The Men & Mice Blog

“The more you know” -- Men & Mice @ VMWorld 2019

Posted by Men & Mice on 8/5/19 3:45 AM

The more you knowNetworks, like businesses, are all about relationships. It's relationships that transform individual strengths into greater cumulative benefits. To build such relationships between locations, platforms, and vendors, businesses need to facilitate communication.

That’s what the Men & Mice Suite does.

The Men & Mice Suite is a software-defined and API-driven management overlay for complex Network IP infrastructures. Version 9.2, released earlier this year, brought advanced workflow and reporting features to streamline operations and eliminate bottlenecks while preserving the signature visibility and ease of use.

Freedom of movement in diverse networks

The Men & Mice Suite’s ability to bulk migrate DNS zones and DHCP scopes, implement role-based authorizations, as well as access to both streamlined management interfaces and comprehensive APIs (REST, SOAP and JSON-RPC) eliminates many of the complexities inherent in today's large-scale networks, while mitigating vulnerabilities stemming from DNS failures such as configuration errors and DDoS attacks.

To protect networks further, the Men & Mice Suite's xDNS Redundancy™ feature provides a level of abstraction to build automation, eliminate human error, and remove conflicting DNS service provider platform complexities (e.g. incompatible APIs), all through centralized views for organizational and structural visibility.

All your networks, managed as one

The cross-platform functionality of the Men & Mice Suite v9.2 for DNS, DHCP and IPAM (DDI) operations targets complex enterprise networks. These typically hybrid and multi-cloud networks make use of either multiple cloud (cloud native) vendors or a combination of on-prem and cloud (hybrid) services.

The Men & Mice Suite is compatible with best-in-class on-premise and cloud services such as Unix/Linux, Windows, and Cisco IOS. It’s able to manage DNS in BIND, Microsoft DNS, Azure DNS, Unbound, Amazon Route 53, Dyn, NS1, PowerDNS, and Akamai Fast DNS; control DHCP in ISC DHCP, ISC Kea, and Microsoft DHCP; as well as IPAM with AWS, Azure, OpenStack, Layer 3, Active Directory and vRealize Orchestrator.

The Men & Mice Suite v9.2 offers an integrated management approach, enhancing visibility across network resources and providing secure monitoring of all network spaces. It can be deployed quickly and non-intrusively, whether on-premise, in the cloud, or across multiple cloud environments to manage millions of IP addresses and DNS records, and provide API connections for  thousands of users for automation and provisioning.

Make complexity an asset

The Men & Mice Suite simplifies complex challenges arising from the adoption of partial - or migration to  full - cloud computing capabilities. Customers can eliminate the dangers of creating overlapping network spaces on different platforms by utilizing consolidated views in the unified management console, and save valuable staff time by automating through the reliable, compatible APIs.

It leverages an organization’s existing infrastructure investment, and facilitates smooth integration with new resources. By streamlining the migration and management of a large number of DNS zones through cloud-native features to monitor changes to DNS made outside of the Men & Mice Suite, it greatly improves synchronization of DNS data from cloud providers. 

Granular access control and system health monitoring helps to mitigate costly network security disruptions while integration with both cloud vendors and on-premise network segments unifies monitoring, managing, migrating and authorizing operations across distributed network environments. Additionally, the Men & Mice Suite v9.2 is available through licensing and subscription payment plans to meet the needs of the diverse organizations using the Men & Mice solution.  

Let us help you: find us at VMWorld

The ROI for integrated DDI solutions such as the Men & Mice Suite is largely comprised of two distinct cost-savers: mitigating downtime and optimizing network management efficiency by cutting OPEX. 

Men & Mice has been helping businesses to synchronize data across their diverse networks, avoid vendor lock-in, migrate between services as needed, modernize, diversify and capitalize on compatibility with cloud-native functionality in cloud services. Customers turn to Men & Mice to align network architecture and operations with business logic and policy for more intelligent, future-ready infrastructure.

Migrate your networks to the future with Men & Mice: visit us at VMWorld in San Francisco between August 25th to 29th at Booth #2033.



Topics: vmworld, network management

How to scale your business with the Men & Mice Partner Program

Posted by Men & Mice on 7/19/19 8:05 AM

Our contingent has been busy at Microsoft Inspire in Las Vegas this week - and unlike most other things, what happens at Inspire in Vegas most absolutely does not stay in Vegas.

