The Men & Mice Blog

Men & Mice

Recent Posts

Streamlining DNS changes with Men & Mice Suite: introducing the new Workflow Module

Posted by Men & Mice on 3/13/19 12:17 PM

A common organizational bottleneck and security conflict exists between the users’ need for autonomy and the network administrators’ responsibility towards network health and security.

The  Men & Mice Workflow Module add-on, available from version 9.2 of the Men & Mice Suite, is designed to resolve this painful organizational inefficiency and common security challenge.  

Streamlining DNS across your entire organization

With the Workflow Module, network administrators can gain greater control and transparency over changes within their DNS infrastructure through an efficient queue of requests and approvals for DNS tasks.

The Workflow Module allows all users to make  DNS changes like

  • adding a new DNS record

  • modifying or deleting an existing DNS record

  • scheduling DNS changes

To preserve the user’s need for autonomy, and resolve it with respect to network security, changes are not applied directly, but a request is created instead. Users can review their pending requests in the Web Application, and revoke them if they change their mind.

workflow-user

In the same interface, users with administrative permissions can view all submitted DNS change requests, and approve or reject them individually or in bulk. Changes can be set to propagate immediately or be scheduled later, at a more suitable time. (Such as when network load is minimal, to avoid issues like caching.)

workflow-admin

Through this streamlined process, users can set up DNS changes ranging from small and singular to wide and sweeping, without having to wait. The approval process ensures that only those with the appropriate privileges can process the changes, in a fast and efficient manner. User autonomy and administrator responsibilities that, for a large part, seemed mutually exclusive before can now serve to augment each other’s work.

Combined with other features of the Men & Mice Suite, such as xDNS Redundancy™, the Workflow Module  enhances security and boosts network resilience, while simplifying processes and increasing organizational efficiency.

Take a look at the following video to see the Workflow Module in action:

 

 

Try the Men & Mice Suite 9.2

The Men & Mice Suite helps to make complex enterprise IP infrastructure management, across hybrid and multicloud environments, as elegantly simple and quietly robust as customer-grade technology — but on an enterprise-grade scale.

The new Workflow module is an important step in delivering that streamlined network management experience to the enterprise. Extendable in future versions with further functionality, it builds on the compatibility across all major cloud and on-prem DNS platforms that has been a core advantage of the Men & Mice Suite since the beginning.

You can try version 9.2 of the Men & Mice Suite by clicking the button below or grab it directly from the Azure Marketplace. The new Workflow module is part of the Men & Mice Web Application and can be licensed as an add-on to versions of Men & Mice Suite v9.2 or beyond.

Men & Mice Suite Free Trial

Topics: DNS, DNS events, day-to-day IT

Men & Mice Suite version 9.2 released with AWS multi-account management, DNS Workflow, advanced Reporting and Azure Marketplace availability

Posted by Men & Mice on 3/6/19 7:11 AM

Men & Mice Suite Version 9.2 continues to deliver on the company’s commitment to making complex enterprise IP infrastructure management, across hybrid and multicloud environments, as elegantly simple and quietly robust as customer-grade technology, but on an enterprise-grade scale.

Men & Mice Suite Version 9.2 in a nutshell (tl;dr):

●   New Workflow module (add-on): greater ease and control of DNS management by enabling users to request and optionally schedule the fulfilment of DNS changes for administrator approval/denial.

●   New Advanced Reporting module (add-on): create tailor-made reports by correlating data and templates in just a few steps, scheduling the results to be generated daily, weekly or on a custom schedule.

●   Multiple account support for AWS: manage and retrieve data from AWS master account credentials associated with up to thousands of AWS sub-accounts.

●   Availability on the Azure Marketplace: try the Men & Mice Suite on Azure, or implement with one-click install (with step-by-step instructions).

●   Improved DHCP functionality for scopes and reservations on ISC DHCP, ISC Kea, and Cisco

●    A host of added functionality for filtering, quick commands, and data displays for further mobility and ease of operations.

Free Trial of the Men & Mice Suite version 9.2

Not sure yet? Read more about the Men & Mice Suite's new 9.2 features and functionality.

Artboard 1-100Five noteworthy updates in Men & Mice Suite 9.2 for a Future-ready IP Infrastructure Strategy

Beyond the consistent improvements customers have come to expect from Men & Mice, version 9.2 of the Men & Mice Suite focuses on the expansion of cloud integration, such as AWS multi-account support and Azure Marketplace availability, as well as simplifying DNS workflows and deepening reporting capabilities with new add-on modules.

