtualization also align naturally with the scale and availability requirements these customers demand.
The company does work with large enterprises, but Holkkola acknowledges market dynamics favor established players in that segment. "When we go into the larger enterprise, then typically guys like Infoblox and to some extent BlueCat also from the DDI realm tend to actually operate in the large enterprise market," he notes. "The reasons there aren't so much technical, it's more related to go-to-market and the profile of the company."
This market focus drives specific product capabilities around flexibility and integration. The data structures in FusionLayer's management systems are fully configurable, with all configurations immediately available through REST APIs. "If you're like a telecom and you're trying to do a new automation use case and you need a placeholder for various sets of data, it's actually very easy to add those into our system and make them available through the API," Holkkola explains. This positions DDI as a network source of truth for automation rather than just infrastructure that resolves names and assigns addresses.
Managing Multi-Cloud Complexity
FusionLayer's Infinity solution serves as the core DDI management platform, architected less than 10 years ago specifically for the hybrid cloud era. Unlike legacy vendors whose platforms were originally designed around hardware box architectures and later adapted for virtualization, FusionLayer started with cloud, distributed, and scalable infrastructure as foundational assumptions. The architecture employs northbound REST APIs for automation and southbound integrations with built-in connectors that interact with third-party systems through their APIs.
These connectors work with on-premises systems like Microsoft Windows Server, cloud platforms including AWS, Azure, and Google Cloud, and software-defined networking solutions. "Within these multi-cloud environments, we basically interact through the APIs that these systems provide," Holkkola explains.
The overlay approach extends to private clouds, OpenStack deployments, and emerging edge cloud environments. This gives organizations flexibility in choosing which DNS and DHCP engines to deploy, whether those are FusionLayer components or third-party solutions. "If someone wants to run our DNS and DHCP engines, that's great," Holkkola notes. "But at the same time, if you have some other flavors, you'd like to use them, that's okay as well."
The Real ROI: Downtime Avoidance
Most DDI vendors pitch operational efficiency and reduced management overhead. FusionLayer frames the business case differently.
"Ultimately, the opportunity cost of not deploying is the cost of downtime," Holkkola emphasizes. "Particularly if you're a telecom, if there's a configuration error, or whatever there is, that easily leads to downtime. And for our customers, downtime, it adds up really soon."
For telecommunications providers, service disruptions can trigger regulatory fines, service-level agreement penalties, and customer churn. A single outage might cost more than years of DDI licensing. This downtime-avoidance focus drives everything FusionLayer does, from rigorous quality assurance testing for new releases to architecture blueprints that emphasize resilience and high availability as foundational requirements. The clustering strategy itself exists primarily to eliminate single points of failure that could trigger service disruptions.
Implementation and Migration
Despite serving large telecommunications customers with complex environments, FusionLayer has standardized deployment processes to minimize implementation timelines. The virtualized architecture means new instances boot in minutes rather than requiring hardware procurement.
"The systems themselves, they are very easy to deploy, because they've been created for this virtualized environment," Holkkola explains. "You can actually boot up new instances in literally minutes."
Migration tooling extracts data and configurations from existing systems and automates the transfer process. While large telecom projects involve extensive design documentation and approvals, the actual technical migration can proceed quickly. Holkkola cites examples of universities switching from previous DDI systems to FusionLayer in two to three days.
Pricing Structure
FusionLayer typically sells its DNS and DHCP engines as annual subscriptions with different support levels determining pricing. The Infinity management platform uses a different model based on two variables: the number of user seats in the system and the number of integration types. "The more users I have, the more valuable the system is," Holkkola explains. "And then the other thing is the number of integration types. So the more integration types I have, the more it costs."
An integration type represents each third-party system connected to FusionLayer, such as F5 DNS, Microsoft Windows Server, or AWS Cloud. This approach scales pricing based on the actual value delivered rather than arbitrary metrics.
Looking Ahead
FusionLayer's core DDI capabilities have reached market maturity, with two to three updates per year addressing security enhancements and customer feature requests. The company's innovation focus has shifted to FusionLayer Xverse, a platform for zero-touch secure onboarding of devices and automated service deployment built on the RFC 8572 standard.
The company targets AI factories and edge cloud deployments with Xverse, leveraging telecommunications providers as channels to reach enterprise customers. This market evolution could allow FusionLayer to leverage its telecommunications relationships for enterprise reach while telcos offer AI capacity services directly to businesses.
Key Takeaways
Legacy DDI platforms designed for hardware appliances create scalability and availability problems when virtualized through lift-and-shift approaches
Architecture-first design for virtualization enables cluster-based deployments with service IPs that scale horizontally without network-visible changes
Telecommunications and service providers represent the primary market due to scale requirements and downtime cost sensitivity
Downtime avoidance rather than operational expense reduction drives ROI, with rigorous quality assurance testing ensuring reliability
FusionLayer Xverse extends DDI foundations to zero-touch service deployment targeting AI factories and edge clouds
Learn More
Visit fusionlayer.com for detailed information about FusionLayer's DDI solutions and connect with Juha Holkkola on LinkedIn for deeper discussions about virtualized DDI architecture strategies.