Why not? Because Men & Mice's IP infrastructure management product not only integrates well with Azure (case in point: you can download it from the Azure Marketplace, with no frills), but also the Men & Mice Partner Program.

Men & Mice @ Microsoft Inspire

Helga Dögg Björgvinsdóttir and Jessica Poteet, Men & Mice channel partner managers, have just spent the week at Microsoft Inspire in Las Vegas to explore new opportunities for Men & Mice’s expanding channel program.

Helga joins Men & Mice from Microsoft and is leading our co-sell program, while Jessica, who hails from corporate business development with Chevron in Singapore, is focusing on channel partner management.

Together with VP of Partnerships Pétur Pétursson, Helga and Jessica are driving Men & Mice’s growing channel sales program in the US and Europe.

Putting 'partner' into 'Partner Program'

We understand partnerships should be a mutually beneficial investment. It's a relationship that transforms individual strengths into greater market differentiation, and ultimately business gain, for everyone.

In the same way our flagship product, the Men & Mice Suite, complements existing infrastructure and helps our customers capture new opportunities for building and managing a more efficient, productive, and secure network, the Men & Mice Partner Program aims to complement service offerings and open new market segments for our partners.

Offer native integration on all levels

We've visited Microsoft Inspire not only to be inspired (sorry, we just couldn’t resist that one!) by our peers, but also to expand our Partner Program. While we pride ourselves on integrating with many, if not all of the major DNS, and DHCP platforms and services there are, there are few ecosystems with which Men & Mice products form such a deep and extensive symbiosis as Microsoft's.

Microsoft’s software and services are present in just about every organization’s infrastructure, making the business of keeping critical infrastructure up and running consistent, reliable, and familiar for a lot of network managers. Familiarity of technology has its benefits, particularly when it’s possible to extend your network into the cloud within the same Microsoft ecosystem, as is the case with Azure cloud services.

Take your customers' investments in Microsoft one step further

Our Partner Program is enhanced by our experience in providing API-driven DNS, DHCP, and IPAM software solutions to global enterprise, education, and government organizations. We’ve worked with an industry-horizontal array of customers for decades and have gained deep insights into networking best practices as a result. Especially with Microsoft.

The first third-party solution to integrate with Azure DNS, Men & Mice takes its long-term technological focus a step further by simplifying availability of the Men & Mice Suite for Microsoft Azure customers. From Version 9.2, the Men & Mice Suite is available through the Azure Marketplace. Deployment can be done in a matter of minutes instead of hours, with one-click install and easy-to-follow instructions.

As a Co-Sell partner and a recent winner of the Microsoft Partner Award for Infrastructure Innovation, we’ve further expanded our reach with Microsoft beyond technical capabilities, which enables us to  continue making IP infrastructure management easier, better and more productive for customers who want to utilize Azure, or Azure in a hybrid infrastructure environment, on-premise and in one, or multiple clouds. .

Help your customers streamline their networks

Here are a few scenarios where the combination of the Men & Mice Suite and Azure really proved to be beneficial:

  • Mergers and acquisitions. Utilizing the Men & Mice Suite with Azure allows the dynamic scaling or migration from on-prem Microsoft DNS or BIND to Azure DNS. Likewise, unifying a multitude of on-prem and cloud network services and environments through the Men & Mice Suite, eases network transitions and provides near-immediate visibility across platforms.
  • Physical expansions. The Men & Mice Suite can be used to clone already working environments, while taking advantage of Azure’s global availability to reduce local latency and support turnaround.
  • Project fragmentation. Network overlaps and conflicts can be quickly resolved through Men & Mice Suite on top of Azure, providing transparency for all IP addresses, VNETS, and subnets.
  • Network diversification. Network supply chain diversity is critical to add redundancy and prevent against DDoS and other malicious attacks. Using the Men & Mice Suite’s xDNS Redundancy™ feature makes this easier, while the infrastructure is backed by Microsoft’s robust SLAs.

On top of these and other scenarios, the Men & Mice Suite version 9.2 introduced, among many things, tools like the Reporting and Workflow modules to address pain points within enterprise network management.

How to enroll in the Men & Mice Partner program

The Men & Mice Partner Program is executed on two levels:

Authorized Partner: 

  • receives extended support during the Sales process
  • not required to undergo intensive training as Men & Mice provides expert knowledge and resources where appropriate 
  • Men & Mice will liaise with their portfolio of new and existing customers to promote the product

Certified Partner:

  • autonomous agents who take greater responsibility during the processes of Sales, Delivery and Support.
  • committed to a joint business plan that defines engagement of resources on both sides, including the setting of sales targets.
  • Certified Partners’ Sales Teams receive applicable training.
  • Training can be extended to technical staff, as and when required.