AWS Multi-Account Management

Men & Mice Suite already features cloud-native integration with AWS and Azure as well as Akamai Fast DNS, Amazon Route 53, Azure DNS, Dyn DNS and NS1 to best manage and synchronize IP address management and DNS respectively. In the v9.2 release, Men & Mice has added multi-account support in AWS, to manage and retrieve data from AWS master account credentials associated with up to thousands of AWS sub-accounts.

aws-multi

DNS zones, VPCs and subnets can be listed for each AWS account subscription, dramatically cutting down administration while guaranteeing a global view/management of the cloud infrastructure.

New Workflow Module

One of the key new features in version 9.2 is the newly introduced Workflow module for efficient request and approval of DNS tasks. The Workflow module allows users to make requests for creating, modifying and deleting DNS records and optionally schedule the fulfillment of DNS changes. 

workflow

A common scenario for using the Workflow module would be a user requesting to add a new DNS record, modify or delete an existing DNS record. The request is created and is viewable to an administrator, along with other requests from other users in one comprehensive list, for approval or rejection, scheduling or immediate implementation. The new Workflow module can be licensed as an add-on to versions of Men & Mice Suite v9.2 or beyond. 

Advanced Reporting Module

In any enterprise-level organization, transparency and a clear line of responsibility are crucial. The new, advanced Reporting module, enables users and administrators with the ability to utilize, save and export for download a variety of report templates and customized reports.

reporting

In 2018, Men & Mice introduced simplified reporting features within the Men & Mice Suite. In Men & Mice v9.2, the new advanced Reporting module takes this several steps further, where reports can be tailor-made by correlating data and templates in just a few steps, scheduling the results to be generated daily, weekly or on a custom schedule. The advanced Reporting module can be licensed as an add-on to versions of Men & Mice Suite v9.2 or beyond.

We’ll cover the two brand new modules for Workflow and Reporting in detail in the coming weeks.

Men & Mice Suite goes live in the Azure Marketplace

azure-marketplace

Microsoft’s software and services are present in just about every organization’s infrastructure, making the business of keeping critical infrastructure up and running consistent, reliable, and familiar for a lot of network managers. Familiarity of technology has its benefits, particularly when it’s possible to extend your network into the cloud within the same Microsoft ecosystem, as is the case with Azure cloud services.

The first third-party solution to have integrated with Windows 2016 and Azure DNS, Men & Mice takes its long-term technological focus a step further by simplifying availability of the Men & Mice Suite for Microsoft Azure customers. From Version 9.2, the Men & Mice Suite is available through the Azure Marketplace. Deployment can be done in a matter of minutes instead of hours, with one-click install and easy-to-follow instructions. Simple as that.

Automation and the Men & Mice REST API

Not every network task requires human interaction. In fact, the life of a network manager can be simplified by automation in the right places. Men & Mice’s REST API offers the automation and customization needed to keep teams focused on the bigger picture and help keep networks secure.

network_menmice

In addition to improved automation and customization capabilities, some other great new features introduced in Men & Mice Suite v9.2 include added IPv6 support in its network creation wizard, single-click system updates and improved management of subnets, ranges, scopes, and more.

Changing The Way The World Sees Networks

Overlay solutions, such as the Men & Mice Suite, anticipate changing network needs, focus on compatibility between services and extend network investments while combating network conflicts and vulnerabilities. Likewise, Men & Mice’s dedication to establishing both technical and business partnerships for its solutions means customers can count on DevOps-friendly automation, synchronization and the unified visibility necessary to manage the next generation of enterprise networks.”  — Sigfús Magnússon, Head of Product, Men & Mice.

Let us walk you through a demo

Free Trial of the Men & Mice Suite version 9.2

Topics: Men & Mice, DNS, DHCP, IP address management, "cloud dns", Azure DNS, aws, azure, multi-cloud, ip infrastructure, multicloud, hybrid dns, hybrid ipam

Men & Mice Suite 9.1: cloud-ready network management for DNS, DHCP and IPAM

Posted by Men & Mice on 7/11/18 7:47 AM

Changing the way the world sees LI

Our commitment to efficient network management has a new number! The Men & Mice Suite 9.1 is a feature release with a host of cloud-ready enhancements plus the usual suspects (bug fixes and improvements).  

Network Management just got easier

Transparency, responsiveness, and ease-of-use are all core principles of Men & Mice for keeping networks healthy and safe from DDoS attacks and other DNS network failures.

