The Men & Mice Blog

Greg Fazekas

Recent Posts

How to explain Network Management to relatives and friends over the holiday (GIFs)

Posted by Greg Fazekas on 4/18/19 8:15 AM

 

Life isn’t always easy for network managers and architects. The C-suite is constantly demanding more efficiency and smoother operations, at low cost. Your colleagues are asking for more user-friendly policies and services. And you have to keep up with an ever-changing landscape of technology (infrastructure sprawl) and its ripples into your domain. (Pun absolutely intended.) Uptime and security are everything. Then, you constantly have to explain to people what you actually do for a living.

Over the holiday weekend, there’s a good chance, in addition to being asked to fix someone’s computer, phone or tablet, you’ll be asked “what is it you do again?”

How do you illustrate what you do? Maybe it’d be a lot easier to explain being a fireman, astronaut, or brain surgeon? We've pulled together some helpful GIFs to make this conversation more efficient. 

 

 

via GIPHY

Enter Ralph Breaks the Internet. (holiday movie idea!)

If ever there was an indicator that networking has permeated our everyday lives it’s an animated family movie centered around it. Some concepts are so fundamental to modern life that we aren’t even consciously thinking about them anymore.

ICYMI: Released in the fall of 2018, Ralph Breaks the Internet provided the subtext and pop culture references we all needed, while depicting basically your everyday.

 

 

via GIPHY

From the moment Ralph and Vanellope slide down the wire, to the hilarious popup advertisers and the wonderfully subtle depiction of DNS —  most every aspect of your job comes to life in a tangible, easy-to-explain-to-relatives way, every aspect of the complexities of networking in a network-driven world.

 

via GIPHY

DNS isn’t specifically named in the movie, but there are plenty of references. Knowsmore, although depicted as a search engine, certainly has his business rooted (see what we did there?) in being a DNS server of sorts. For instance, when Vanellope and Ralph decide to go to Ebay, they were automatically routed to their destination.

Ralph Also Teaches us DDoS

But if you had to showcase just one thing about your work, it could be how you have to prevent DDoS attacks against your company’s network — essentially how you have to be the hero against a million or billion Ralphs.

Explaining DNS to anyone, particularly to people not in networking (and let’s face it, even some people IN networking don’t really get DNS), is easier when you can point to the colorful transport GIFs from an animated movie. Grasping the concept of a botnet or a crippling DDoS attack is more memorable when it’s an ever-replicating bunch of clones of a funny character like Ralph. And you do get malware by clicking unscrupulous links.

tumblr_pgyjbw4Wy01s40634o6_540

via 'Disney' on Blogberth

DDoS is essentially the towering Ralphzilla of mindless objects with a single goal. Exploiting vulnerabilities in web servers, they overwhelm the system with a repeated, single query. Not only is this meant to disrupt user experience, more sinister objectives may be in play, such as bringing down firewalls.

We’ve talked a lot on this blog about DNS education. Education for both professionals — training, if you will — and for everyone, in order to understand new technologies and challenges affecting our businesses. Knowing why and how insecure networks are a liability and how important it is to defend against malicious attacks that can wreck the internet is useful for everyone.

The movie exaggerates concepts to either serve the plot or get a laugh. But the foundation for showcasing how networks and the internet work (or occasionally don’t work) is solid.

tumblr_p9ta2xlRol1tfb0neo2_540

via 'Disney' on Blogberth

Come this holiday (provided you don’t have to work because of some real-world Ralph threatening your company’s network) sit down at the family dinner, armed with GIFs and your favorite streaming service, to explain what you do and why.

And since it is a holiday weekend, here's a blog about all of the Ralph Breaks the Internet Easter Eggs. 

Image credits:Not a Real Company Productions and Disney via Giphy and Blogberth

Topics: DDoS, Disney

Doing DNS better: DNS (and BIND) Training with Men & Mice

Posted by Greg Fazekas on 3/27/19 11:49 AM

DNS is the core mechanism of the internet. And, as all technology does, it keeps evolving and changing, even if its primary function hasn’t changed all that much. DNS makes networks work, but in turn we have to make DNS work.

Because it’s so critically important to networks, DNS is also a prime target for attack. With the Internet-of-Things bringing online hundreds of thousands of devices every hour (!) of every day, the attack vectors for malicious elements are multiplying exponentially. And beyond DDoS striking fear in every network manager’s heart, the most constant threat to any network still remains the most basic one: easy-to-miss configuration errors.

Safeguards from smart vendors (like our own xDNS Redundancy™) help protect against DNS errors and DNS attacks such as DDoS. Training your staff protects against human error. Learning how to configure, manage, and defend DNS effectively yields both obvious and unexpected benefits to any business’s network. If you want to keep your critical business infrastructure running smoothly,  your network staff needs to be able to grasp DNS from every angle.

That’s where we come in.

Learn DNS with Men & Mice

DNS_DNSSEC_BINDtraining

 

Men & Mice has been offering DNS training for 20 years, since 1999. Our training program has educated students throughout the birth and boom of the internet. We’ve played a critical role in strategy and management of network growth all along.

Having a comprehensive training program that allows entry for any knowledge level is instrumental, as we know students seek out our courses with various objectives in mind. Courses are designed to provide both a renewed examination of existing knowledge, with new best practices, to expert students as well as  fundamental, practical information for beginners.

New call-to-action

A new and improved courses - for everyone39

How we teach DNS is constantly evolving, in sync with innovations in DNS technology. For example, our courses have been augmented with new security and monitoring materials, new sections on RPZ, RRL, DNS Cookies and dnstap. All these sections include laboratory exercises for hands-on experience.  Other brand new material covers minimal ANY, DNS looking glasses, and packet capture (passive replication). We have added additional quizzes and several new labs, such as challenging debugging labs.