Men & Mice also has a special program for Managed Service Providers, who can receive our products with no up-front costs and a pay-as-you-go subscription license. All managed client networks fall under a single subscription license, which offers considerable cost-efficiency.

All our partners receive strong implementation support from the Men & Mice team, ensuring a successful roll-out every step of the way.

Get in touch!

To get started with the Partner Program, reach out to our partner team: partners@menandmice.com 

Topics: Partner Program, Channel Partners, Microsoft Inspire

The ABCs of DNS training from A to Z - Part 3

Posted by Men & Mice on 7/11/19 12:01 PM

dns a-z coverContinuing our glossary of DNS tips & tricks, we’re covering the letters G, H, and I this time.

DNS TRAINING ALERT

Our next  DNS & BIND Week  is set to run in Bangalore, India and other locations from August onwards.  Want to join in? All info on our training page!

G is for “glue records”

Glue records are DNS records (A records) created at the domain registrar, that returns references for the authoritative nameserver of the domain. They’re useful for those wishing to run their own authoritative DNS servers.

Normally, a DNS query

  • first goes to the root (which returns the top-level domain or TLD),
  • then to the TLD (which returns the authoritative nameserver),
  • and finally to the authoritative nameserver (that resolves the domain name).

Problem is, when the authoritative nameserver is part of the domain (like “example.com” having nameservers such as “ns.example.com”) this creates a circular reference. Glue records allow for both resolving the domain name as well as listing the domain’s authoritative nameservers.

To check the validity of your glue records, you need to know the host and its assigned IP address, and use dig. The glue records will show up in the “additional section” part of dig’s output, listing the host names and their IPs.

Speaking of host names…

H is for “hosts”

The hosts file exists on every system that is connected (or capable to be connected) to a network. (On Linux and Mac it can be found in /etc; on Windows, it’s in %SystemRoot%\System32\drivers\etc.) It’s a plain text file whose only function is to provide local name resolution, mapping host names to IP addresses.

Usually, it’s managed automatically by the system, but it can be edited manually, bypassing the network’s own name resolution. For example, you can put

127.0.0.1 www.google.com google.com 

into your hosts file. If you’re running a web server (like nginx or Apache) locally — and it’s configured to answer — you can display any content instead of the actual Google search page.

This can be useful when testing a website or web application, depending on using a specific domain name, locally. You can, for example, clone your website’s file structure to your local system, set up a web server, and test it without having to reconfigure the domain name.


FUN FACT: the hosts file comes from the ARPANET days when networks didn’t have standardized name resolution, and each connected system had its own hosts file. When DNS was developed, and the queries became increasingly complex (and thus carrying more data) one of the suggestions to solve the issue was to distribute hosts files on CDs.


Imagine that, and where the internet would be today if that had happened.( We talked about this (and many, many more things) with Geoff Huston from APNIC on our podcast.)

Speaking of organizations tasked with assigning Internet names and numbers ...

I is for “IANA”

IANA - Internet Assigned Numbers Authority - is responsible for global coordination of some of the key elements that keep the Internet running smoothly, specifically allocating and maintaining unique codes and numbering systems that are used in the technical standards (“protocols”) that drive the Internet.  

It’s a  no-brainer: the Internet has become a mission-critical infrastructure for everything from business to banking to healthcare. Making sure it runs smoothly, and remains secure, apolitical, and free from centralized control, is essential. Yet there is a technical need for some key parts of the Internet to be globally coordinated. This is where organizations like IANA come into the picture.

One of the Internet’s oldest institutions (with functions dating back to the 1970s), IANA’s activities can be grouped broadly in three categories:

  • managing Domain Names, including management of the DNS Root,
  • coordinating global Number Resources, including providing IP and AS numbers to Regional Internet Registries (like APNIC and RIPE), and
  • certain Protocol Assignments, such as managing Internet protocols’ numbering systems in conjunction with standards bodies.

Since we’re talking about numbers, on the 14th of July it will be exactly 20 years since IANA made this historical announcement regarding the delegation of IPv6 address to regional registries, which set in motion the beginning of the worldwide deployment of IPv6. (Perhaps - eventually - IPv6 will prove to be as revolutionary as the storming of the Bastille in France in 1789, also celebrated on the 14th of July? Only time will tell …)

Want to learn more?