The 9.1 release continues our mission to simplify network management without sacrificing features. Included in Men & Mice Suite v9.1:

  • A new web-based Men & Mice Suite management application
  • Optimized and enhanced cloud support
  • Improved xDNS Redundancy read-only zones for hybrid and multi-cloud networks
  • DNS software on appliances upgraded to BIND 9.11 with DNSTAP support
  • NTP functionality for virtual appliances
  • Various improvements and bug fixes

5 Things You’ll Love About Men & Mice Suite v9.1

Men & Mice Suite v9.1 focuses on features and refinements gleaned from customer feedback and engagement as well as refinements of previously introduced functionality. Here's what you will find in the new release: 

Web-based management application

The new web-based management application serves as an alternative to the Men & Mice Suite Windows-based management console. It’s designed to make performing day-to-day tasks, management functions and generating reports related to DNS and DHCP operations easier. The application features three sections: DNS, Networks and Reporting.

  • The DNS section makes all your DNS zones accessible from a single place.
  • The Networks section gives you instant access and overview of your networks.
  • Reporting lets you quickly find and run existing reports.

men_and_mice_quick_command-1

Its Quick Command functionality cuts down time on common tasks such as finding and working with DNS zones or records, IP address ranges, DHCP scopes and IP addresses.

Read-only zones in xDNS Redundancy groups

xDNS Redundancy, which can be used to synchronize DNS zones hosted with multiple cloud providers, now includes support for Active Directory-hosted zones. Zones in a redundancy group can be assigned to read-only mode, so that changes made to a DNS zone outside of the Men & Mice Suite will not be replicated to all other zone instances.

Optimized and enhanced Cloud support


Version 9.1 streamlines the migration and management of a large number of DNS zones with Azure DNS and Amazon Route 53 by utilizing cloud-native features to monitor changes to DNS made outside of the Men & Mice Suite, greatly improving synchronization of DNS data from the cloud providers.

Men & Mice virtual appliances upgraded to BIND 9.11 with 

DNSTAP support

DNS software on Men & Mice virtual appliances has been upgraded to BIND 9.11, which supports various new features as well as DNSTAP. Details on DNS queries received and DNS replies sent by the Men & Mice virtual appliances can now be logged for further processing by enabling and utilizing the powerful DNSTAP feature with minimal performance impact on the appliances.

NTP functionality for virtual appliances

The virtual appliances can also now function as NTP (Network Time Protocol) servers and be served by the same network infrastructure as DNS and DHCP.  Currently this functionality is manual and can be implemented per request with our support team. 

Nearly 30 years of DNS experience in one solution

The Men & Mice Suite v9.1 represents our commitment to enabling customers to adapt their infrastructure to be more software-enabled, cloud-ready and redundant, with increased visibility, control, security and automation.” --Magnús Björnsson, CEO of Men & Mice.

Complex enterprise network infrastructure can — and should — have the same elegant simplicity and responsiveness as IT professionals expect from customer-grade solutions. In the new release, Men & Mice has combined its nearly 30 years of expertise in developing DNS, DHCP and IPAM solutions with modern UX best practices to deliver a compelling, enjoyable management interface on top of a best-in-class, robust software-based DDI product.  

 If you want to try Men & Mice Suite v9.1 for free just click the button below. 

DNS, DHCP & IPAM Software Trial

Not ready? Read more about the Men & Mice Suite, or get an online demo.

DNS, DHCP and IPAM Demo

Topics: IPAM, DNS, DHCP, Redundant DNS, DDoS, IP address management, hybrid cloud, hybrid network, "cloud dns"

DNS and BIND  Training with Men & Mice

Posted by Men & Mice on 6/13/18 7:55 AM

trainingl

In the first half of 2018, Men & Mice Training taught courses in five countries with students flying in from across time zones and from other continents. Participants came from three different ccTLDs, from national governments, and from both major enterprise corporations and smaller institutions.

We are proud of our reputation for delivering exceptional training courses, positive student feedback, and humbled by the effort that people make to attend. However, we're committed to making attending easier.

New DNS & BIND fall 2018 courses added

ddi_menandmiceFive new public courses have been added to our schedule this fall, from September through November 2018.

We've also begun soliciting student feedback on where we should hold our next courses. Based on initial feedback, classes have already been scheduled for two locations where we've previously never taught: Denver, Colorado, USA, and Geneva, Switzerland.

Our most popular public course is DNS & BIND Week (DNSB-W).

DNS & BIND Week is ideal for anyone just starting in the DNS world, but most commonly attended by those knowledgeable about DNS, and by experienced BIND administrators. Those with previous skills report that the start of the course, which assumes nothing, fills in gaps in their knowledge and corrects misconceptions, and the course moves on to unknown topics and new material. All Men & Men courses are hands-on, full of laboratory exercises. 