So which course is a perfect fit for you?

If you’re new to DNS, we recommend the DNS & BIND Fundamentals (DNSB-F) program. It’s part of the DNS & BIND Week (DNSB-W) and serves as a shorter introduction to the world of DNS and BIND.

If you’re already familiar with the basics, the full five-day DNS & BIND Week (DNSB-W) course takes you deeper into DNS, including  a heavy emphasis on security, stopping just short of DNSSEC (for which we offer a separate course).

For those looking for even more, we offer the DNS & BIND Advanced (DNSB-A) program. The DNSB-A gets into the full depths of DNS and BIND with topics such as

  • new ISC binary releases for Linux distributions that were added last summer,

  • the change to dnssec-keygen beginning in BIND 9.13,

  • catalog zones,

  • packet capture (passive replication),

  • and more.

And for those of you curious about whether the BIND training addresses the most recent versions of BIND:  Both DNS & BIND Fundamentals (DNSB-F) and DNS & BIND Week (DNSB-W), as well as the DNS & BIND Advanced (DNSB-A) course have not only been updated to 9.11, but also addresses changes in 9.12 and 9.13.

DNS training for the real world

Our instructors and program coordinators value comprehensive, practical teaching methods. As such, our course materials are decidedly not "animated user manuals" - they cover DNS contextually, with real-world examples and hands-on labs. As one of our recent students put it:

“I was very impressed with everything about Men and Mice. The communication, the facilities, the instructor, the material. Everything about my class was really awesome, knowledgeable, and engaging. They never let us just sit there, always brought us into the lesson, and also gave great examples to help us understand concepts. I would take any class they taught.” (Michelle Boyd, Systems Engineer, Southwest Airlines)

Upcoming course dates include courses offered near Denver, Colorado in April, as well as Gdansk, Poland and Reston, Virgina, in June. We're also adding courses for Fall 2019 across North America (US, Canada), Ireland, The Netherlands and Switzerland. Stay tuned for more details.  To learn more about the Men & Mice Training Program and see what’s available in your neck of the woods, visit https://menandmice.com/training.


 

Topics: BIND, DNS training, ip infrastructure

2019’s word of the year: multicloud (connectivity)

Posted by Greg Fazekas on 2/22/19 9:57 AM

It’s a multicloud world. (We’re just managing it.)

Whether you want to spell it multi cloud (with a space), multi-cloud (with a dash), or just ditch all of that and go full-on conjoined “multicloud”, the fact remains that multicloud utilization is on every business leader’s lips.

Whereas before enterprises viewed migration to the cloud as a distant possibility, the focus has now shifted entirely. Increasingly data intensive applications and services require that they speed up their digital transformation, and to stay competitive, explore the benefits of migrating their data, services and applications not only into one cloud, but many clouds.

Competing cloud infrastructure offerings, such as AWS and Azure, provide enterprises with undeniable benefits. Network availability, for instance, can more readily be optimized as workloads can be switched between vendors in the event of a localized failure. At the same time, utilizing one, or many clouds, also presents new challenges to network management.

How do you maintain multiple networks on multiple cloud platforms, each with their own means and methods of running their cloud environment?

In comes multicloud connectivity.

Multicloud connectivity is the software-defined, invisible layer of abstraction that takes care of communication between different (and often incompatible) vendors, platforms, and implementations (on-prem, hybrid, private, or public).

As digital transformation journeys are becoming more and more streamlined and less and less experimental, it helps network managers to consider the emerging best practices around multicloud connectivity.

Multicloud ways and woes: playing nice with each other

Organizations can and should take charge of picking services aligned with their cost-benefit vectors. From SaaS applications like Salesforce, Office 365, or Google Drive, to raw computing and storage infrastructure resources, most everything is delivered from the cloud. But that also means more moving parts, which can lead to possible service degradation.

Best practice: Cloud vendors aren’t motivated to play nice with each other, so it falls to organizations to plan for and implement multicloud connectivity in their cloud adoption strategy.

Multicloud ways and woes: security

In the charge to the cloud, there has been a huge focus on security for storage and computing resources. However, there hasn’t been a similar awareness of network vulnerabilities - and with multicloud re-defining networking it’s especially timely to pay attention to security now.  

Best practice: Beyond smart planning of networking strategies, multicloud connectivity helps to address the challenges posed by threats to network availability.

Multicloud ways and woes: disaster recovery

When disaster strikes,, cloud services are well-positioned to keep a business up and running regardless. DDoS attacks or simple human error disrupting everyday operations don’t need to  cause a total shutdown of an organization’s network. Building contingencies seem simpler in the multicloud, but disaster recovery can also put an increased strain on the network, particularly if network managers have to struggle with vastly differing operational requirements in different cloud environments.

Best practice: With such a critical role to play, networks need to rely on strong,  functional connectivity between multiple cloud environments to strengthen them.

Multicloud connectivity and the Men & Mice Suite

Multicloud makes connectivity not only crucial but defining. As a company focused on networking solutions, Men & Mice is excited about this unique emphasis on networking itself.

The Men & Mice Suite is a hybrid and multicloud DNS, DHCP, and IP Address Management solution. It’s been built to provide the multicloud connectivity by being widely compatible, secure, and reliable.

It’s software-defined. The connectivity layer provided by the Men & Mice Suite depends on no set architecture or infrastructure and requires no single-point-of-failure hardware.