This series is byte-sized (see what we did there?) — but a lot more can be said and done. 

As mentioned, we recently talked with Geoff Huston from APNIC on our podcast (about, amongst many things, the hosts file) and we’ll continue bringing you DNS and networking-related content. Make sure you subscribe!

To learn more in-depth about DNS specifically, we offer a comprehensive DNS training program. You can enroll for different courses depending on your skill level:

  • If you’re new to DNS, we offer the DNS & BIND Fundamentals (DNSB-F) course. It’s part of the DNS & BIND Week (DNSB-W) and serves as a shorter introduction to the world of DNS and BIND.
  • If you’re already familiar with the basics, the full five-day DNS & BIND Week (DNSB-W) course takes you deeper into DNS, including a heavy emphasis on security, stopping just short of DNSSEC (for which we offer a separate course).
  • And if you're looking for even more, we offer the DNS & BIND Advanced (DNSB-A) program, getting into the deep end of things.

Check out our training calendar for 2019, and reach out to us with any questions.

Topics: DNS training, hosts file, glue records, IANA

DNS & DHCP spotlight: BIND 9.14 & Kea

Posted by Men & Mice on 7/4/19 11:33 AM

While we were at RIPE 78 in Reykjavik, we got to catch up with Matthijs Mekking, a software engineer at ISC tasked with working on BIND, DNSSEC and other projects. We made a podcast of our chat, but given just how important BIND is to everyday workflows, a blog post touching on some of the topics also seemed warranted.

BIND 9.14

BIND truly is one of the most fundamental pieces of software for anyone working with DNS. (It’s not for no reason that we call our training program DNS & BIND!)

Changing the BIND release scheme

Starting with BIND 9.13, ISC has changed the release schedule for BIND, where odd numbers represent development releases, and even numbers note the stable branch. Users welcomed the opportunity to test the development branch; and since many companies build on BIND's features, these versions offer a chance to strategize. It also allows ISC to gather valuable early feedback and enables them to better focus their resources or course correct where necessary. (Find out which version of BIND 9 suits you best)

What's new in BIND 9.14 

With BIND 9.14, ISC focused on making BIND a modern nameserver again. In addition to bug fixes, this includes responding to privacy and usability requests, including:

  • a lot of modernization and code refactoring
  • 12% performance increase 
  • QNAME minimization (and enabled by default in relaxed mode) for enhancing privacy
  • mirror zones (serving a transferred copy of a zone’s contents without acting as an authority for it)

What's coming in BIND 9.15

In BIND 9.15, ISC will continue to modernize BIND's codebase, in particular refactoring the networking code. This will allow them to streamline implementations such as DNS-over-TLS and DNS-over-HTTPS and make them easier to deploy.

Making DNSSEC in BIND more intuitive is also a priority. This includes making DNSSEC easy for signing purposes as well as providing support for offline and combined signing keys.

These roadmap plans should form a solid base for BIND 9.16, which is scheduled to be the next Extended Support Version (ESV) after BIND 9.11. 

Kea

As mature and robust as ISC DHCP is, it's also old. It was started in 1995, when networks were a lot smaller and network management a lot more straightforward, and perhaps not as integral to the success of business operations as it is today. ISC DHCP code was extended through the years, but that also made it harder to maintain.

Kea DHCP came alive as the natural successor to ISC DHCP, designed for modern mission-critical environments and destined to address these issues. It's a more scalable and better performing DHCP server, with a different architecture and a somewhat different feature set. (Such as new features coming with hooks and a rich API to configure users and subnets, radius integration, and support for several database backends.)

ISC recommends, particularly for new deployments, to use Kea instead of ISC DHCP. This is not only because Kea is better adapted to modern environments, but also because support for ISC DHCP will cease in the long term, most likely any time after 2020.

To learn more about Kea and how to migrate from ISC DHCP, take a look at this webinar from ISC:

Kea's modules vary from open source to paid (freemium and subscription) but the documentation for all modules is freely available for users to look at and evaluate. Beta versions are also freely available.

Where to from here?

As BIND and Kea shows, development in the network infrastructure (DNS, DHCP, IPAM) space is not only ongoing but vibrant. RIPE78 (as with all RIPE AGMs) provided a great opportunity for a glimpse at just how vibrant this sector is.

As a company wholly dedicated to DDI, we're following developments at ISC and other major developers continuously, and share what we learn along the way. For example, both our RIPE 78 blog coverage and our newly launched podcast focus on the details and implications of major changes that are happening or are expected to happen. Follow us here on our blog, on social, and subscribe to the podcast to stay in the know.

Topics: DNS, DHCP, BIND 9, ISC, Kea

Executing on future-ready networks in the wake of CLUS 2019

Posted by Men & Mice on 6/26/19 6:34 AM

Cisco Live 2019 may be behind us, but the people we've met and the things we've learned are anything but.

The best thing about attending events like Cisco Live is the intensity of it all. There’s literally a buzz in everything: from establishing new relationships to trying out new technologies to making unexpected discoveries while exploring this massive event.

The ThinkTank session with Men & Mice's Paul Terrill turned out to be well worth the time of the almost full house in attendance - we trust they got home ‘buzzed’ from learning about new best practices in hybrid and multicloud network environments.

For those who couldn't attend (and those who did, but would  like a reminder or to share the talk with colleagues) here's Paul's talk in full.

 

 

As discussed in detail by Paul, there are common pain points in adapting hybrid and multicloud network strategies, such as 

  • the potential loss of access control assignments,
  • lost time and staff resources during migration processes,
  • and compatibility hurdles between multiple services.

These are challenges today's network professionals encounter often. Professional environments require professional IT. Homegrown solutions are simply no longer acceptable.

To counter these challenges and sidestep the minefield of ad-hoc IT, yet retain control of their infrastructure, experts are increasingly turning to overlay solutions. (Such as the Men & Mice Suite.)

Software overlay solutions can maximize the value of infrastructure investments while positioning for future innovation. Hybrid network strategies can and should take advantage of service-native features in all IP infrastructure solutions, whether on-premise, cloud or multicloud.

If you have any questions about Paul's presentation, or would like to know more about how Men & Mice can solve your networking challenges, just reach out to us: we’re always ready and happy to talk about all things networking.

Topics: Cisco Live, Paul Terrill, CLUS 2019

Men & Mice at Cisco Live 2019: Wired for Change

Posted by Men & Mice on 6/12/19 10:17 AM

We live in a software-defined world. Whether we talk about multicloud or DNS privacy, bits and bytes are sorted, sent, and protected using software.

Today’s enterprise and large scale organizations are looking for software overlay solutions that can maximize the value of their infrastructure investments while positioning for future innovation. Many of them also rely on Cisco.

New best practices

In one of the best attended  sessions of the ThinkTank track, Men & Mice North American Director of Sales Paul Terrill explored new best practices at Cisco Live in San Diego.

Paul's talk focused on how to adapt hybrid network strategies to take advantage of service-native features in all IP infrastructure solutions, whether on-premise, cloud or multicloud. The common pain points in adapting hybrid and multicloud network strategies resonated well with the audience: the potential loss of access control assignments, lost time and staff resources during migration processes, and compatibility hurdles between multiple services are all challenges today's network professionals encounter often.

This being Cisco Live, Paul explored the advantage of Cisco IOS DHCP against other solutions, as well as where most hybrid and multicloud migration strategies go off the rails. He finished with discussing the API-shyness of IT decision makers (and why they should embrace them instead) and why homegrown solutions are no longer acceptable.

View the slides from our presentation!

Everything has changed

Yet nothing’s different. At the end of the day, software-defined or not, data is still sent and received by computers and still goes through wires, switches, and routers. On-premise solutions still matter.

But compared to today, networking used to be simple. With the Internet of Things and Edge, networks fuel and permeate everything in our world (and soon, out of this world). 

To accommodate such explosive growth, innovations like cloud computing have grown in prominence at an exponential adoption rate. And with cloud technology maturing to meet the strict regulations of enterprise-level businesses, the way we think about networking has shifted.

In our journey to simplify and secure increasingly complex networks, we also have to be aware of the need for compatibility between on-premise and cloud services, and how that impacts our future network architecture choices.

Future-ready IP infrastructure solutions

Men & Mice continues to be a leader in DNS, DHCP, and IP address management, as we've been for nearly three decades. We’ve worked with an industry-horizontal array of customers and gained deep insights into networking best practices as a result. We also recognize the widespread presence and critical importance of Cisco hardware in enterprise networks.