It’s compatible. API-driven and backend-agnostic, the Men & Mice Suite simplifies programmatic control and automation across multiple cloud vendors.

It’s secure. The Men & Mice Suite extends the enterprise-grade security over the connectivity layer, allowing for audit trails, role-based access controls, and migrating existing security policies to the cloud.

It’s fault-tolerant. Customers can rest easier as the fall-out from human error, DDoS attacks and cloud service outages can easily be mitigated by the Men & Mice xDNS Redundancy™ feature.

Hybrid multicloud IP management

With the upcoming release of version 9.2, the Men & Mice Suite improves on its already best-in-class solution. From deep AWS and Azure integration to the flexible web application, developing the Men & Mice xDNS Redundancy™ for added security and reliability, we’ve made multicloud DNS, DHCP, and IP Address Management even better and ready to deliver on the need for connectivity.

Men & Mice Suite Free Trial

 

Topics: DNS redundancy, multi-cloud, multicloud

Multicloud networking: Azure and the Men & Mice Suite

Posted by Greg Fazekas on 2/15/19 10:19 AM

We’ve previously outlined the Men & Mice Suite’s deep integration with on-prem Windows and cloud-based Azure and Azure DNS, which helps extend the value of Microsoft services investments while gaining comprehensive visibility, management and scalability from the Men & Mice Suite. This is particularly helpful for network environments comprised of either several Microsoft services, including Azure, or hybrid environments where several otherwise non-compatible services need to be utilized.

If you’re already dependent on Windows servers on-prem and other Microsoft products to run your infrastructure, moving workloads to Azure makes a lot of sense. As is, many large-scale organizations, from Fortune 100-500-1000 companies, to education and research institutions or governmental municipalities, are already deeply reliant on Microsoft software, as are a good number of Men & Mice customers, many of whom have begun moving workloads into Azure over the last few years.

Why Men & Mice?

Men & Mice has a long history of technical compatibility with Microsoft products - including being the first vendor to offer Azure DNS third party support. This, combined with our presence in the Azure Marketplace, as well as our burgeoning business relationship through Microsoft’s Co-Sell program, means accessing the benefits of both Azure and Men & Mice has never been simpler.

Some of the main benefits of using the Men & Mice Suite with Azure include:

  • Bulk migration and import to Azure DNS

  • Sync between Azure DNS and other DNS platforms

  • Workflow extensions to automatically tag zones during migration

  • Unified audit trails and tracking changes

  • Granular, role-based access and delegation, including Active Directory support

  • AD Single-Sign-On with automation

  • Visibility across all VNETs, address blocks, subnets and IP addresses

  • Use of APIs to manage data.


Looking for the easiest way to evaluate Men & Mice Suite and Azure? Try the Men & Mice Suite directly from the Azure Marketplace.

As a Co-Sell partner and a recent winner of the Microsoft Partner Award for Infrastructure Innovation, we’ve further expanded our reach with Microsoft beyond technical capabilities to create new simplified, ease-of-access processes for customers of Azure and Men & Mice Suite. Microsoft-Awards-1

A few scenarios where the combination of the Men & Mice Suite and Azure really shines:

  • Mergers and acquisitions are made easier by staying in the same ecosystem (Windows Servers + Azure). Likewise, unifying a multitude of on-prem and cloud network services and environments through Men & Mice Suite, eases network transitions and provides near-immediate visibility.

  • Utilizing the Men & Mice Suite with Azure allows the dynamic scaling or migration from on-prem Microsoft DNS or BIND to Azure DNS.

  • Physical expansions are also made easier through using the Men & Mice Suite to clone already working environments, while taking advantage of Azure’s global availability to reduce local latency and support turnaround.

  • Project fragmentation causing network overlaps and conflicts can be quickly resolved through Men & Mice Suite on top of Azure, providing transparency for all IP addresses, VNETS, and subnets.

  • Network diversification. Network supply chain diversity is critical to add redundancy and  prevent against DDoS and other malicious attacks. Using the Men & Mice Suite’s xDNS Redundancy™ feature makes this easier, while the infrastructure is backed by Microsoft’s robust SLAs.

Utilizing the Men & Mice Suite with Azure

The Men & Mice Suite’s superior Windows compatibility, Active Directory integration, as well as native support for IP Address Management in Azure and Azure DNS have both attracted Men & Mice customers to Azure as well as, increasingly, Azure customers to Men & Mice Suite.

With the Men & Mice Suite you can see VNETs, address blocks, subnets and IP addresses across all of your organization’s Azure infrastructure, and sync between Azure DNS and other DNS platforms using Men & Mice’s xDNS Redundancy™ feature. Or, migrate entire zones to Azure DNS from other services and fully manage them using granular access control tied into Active Directory.

azure_dns-1600x1007

The resilience, scaling, and security of Azure combined with the hybrid and multicloud management and visibility offered through Men & Mice Suite helps to resolve obstacles in the form of runaway migration costs, lack of compatibility between the multitude of on-prem and cloud services and loss of control in managing the DNS in conjunction with the IP data.

 

 

Multicloud networking: Integrating your AWS accounts

Posted by Greg Fazekas on 2/1/19 8:38 AM

Amazon Web Services (AWS) is probably one of the most well-known and utilized cloud (and soon to be on-prem) solutions providers. In addition to its technical robustness and market reach, enterprise businesses can rely on its proven reliability, metered billing and multitude of partner solutions.

When it comes to multicloud network environments, two questions occupy the minds of decisions makers:

  • When do you utilize cloud?

  • How do you maintain network health and integrity while utilizing cloud resources?