With products like Umbrella, Cisco is continuing to bring network infrastructure innovation to larger audiences. By utilizing the Men & Mice Suite with Umbrella, Cisco customers gain the advantage of being able to control internal DNS resolvers, numbering anywhere between dozens to hundreds, in one fell swoop. In addition, proper visibility quickly highlights servers not properly configured.

To learn more about the Men & Mice Suite, contact us or download your free trial below.

Men & Mice Suite Free Trial

Topics: Cisco Live, Cisco IOS, Paul Terrill

World IPv6 Day 2019 (plus a podcast!)

Posted by Men & Mice on 6/6/19 9:50 AM

June 6th, 2012 (or “6/6”) saw the World IPv6 Launch Day. Today we celebrate the 7th anniversary.

For those in need of a quick cheat sheet, here’s ours.

(Mind you, this is not ONLY a cheat sheet, but also doubles up as a lens cleaning cloth. Come by our booth at  Cisco Live in San Diego to pick one up.)

Beyond that quick reference, what’s all the fuss about this old-new networking technology? What has changed since it’s been around (from the 1990s)? What hasn’t? And where do (or should) we go from where we are now?

To IPv6 or not to IPv6?

That is the question. For what it’s worth we, and literally everybody we spoke to at RIPE 78, are for IPv6.

That said, there is legitimate criticism against it. More often than not, however, it tends to be rooted in shortcomings of implementation, misunderstandings in adoption strategies, or just general reluctance toward the work involved in the switch.

Large tech companies have adopted IPv6 whole-heartedly. ISPs, cloud providers, and data centers have been offering IPv6 for a while. Microsoft has been at work getting rid of IPv4 addresses in their offices for years. Google even keeps a public chart of IPv6 adoption amongst its users:

Screenshot 2019-06-06 at 10.28.10

Bottom line is: adoption is on the up, but it’s still spotty at best. And it is true: IPv6 isn’t perfect. But then again IPv4 isn’t, either. It will not get any better, though, if we don’t dedicate effort to perfecting it through practice.

Fun fact: IPv6 addresses are free. IPv4 addresses go for $20+ a piece and that price keeps rising.

It’s evident that, various inventions and initiatives notwithstanding, we’ll likely soon be out of IPv4 addresses. Never before have there been so many connected devices, from smartphones to cars, from smart thermostats to smart toasters. IPv6 is an inevitability.

What can we do?

Introducing ‘resolv.pod’: a DNS podcast

We can, and most definitely should, discuss and evaluate our options regarding anything and everything affecting the future of the networks we depend on. Attend conferences, read papers, draft strategies.

To that end, we’re happy to announce that we are launching a podcast aimed at sharing with you the mindshare we have access to.

resolv.podOf course, as is clear from the name of our podcast, the focus won’t be on IPv6 exclusively, but rather anything and everything related to DNS, DHCP, and IPAM. Facilitating discussions about IPv6, amongst other things, and giving listeners fuller context from experts in the field, are the DNAME of the game (OK, name - just couldn’t resist).

As luck would have it, we were fortunate enough to grab a conversation with Geoff Huston, Chief Scientist at APNIC (Asia Pacific Network Information Centre)  in the lovely Reykjavik sunshine at RIPE78.

So to celebrate World IPv6 Day, why don’t you sit back and listen to our very first episode featuring Geoff talking networking highs and lows with Men & Mice’s Carsten Strotmann? It’s sure to entertain - and inform - in equal measure. Happy  World IPv6 Day!

Find resolv.pod on your favorite podcast platform:

More interviews and discussions coming up in the next weeks! Let us know what you’d like to learn more about via the podcast email, our social media channels, or as a comment below.




Topics: IPv6, DNS, podcast, resolv.pod, IPv6 Day

Men & Mice @ Cisco Live 2019: New Best Practices for Future-ready Hybrid and Multicloud Networks

Posted by Men & Mice on 6/5/19 11:28 AM

 

Cisco Live San Diego: we’re coming! Find us at booth 2234 for all your DNS, DHCP, and IPAM needs, plus sweet swag from Iceland!

Copy of Copy of Booth #2432Whether you’re attending Cisco Live or not, chances are your enterprise or large organization is well into developing or implementing its cloud strategy. Further, you’re likely capitalizing on a number of cloud services across multiple platforms.

This year at Cisco Live, we’ll have Paul Terrill, our North American Director of Sales Operations, taking the Think Tank stage for a look into what best practices you can adopt today to get your environment ready for the hybrid and multicloud networks of tomorrow.

With more than a decade of experience delivering software solutions that meet the diverse IP infrastructure needs of some of the world’s largest multinational enterprises and government organizations, Paul is an expert in identifying, and solving, large scale network management challenges.

Here’s a sneak peek at Paul’s talk.

Adopting best practices for a future-ready network

Scheduled for Monday, June 10, 03:30 PM - 04:00 PM, PDT, at SDCC - World of Solutions, Think Tank 2,  Paul’s talk will focus on the challenges organizations face in a cloud-native world, the solutions that transform networks into a future-ready state, and the pitfalls to avoid along the way.

During the session, Paul will explore new best practices and the advantages to adapting hybrid network strategies to take advantage of service-native features in all IP infrastructure solutions, whether on-premise, cloud or multicloud. Specific attention will be given to some of the common pain points in adapting hybrid and multicloud network strategies, such as the potential loss of access control assignments, lost time and staff resources during migration processes and compatibility hurdles between multiple services (and how to overcome them).

Additionally, Paul will describe in detail the advantage of Cisco IOS DHCP against other solutions, as well as where most hybrid and multicloud migration strategies go off the rails. He’ll also be speaking about why IT decision makers need not fear APIs (in fact, why they should embrace them) and why homegrown solutions are no longer acceptable.

Made with your infrastructure in mind

We understand the importance of visibility, control, automation, and security — and also how challenging those can be in complex, hybrid IP infrastructures. Men & Mice provides API-driven DNS, DHCP, and IPAM software solutions to global enterprise, education, and government organizations.

Men & Mice also recognizes the widespread presence and critical importance of Cisco hardware in enterprise networks. With products like Umbrella, Cisco is continuing to bring network infrastructure innovation to larger audiences. By utilizing the Men & Mice Suite with Umbrella, Cisco customers gain the advantage of being able to control internal DNS resolvers, numbering anywhere between dozens to hundreds, in one fell swoop. In addition, proper visibility quickly highlights servers not properly configured.

Questions?

While in San Diego next week, come and listen to Paul’s talk, and/or visit us at booth 2234 throughout the event. You’re welcome to fire away with whatever questions come to mind - our experts will be on hand to help you solve your unique enterprise networking pain points.

Topics: DNS, Cisco Live, hybrid network, Cisco IOS, multicloud

The ABCs of DNS: a select glossary from the Men & Mice training archives - Part 2

Posted by Men & Mice on 5/31/19 7:46 AM

dns a-z 2-1Continuing our glossary of DNS tips & tricks, we’re covering the letters D, E, and F this time.

DNS ALERT

Our popular DNS & BIND Week, DNS Fundamentals and DNS Advanced courses are all registered to run June 20th to June 24th, in Reston, Virginia, USA. Still want to join in? All info on our training page

D is for “dig”

Dig is the Swiss army knife of network tools. It's got so much functionality, it’d be next to impossible to cover it all, but here’s a taste:

  • find your IP address using: dig @ns3.google.com +short o-o.myaddr.l.google.com txt
  • relatedly, you can make an alias in your .bashrc file: alias myip='dig o-o.myaddr.l.google.com -t txt +short @ns3.google.com'
  • you can use dig +trace <domain-name> to follow all delegation from the root down.

And if dig isn't available, you can use one with a web interface (sometimes called a DNS Looking Glass), such as https://dns.bortzmeyer.org/[URL]/[TYPE] (for example https://dns.bortzmeyer.org/menandmice.com/AAAA).

Remember, friends don’t let friends use nslookup.

E is for “error-free config files”

To err is to be human. Sometimes a typo sneaks into your configuration files. (Unless you’re using Men & Mice, in which case validation is automatic.)

A quick way to make sure everything’s in order is to run named-checkconf -z to test all zones inside the named.conf file. (Note that the command checks the validity of the master zones, and not the configuration file itself. To check the file itself use named-checkconf <path to named.conf>.)

F is for “FQDN”

FQDN stands for ‘Fully Qualified Domain Name’ and you need it for a number of things. It’s the human-readable address that the DNS resolver translates into its corresponding IP address.

The FQDN is made up of three or more parts (called labels):

  • root (the trailing dot at the end)
  • TLD (such as .com, .net, etc.)
  • domain (such as menandmice)
  • host (such as www, info, etc.)

Each label is a string between 1 and 63 characters (letters, numbers, and dashes), and the total length of the FQDN is capped at 255 characters.