In this post, we present a few possible scenarios where synchronizing AWS resources with your on-prem corporate network is beneficial, as well as what to look for when evaluating the implementation.

When do you need AWS integration?

AWS, and cloud services in general are an attractive option to modernize and extend corporate networks and IT, providing resource availability at scale. Here are a few scenarios where Men & Mice customers are using AWS. 

  • Mergers and acquisitions create fast and immediate demand for resource scaling or consolidation. Both for incorporating newly acquired networks and migrating them

  • Project fragmentation, which benefits from a dynamically available pool of resources, as well as self-service, keeps management overhead low and minimizes bottlenecks. 

  • Physical expansions, whether new local offices and data centers or diverse geographies, enterprises take advantage of locally available resources or factor network architecture to reduce latency and increase performance.

  • Network diversification to prevent against DDoS and other malicious attacks.

Dynamic cloud in the slower moving enterprise

Enterprise businesses have developed networking practices to mitigate downtime and more frequently than ever, prevent against attacks. Starting from small-scale on-prem installations to utilizing large-scale private data centers, then cloud, diversifying the network supply chain is as mandatory as maintaining different logistics providers or materials suppliers.

More often than not, regulatory oversight also dictates much of what can and cannot be done. That presents an obstacle enterprise businesses have to consider or work around, particularly with regard to onboarding and utilizing cloud.

How to utilize AWS?

AWS and Amazon Route53 for DNS address the growing need for networking resources management in the cloud. But even Amazon recognizes the importance of visibility across an entire network setup,  introducing last fall the Route 53 Resolver for Hybrid Clouds, for bi-directional querying between on-prem and AWS.

This is exceptional news for AWS customers, particularly customers of Men & Mice Suite using AWS. Any cloud/multicloud configuration has to work natively, dynamically, and securely if its benefits are to be fully realized, a guiding principle of the development of the Men & Mice Suite. 

Natively

Cloud resources offer the most benefits when utilized to their full native extent, and synchronize with on-prem at the same time. Like spreadsheets were to IP Address Management, managing cloud services separately is both inefficient and enables a host of trouble down the line.

Proper multicloud networking needs a single management interface, an overlay,  that natively connects to the cloud and the cloud services’ features while providing complete visibility across the network, down to the management of zones and unification of audit trails.

Dynamically

If provisioning cloud resources is on par with the procurement of new hardware for the on-premise infrastructure, what’s the point? Scaling up or down using the cloud is an attractive concept, but unless it’s also easy to implement, adapt  and migrate when needs change, much of the benefit is lost.

Dynamic resources require, beyond native integration, a programmable and automated interface, capitalizing on APIs to simplify processes and retain security configurations.

Securely

It's critical to network security to have the ability to enforce the same property structure and protocols for network entities, regardless of whether across multiple cloud platforms, accounts or on-prem, to ensure adherence to corporate standards for network and IP provisioning. Likewise, retention of access controls, and complete visibility in network audit trails is equally important. 

Your IP infrastructure management software has to be able to handle management, synchronization and reporting, cohesively, authoritatively and securely.  

Utilizing Men & Mice with AWS

multicloud-cover

Overlay solutions, such as the multicloud-enabled Men & Mice Suite, alleviate these management, visibility and portability concerns.

The Men & Mice Suite comes with

  • native integration with IPAM and DNS residing in AWS and Amazon Route 53

  • replication and synchronization of multiple DNS zones through xDNS Redundancy™

  • an easy-to-use, web-based graphical interface for management of the entire multicloud network and a single compatible API layer for automation,

  • enterprise-grade security feature set and granular, role-based access controls.

  • Multi-account management of AWS accounts or an AWS account with multiple child accounts (note: upgrade to Men & Mice Suite 9.2 required for this feature).

The Men & Mice Suite keeps the chief advantages of multicloud networking (heterogenization of resources) while maintaining a homogenized management overview.

More clouds

What happens when your network is fairly homogenous — like, say, relying mostly on Cisco, Linux or Microsoft servers on-prem? When looking into cloud solutions, what are your deciding factors? Does multicloud help minimize latency across specific global operations? Can you increase diversity in your network infrastructure supply chain and mitigate security risks simultaneously? 

The short answer is yes. We'll dive more into these topics in the next few posts. 

Topics: hybrid cloud, hybrid network, aws, Amazon Route 53, multi-cloud, ip infrastructure, multicloud, hybrid dns, hybrid ipam

It's a multicloud world, we're just managing it.

Posted by Greg Fazekas on 1/22/19 10:13 AM

 

After initial resistance, the IP, and more broadly network, infrastructure market has begun its love affair with multicloud in earnest. During the Gartner IOCS events last fall in Las Vegas and London multiple analysts expressed how the maturing of network management includes not only cloud, but the use of  multiple cloud vendors within a network architecture.

But in business circles multicloud can still present a number of questions, such as:

  • What is a multicloud network?

  • Why choose (or learn about) multicloud?

  • What are the advantages (and disadvantages) of multicloud networks?

In this series we'll answer those questions, and more - from business use cases to vendor-specific (AWS, Azure, VMware) implementations.

What is a multicloud network?

Simply put, 'multicloud' is the use of multiple cloud environments within one network.

A multicloud network can be

  • comprised solely of multiple cloud vendors,

  • or a hybrid network utilizing both on-prem infrastructure and more than one cloud service.

Hybrid multicloud IP management

For network managers, the multicloud’s advantage is diversity of supply chain and distribution of resources. In addition, multiclouds offer automation for streamlining task loads and eliminating misconfiguration (human error) as well as adding redundancy to protect against attacks, all while ensuring a backend-agnostic implementation of cloud network technology.