To find the FQDN of your machine:

  • on Windows: Start > Programs > Administrative Tools > Active Directory Domains and Trusts (or echo %COMPUTERNAME%.%USERDNSDOMAIN% in the command line)
  • on Linux & MacOS: hostname -f (on Linux you can also use hostname --fqdn)

Want to learn more?

This series is bite-sized (almost fitting a DNS query) — but it’s just the tip of the iceberg. A lot more is said (and done) in our DNS training program:

  • If you’re new to DNS, we offer the DNS & BIND Fundamentals (DNSB-F) course. It’s part of the DNS & BIND Week (DNSB-W) and serves as a shorter introduction to the world of DNS and BIND.
  • If you’re already familiar with the basics, the full five-day DNS & BIND Week (DNSB-W) course takes you deeper into DNS, including a heavy emphasis on security, stopping just short of DNSSEC (for which we offer a separate course).
  • And if you're looking for even more, we offer the DNS & BIND Advanced (DNSB-A) program, getting into the deep end of things.

Check out our training calendar for 2019, and reach out to us with any questions.

Topics: DNS, networking best practices, dig

The RIPE-javik logs: Day 5

Posted by Carsten Strotmann on 5/26/19 11:06 AM

ripe day 5carsten@menandmice:~$ cat ~/ripe/ripejavik-day5.txt | blog-publish

As RIPE 78 came to a close, it was time to reflect and to forge plans for the future.

The last day of RIPE 78

In the final plenary session of RIPE 78, Theódór Gíslason from Icelandic security company Syndis, talked about current threats on the Internet and that many users underestimate the security issues. He underpinned this statement with some examples of how attackers can find detailed information on the victim through public information like commits on Github or Facebook, and that data breaches are getting more and bigger.

One could say that most of the information in the presentation wasn't new to the RIPE audience, and Theódór Gíslason was somewhat surprised when he asked the audience who is using Facebook and only a few hands went up. The RIPE audience is a special case.

Later on, it was Roland van Rijswijk-Deij’s turn again to take the stage. Today he was reporting on historical data on RPKI, the Resource Public Key Infrastructure securing the Internet’s routing system. The RIPE NCC has archived historical RPKI repositories and Roland used the "Routinator" tool to analyze how RPKI usage has changed over time. For example, he found that the average prefix size in RPKI is decreasing over time for both IPv4 and IPv6.

Richard Nelson from the Faucet Foundation presented on the open source OpenFlow controller with the name "Faucet". Faucet is targeted at enterprises that want to move router and switch management away from closed network equipment vendors into OpenFlow Hardware/Software. Richard reported on their real world implementation of the Faucet system at the Super-Computer Conference 2018 in Dallas, TX.

Before RIPE Chair Hans Petter Holen officially closed RIPE 78, there was a challenging online quiz titled  "Are you up to the Level of RIPE 78?" which was organized by Fernando Garcia. RIPE meetings are often exhausting, quite challenging, but also lots of fun!

A final note

RIPE 78 was the second largest RIPE meeting ever, and for me personally it was one of the best RIPE meetings I've attended. It had great presentations, a good location (Hotel Nordica) and food and very nice weather in Reykjavik. I have been told this has been one of the warmest weeks in May for years. Must’ve been the hot topics at RIPE 78.

And then there was the "Group of Secrets" (aka Secret Working Group), but the report from that group is a secret and I'm not allowed to tell you anything about it. If you want to know what is going on in that Working Group, you will have to come in person to RIPE 79 in October in Rotterdam, NL. See you there!

A note from the editors: RIPE-javik may be over, but not done

Thus concludes our RIPE 78 coverage, but not our investigation of issues raised or following up on conversation started.

In the coming weeks and months, we’ll be returning to these topics frequently. We’ll deep-dive into issues on the blog, and we’re also preparing a podcast series, starting with interviews (conducted by Carsten) with prominent speakers and attendees at RIPE.

We’ve learned a ton this past week. But we’re also interested to hear your feedback: what did you find the most interesting? What new development are you the most excited for? We’re listening!

Topics: DNS, Open Source, Security, network security

Why follow Men & Mice?

The Men & Mice blog publishes educational, informational, as well as product-related material for everyone and anyone interested in IP Address Management, DNS, DHCP, IPv6, DNSSEC and more.

Subscribe to Email Updates

Recent Posts

Posts by Topic

see all