Why multicloud?

By utilizing various vendors, IP infrastructure managers can take advantage of the strengths of each cloud service. This affords companies more

  • flexibility & portability,

  • agility,

  • security & reliability.

Both cloud-native and external support IPAM and DNS services benefit from a multicloud management approach.

Flexibility & Portability

Cloud networks can do many things, but there's no vendor that does everything for everyone. For example, some may offer robust facilities for IP addresses but lack the requirements for a proper DNS solution. Another vendor’s great infrastructure for running DNS may lack the necessary pool for allocating IPs.

Due to this, and the desire to capitalize on best-in-class solutions for complex network needs, cloud adoption often naturally turns to multicloud. With overlay solutions that integrate with compatible APIs configurations can be freely migrated, replicated, and scaled - therefore creating agility.

Agility

Companies who take advantage of multicloud with the visibility of overlays have better tools to achieve better resource utilization across the board, and easier migration and scaling processes to meet business demands, rather than limit them.

Furthermore, multicloud networking offers better redundancy - a key for security and reliability.

Security & Reliability

When it comes to failover, redundancy is key. Dangers from both inside (such as human error) and outside (malicious DDoS attacks or simply hardware failure) can render networks unusable unless they can offload workloads seamlessly.

In the unlikely event of all things going wrong, any one cloud service’s all-encompassing SLA may still have blind spots for your network setup, particularly since you may be using those various services to cover a multitude of different needs. But a multicloud environment, and more so a hybrid environment (in this case we mean a mix of on-prem and cloud/multicloud), can offer reliability by enabling the distribution of resources (i.e. eliminating single point of failure in the network supply chain).

The Men & Mice Suite is built for hybrid and multicloud networking

multicloud-cover

To take advantage of multicloud networks, businesses need solutions that are widely compatible and capitalize on cloud-native functionality. Without the former the range of options is limited (defeating the purpose of multicloud) and without the latter much of the ROI of the process is lost (due to limited efficiency).

Men & Mice develops network management solutions at the DNS, DHCP, and IPAM level.

Like a multicloud, the Men & Mice Suite has been designed to be widely compatible  and backend-agnostic, beginning with on-prem compatibility with Windows, Cisco and Linux/Unix then into the cloud with AWS and Azure as well as several cloud DNS services like Akamai FastDNS, DYN, NS1, Amazon Route 53 and Azure DNS. Instead of relying on a specific vendor or technology (or even a select few of them) we've focused on facilitating the communication between them while also offering a powerful management solution within the Men & Mice Suite.

The Men & Mice Suite is API-driven, software-based solution that integrates cloud-native resources and functionality. We know that creating a network focused on strengthening business progress means creating a complex network. Our focus is on simplifying these complexities in the network management process-- helping the network help the business.

Stay tuned

After this overview, in the coming weeks we'll be examining the particulars of multicloud environments and networking.

Whether you’re looking for platform-specific information, business use cases, or technological discussions, you’ll find it in this series. Subscribe to our blog updates to make sure you don’t miss anything, and let us know if at any point you’d like to know more about a particular subject.

You can also find us on social:  

linkedin-1twitterfacebookyoutube

Topics: IP address management, multi-cloud, ip infrastructure, network management

New Year Resolution: 20th Anniversary of Men & Mice DNS & BIND Training

Posted by Greg Fazekas on 1/10/19 12:12 PM

 

New Year, Newly Trained You!

Many people love to use the new year as an opportunity to set goals for self-improvement. Whether it’s improving health or taking a chance on yourself to go for those big career goals you’ve been putting off.

If you’ve been looking for the perfect opportunity to either learn DNS & BIND or refresh your knowledge, we have the perfect series of courses to bring you up to speed.

For 20 years Men & Mice Training has helped professionals in Network Management, including executives, System Administrators, Network Architects and Network Managers learn principles, best practices and strategies for DNS and BIND.

Why learn DNS?

Nothing in the Digital Era happens without DNS. Business functions and services are increasingly, exclusively online, as are nearly all areas of our lives. DNS makes networks work. If you want to know how to keep things running smoothly online, then it helps to fully understand DNS.

Suffice to say, DNS is important.

Why learn from Men & Mice?

It'd be easy to point to our track record (since 1990!) of developing DNS, DHCP, and IPAM software solutions to highlight why we feel (and our students feel) that our DNS & BIND courses are exceptional. Since 1999, we’ve offered independent public and onsite private training to professionals and organizations such as:

  • Top Level Domain (TLD) operators,

  • DNS registrars,

  • Governments,

  • Universities,

  • Enterprise and SMB businesses

Our instructors and program coordinators value comprehensive, practical teaching methods. As such, our course materials are decidedly not "animated user manuals" - they cover DNS contextually, with real world examples and hands-on labs.

Our 2019 resolution was to augment our course materials to include new sections on DNS Cookies, Response Policy Zones (RPZ), Response Rate Limiting (RRL), and DNSTAP as well as other refinements including the introduction of new debugging labs. This resolution aligns with our ongoing commitment to ensure our courses are relevant to real wold scenarios and stay up-to-date.

In short, you'll learn what DNS is, what it means today, and why having this knowledge is valuable to your own career growth and to your company’s network.

Training designed for context

Men & Mice offers two main training paths: DNS & BIND Week (DNSB-W) and DNS & BIND Advanced (DNSB-A).

The former covers the fundamentals, with practical training and tactical application.

For those peripherally working with DNS, or looking to learn the basics, the first three days of DNS & BIND Week is available as DNS & BIND Fundamentals (DNSB-F).

The latter DNSB-A, and the security focused DNSSEC & BIND that we will offer again this year, teaches the ins and outs of DNS mastery, and the subsequent use cases and resulting business values.

Even experienced network professionals get value out DNS & BIND Week, like this student who took our course in 2019:

"I've been using the internet since the days of gopher in 1995.  And running networked linux systems since 1997. But this course refreshed my understanding of the fundamentals of the internet more than anything else I've done in the last 21 years."

When, where, and how

Men & Mice offers training courses and certifications in_ (1)

To learn about the Men & Mice Training Program, take a look below and visit https://menandmice.com/training.

 

MARCH 4 - 8, 2019

AMSTERDAM, NETHERLANDS

 

APRIL 22 – 26, 2019

CENTENNIAL, CO, USA (NEAR DENVER)

 

JUNE 3 –7, 2019

GDANSK, POLAND

 

JUNE 24 - 28, 2019

RESTON, VA, USA (NEAR WASHINGTON DC)

New call-to-action

 

Topics: BIND, DNS training, Response Rate Limiting (RRL), Response Policy Zones (RPZ), DNSTAP, DNS Cookies, hybrid dns, network management, day-to-day IT

Men & Mice Sensible IPAM Part 5: Security of IP Infrastructure

Posted by Greg Fazekas on 12/28/18 11:18 AM

In the final instalment of our 5-part series on IPAM (and really, more broadly, DNS, DHCP and IPAM), we’re taking a look at sensibly managing security in a scattered network environment. From large-scale DDoS attacks to mitigating human error, security measures come in all shapes and sizes — often overwhelmingly so. Here’s what you can do to stay ahead.

(TL;DR version: you need a DDI overlay to increase security on your network... and we happen to offer a great one).

This Playbook series consists of five parts:

Each part presents real-world problems for which Men & Mice has provided solutions.

Opposites attract… security problems?

Imagine that you are:

  • The CTO of a Managed Service Provider, whose own network is the first line of defense to protect customers. Your services are sensitive, as gaining access to or bringing down your network would compromise those utilizing your MSP solution. 

  • The Lead Network Administrator of a mid-sized enterprise company recently expanding with new employees (and devices), through M&A activities, arriving daily. Onboarding new people is your technological challenge, balancing their need for autonomy and network resources with your requirement to maintain security protocols.

While opposite in scale, these problems can wreak the same amount of havoc in both cases, and network security is of paramount importance, more than ever.

What You Need

Much of network security is inherently present in the technology used. Orchestration and synchronization between different software providers, interfaces and hardware, however, needs to be done well.

Good security practices have to be sensible to be ubiquitous across the network, instead of obstructive. They have to be simple at their core and robust in their execution to prevent and solve problems. Let’s face it, your network is complicated enough.

How not to approach IP infrastructure management (1)

Some of the more overlooked security vulnerabilities in network management today include:

  • Visibility challenges, or lack of central, unified overviews resulting from incompatible or simply different services (i.e. the variety of interfaces and functionality of each individual service that comprises the entirety of a network)

  • Misconfigurations or incompatibilities (what you do in one area of your network may not synchronize or be compatible with another area of the network, particularly with cloud vendors).

  • Human error (Hey, we all make mistakes. But automating can remove this ever-present challenge, increasing the health of the network).

  • Loss of control (how can you restrict access to increase security and focus on providing autonomy only where needed.)

Where Men & Mice Can Help

How to approach IP infrastructure management

Retaining network security on the DNS, DHCP and IP address level has been a core design principle for the Men & Mice Suite from day one (which was nearly 30 years ago). Managing the fundamental components of the network means great responsibility: if the foundations are compromised or out of sync, the entire network is at risk.

The first security risk the Men & Mice Suite has addressed in the evolving world of hybrid network management, was to eliminate synchronization and misconfiguration hurdles between on-prem services and cloud services, then across cloud providers, enabling greater automation and utilization of network resources, independent of what are the services themselves. Then, we centralized management of these diverse and otherwise incompatible resources into one place.  

This backend-agnostic, API-first overlay approach gave way to the xDNS Redundancy feature, which helps further mitigate DDoS and other malicious attacks.

If parts of the network become unavailable during an event like a DDoS attack, xDNS Redundancy prevents shutdown by switching to alternate resources. Once the affected resources are once again accessible, changes and updates are automatically synced across the entire network.

Due to the Men & Mice Suite's powerful, compatible APIs different network resources are processed and managed the same way within the Men & Mice Suite. This means that replicating or migrating DNS zones or DHCP scopes between network environments requires no special consideration or prolonged processes, making your DNS, DHCP and IPAM more nimble.

In addition, health alerts within the Men & Mice Suite provide the visibility necessary to proactively address misconfigurations, address space overlaps and malicious attacks while minimizing its effect on user experience.

Likewise, unified audit trails within the Men & Mice Suite help identify the source of an issue and on what area of the network, providing richer data to inform proactive decisions.

More often than any company would like to admit, especially in the age of post-Bring Your Own Device (BYOD) enterprise culture, security breaches can occur through human error. A simple password used across multiple mission-critical logins, a laptop stolen or left digitally unguarded, a malicious email attachment downloaded with malware, trojans or droppers, all can quickly take down or manipulate areas of your network, wreaking havoc.

The Men & Mice Suite’s granular access controls, including its integration with Microsoft Active Directory, provide solid security templates for preventing unnecessary access (and therefore unnecessary vulnerabilities) on the network. Retaining existing configurations and implementing new ones is easy, replicated, synched and scales as needed.

IT is no longer a department but a holistic and critical business resource. In 2019, we’ll be placing emphasis on closing the gap between IT professionals and IT users, on-prem and cloud teams as well as the increasing importance of overlays. It is our goal to showcase the importance (and value) of  proper DNS and IPAM for businesses, and the effects (and context) of eliminating network hindrances that complicate or slow business decisions.

Lesson 1: A quick way to learn about DNS Protocols

Here's a recent discussion during EuroBSDCon on DNS protocols and what will be changing in the future (DNS over TLS vs. DNS over HTTPS) by Carsten Strotmann on behalf of Men & Mice. We'll elaborate on this topic a bit more in 2019 during our talk at UTmessan in Reykjavik, February 8 & 9. 

What you need to know about DNS Protocols_ The good, bad and ugly of DoH and DoT

 

Topics: Security, network security, ip infrastructure, hybrid dns, hybrid ipam, network management

Men & Mice Sensible IPAM Part 4: Managing Everyday DHCP, DNS, and IPAM

Posted by Greg Fazekas on 12/17/18 5:06 AM

We’re continuing our series on implementing sensible solutions to rein in scattered network resources, specifically IP infrastructure management such as DNS, DHCP and IPAM (DDI). In this post, we examine how to simplify day-to-day IP infrastructure operations, in-house or in the field, by rethinking priorities and streamlining the interface between you, your engineers and the network.

This Playbook series consists of five parts:

Each part of the blog series presents real-world scenarios that Men & Mice has helped solve.

When response time > features (agility)

Imagine that you are:

  • An infrastructure director of an enterprise company that’s recently experienced a merger. You’re evaluating newly acquired resources, and how to integrate them into the network. For the moment, however, you simply need to keep everything running smoothly while you evaluate how to merge the network resources. You need to quickly see network resource usage statistics, identify overlaps and bottlenecks, and monitor network health.

  • A network administrator delegating day-to-day management across teams and offices distributed over multiple international geographies. To minimize manual changes, cut network overhead and mitigate misconfiguration errors, you have to automate processes and set up local access controls that complement your network security strategy, in tandem with helping your team have the autonomy they need to operate unencumbered.

The integrity of enterprise IP infrastructure (DNS, DHCP, IPAM), factors heavily towards the business’s ability to execute on operations and even generate revenue. Yet, there’s very little knowledge, outside of core IT departments, about the functions and responsibilities of the company’s network. Likewise, IT operators don’t always have the full scope of understanding about how network complexities can hinder business efficiencies. What is known, however, is that agility is becoming more important as networks scale or adapt to meet changing demand, with speed and simplicity proving equally valuable to the robustness of the DNS, DHCP and IP address management solution.

What You Need from your DNS,DHCP and IPAM

How not to approach IP infrastructure management (2)

Instead of lugging the proverbial kitchen sink everywhere you go, or retro-fitting your network needs into a uniform solution (especially when doing so creates greater hurdles), that, well, doesn’t actually serve your needs, choose a lightweight overlay solution that lets you resolve common issues and manage network functions quickly, every day and provides the visibility necessary to maintain the network’s integrity.

As Elias KhnaserSenior Director Analyst, Gartner, pointed out in a recent Gartner IOCS talk entitled,“Technical Insights: Top AWS and Microsoft Azure Mistakes You’ll Want to Avoid,”  3rd party solutions (eh em) should be used to bridge gaps between on-prem and cloud for hybrid / multicloud environments. Likewise Bob Gill encouraged the use of overlays “to bring order to the chaos.” (Thanks, Bob! We agree.)

This will enable you to simplify workflow and minimize the complexities between you and the network, no matter which area of the network you are focused on any given day and no matter the underlying architecture behind it. Complete visibility helps you make informed decisions. Coupled with the flexibility to quickly maneuver, the solution you choose must enable you to adapt to changing needs without disruptions in network functionality.

Where Men & Mice Can Help with day-to-day IP infrastructure managment

With the robust and complete feature set of the Men & Mice Suite and the built-in visibility it offers,  you can tackle large projects and deep (re)organization all while getting a much clearer view of IP infrastructure management holistically. The newest version of the Men & Mice Suite, introduced a few months back, delivers the management power and day-to-day operational functionality through our light-weight overlay software, neatly packaged with an improved web application.  

The web application is designed specifically for day-to-day operations where speed and agility is paramount. For example, you can quickly organize and manage DNS zones and records or  IP address ranges, DHCP scopes and IP addresses. Its features are streamlined, to manage the most common tasks performed through the Men & Mice Suite with additional Quick filters and Quick command to further cut down time. If you need to deep dive into the guts of your network operations, fear not, you have the Windows management console as well.

Engineers overseeing various areas of your network can quickly respond to and solve IP allocation issues, move DNS zones and DHCP scopes, remove bottlenecks locally and experiment with moving more workloads to the cloud, without sacrificing the ever important visibility.

Automating and delegating tasks that are defined through fine-grained access controls within the Men & Mice Suite helps alleviate IT overhead and affords some localized autonomy in everyday scenarios, making day to day network management more efficient.

Infrastructure directors overseeing fragmented networks can get greater visibility and operational functionality. 

Men & Mice Suite distills powerful DDI capabilities into a non-disruptive software package, complete with an agile tool for day-to-day management, offering compatibility with Unix/Linux, Windows, and Cisco IOS as well as functionality across Azure DNS, Amazon Route 53, Dyn, NS1, Akamai Fast DNS, and IPAM in AWS, Azure and OpenStack.  Manage, sync and automate network changes and authorizations, filter and record changes through unified audit trails and get comprehensive insight into large-scale networks through one unified dashboard. 

In the last part of our playbook series, we’ll take a closer look at how to reinforce IP infrastructure security and prepare for DDoS mitigation and defense against other threats.

Topics: IPAM, IP address management, network security, ip infrastructure, multicloud, hybrid dns, hybrid ipam, network management, day-to-day IT

Men & Mice Sensible IPAM Part 3: Cloud integration

Posted by Greg Fazekas on 12/3/18 9:54 AM

 We’re continuing our series of posts on steps to creating a sensible environment from your scattered network resources, for business reliability and efficiency. In this post, we examine how to tap into flexible and affordable cloud resources without losing money on the hidden costs of migration and misconfiguration. This Playbook series consists of five parts:

Each post in the series presents real-world problems for which Men & Mice have solutions.

Pitfalls of cloud adoption on infrastructure

cloud_vendor_lockin

Imagine that you are:

  • A CTO of a global logistics company and your corporate network is diverse, due in large part to acquisitions, where segments are in cloud, co-located and in your own data centers. Your warehouses around the world have to run independently, to ensure there are no service or operations interruptions, even if cut off from the rest of the network. How do you consolidate and synchronize between on-prem and cloud networks, even when a location goes offline?

  • A network administrator and your company is tapping into cloud infrastructure for the first time. You’re tasked with overseeing workload migration and establishing processes for orchestration. Where do you start?

  • The Director of Infrastructure Services at an IoT company providing personalized services for users. Privacy is paramount, and your solution relies on heavy cloud usage — but utilizing virtual machines on-demand is slow and customers experience issues. You identify that your on-prem DNS is the bottleneck.

From a business standpoint, the advantages of cloud services cannot be overstated. While attending Gartner IOCS London last week, we saw our vision validated. The overarching message to IT Infrastructure and Operations leaders was to modernize, diversify and synchronize. Further, AWS re:Invent, which we also attended, showcased Amazon’s focus on streamlining hybrid environments, which was great news for customers of Men & Mice Suite who capitalize on our compatibility with AWS and AWS Route 53, from an IPAM and DNS perspective respectively.  The modern strategy in network is to align network architecture and operations with business logic and policy for more intelligent infrastructure.

This means capitalizing on and properly integrating cloud resources into existing networks, and avoiding hidden and unexpected costs (“What is this $100,000 bill from our [cloud provider]??” --Philip Dawson, during Gartner IOCS London). Integrating is the hard part… or at least it used to be.

We’re very much looking forward to continuing the conversation around hybrid cloud efficiencies and our leadership in DNS, DHCP and IPAM for complex hybrid networks at Gartner IOCS in Las Vegas this week.

What You Need

Every network management solution must include some kind of integration with cloud services. There’s a difference, however, between cloud-native integration at the core and compatibility as a feature or an afterthought. Worse, forcing customers to retrofit antiquated solutions into cloud services as a means of retaining a revenue model destined for extinction.

Furthermore, compatibility with a range of cloud services (from AWS to Azure to others) is important: flexibility means little if it comes with a set of strings that lock your business in. You need portability. Your network will scale up, down, in and out faster than ever before. Adaptability is key. Plus, distributed resources and redundancy protect against DDoS and other failures.

Where Men & Mice Can Help

men_mice_dns_ipam_cloud

Men & Mice Suite is an overlay solution for core of IP infrastructure management. Its flexibility as an overlay above the entire network, regardless of platform and environment, extends beyond on-prem, into cloud services as well.

Because the Men & Mice Suite handles network the same way, no matter the underlying setup or location, it’s especially suited to consolidate and synchronize, making management more efficient and automation easier. Further, its built-in reporting features (specifically audit trails) channel all network information from various resources through a central component, enabling quick, transparent data on what’s happening in your IP infrastructure and where.

If a part of the network becomes isolated, for example, Men & Mice Suite will then seamlessly sync and update once reconnected.

Another roadblock for business at the network level is incompatibility between cloud services.  Each vendor organizes data differently, with different APIs, which creates a need for specialized personnel, support services and added costs and can make moving workloads to or across cloud infrastructure frustrating at best and impossible at worst.

The Men & Mice Suite simplifies orchestration and automation through its reliable APIs, which are compatible with the best-in-class cloud services, even capitalizing on their cloud-native features.

It utilizes the existing service features to pull valuable Cloud IPAM and DNS information into a centralized management interface together with on-prem data. And all is done with minimal disruption, thanks to the software-based design and virtual appliances. 

From AWS to Azure, from on-prem private clouds to public infrastructure, the Men & Mice Suite brings a holistic approach to network core management in the age of cloud. Its simplified operations workflow cuts out hidden costs and creates a single reliable management layer for DNS, DHCP, and IPAM.

In short, Men & Mice Suite lets you scale your network to suit YOUR needs and we’ll focus on providing you with the management capabilities and visibility, no matter what’s under the network hood and how it changes over time.

In our next post, we take a look at day-to-day network core management of IP infrastructure, and how we make that simple and straightforward as well.

 Already a customer of Men & Mice Suite? You can now share your experience through Peer Insights and G2Crowd! 

New call-to-actionNew call-to-action

Topics: hybrid cloud, hybrid network, multi-cloud

Why follow Men & Mice?

The Men & Mice blog publishes educational, informational, as well as product-related material for everyone and anyone interested in IP Address Management, DNS, DHCP, IPv6, DNSSEC and more.

Subscribe to Email Updates

Recent Posts