If you want to get trained ASAP, this is your chance.

SUMMER COURSES

Space is limited but still available.

June 25 – 29, 2018 – Zurich, Switzerland

FALL COURSES 

September 17 – September 21, 2018  Europe (City TBD)


September 24 – September 28, 2018  Geneva, Switzerland


October 15 – October 19, 2018      Denver, Colorado, USA


October 22 – October 26, 2018      North America (City TBD)


November 12 – November 16, 2018    Zurich, Switzerland

DNS & BIND Fundamentals (DNSB-F): is the first three days of DNS & BIND Week.

Who attends: Those who work peripherally with DNS. After the course, many wish they had attended the entire week. For them, we offer DNS & BIND Advanced (DNSB-A), which is the final two days of DNS & BIND Week.

Looking ahead, in 2019 we plan to begin offering our three day DNSSEC & BIND (DNSSECB) course publicly. It is currently only available for private, on-site corporate training.

Register now

Topics: BIND, DNS training, DNS events

Men and Mice @ Cisco Live: Intuitive IT through intuitive DNS

Posted by Men & Mice on 6/5/18 8:00 AM

Visibility in DNS management is more important than ever. As networks become increasingly hybrid and migrate to cloud environments, managing multiple vendor systems and consoles adds new complexities to enterprise DNS management.

Men & Mice minimizes these complexities, reducing network vulnerability by unifying distributed DNS networks in one management console, additionally filtering activity through audit trails for full visibility and reporting.

We're excited to exhibit at Cisco Live (#CLUS) again this year to showcase how intuitive IT benefits from intuitive DNS. 

We're looking forward to showcasing what's changed since we visited Cisco Live last year:

  • We released version 8.3 of the Men & Mice Suite with unprecedented stability, performance and scalability.
  • We introduced xDNS for multi-vendor DNS management in the cloud.
  • We doubled the size of our service team to better cater to our customers. 
  • We added Live Demo capabilities to menandmice.com and streamlined our customer on-boarding process.

Visit us at Cisco Live! We'll be at booth #1113.

 Book appointment

Visit us to learn how to get DNS network visibility and manage complex DNS infrastructure with ease.

menandmice_dns_CLUS_ linkedin

Topics: Cisco Live, External DNS, hybrid network, DNS events

Thinking of doing DNS better?

Posted by Men & Mice on 3/20/18 10:27 AM

I train, therefore I am

Or that’s what Descartes may have said if he’d been thinking his thoughts in 2018.

Mind you, this blog is not about thinking and it’s not about physical training either, like running or wife carrying or stuff like that. It’s more about training as in training for the mind. Learning useful things. Like how to configure BIND, debug DNS, figure out TSIGs or what DNSSEC can do for your network. Basically, the kind of training that helps you build a leaner, stronger, fitter network, and create the system resilience needed to deliver those constantly surging numbers of packets to their right destination, faster and more securely.

DNS sync.png

Getting DNS skills in sync

Since 1999, Men & Mice has been known for running effective and efficient DNS & BIND training courses worldwide. Previous offerings included open, public courses in a number of locations, as well as private on-site training on request.

Beginning in 2018, we are putting a little extra effort and logging a few more air-miles, making it much easier for you to attend, wherever you are.  We’re extending our public offerings into new destinations, with upcoming courses scheduled in California, New York, Switzerland, England and Israel, with additional courses to be added as the year progresses. See the schedule at menandmice.com/training/

To get the hang of running a better network, sign up for the 3-day DNS & BIND Fundamentals, or take our most popular course and spend 5 days sinking your teeth deeper into the subject matter in DNS & BIND Week. A range of on-site training options is also on offer.

Reach out to Men & Mice Training to register for a course, ask questions, log comments, or to recommend additional locations for future public offerings.

In the meantime, check out the dates and feast your eyes on the list of topics covered by our hands-on courses, taught by DNS experts.

Happy training!

Topics: Men & Mice, DNS, BIND, DNS training

Network Outages, Human Error and What You Can Do About It

Posted by Men & Mice on 12/18/17 7:14 PM

When your route leaks 

Human error. As far as mainstream reporting on network outages goes, it’s the less flamboyant sidekick to DDoS and other cyber attacks. But in terms of consequences, it’s just as effective.

Once again, beginning of November, large parts of the US found themselves unable to access the internet due to one small error: a misconfiguration at Level 3, an ISP (Internet Service Provider) that underpins other, bigger networks.

According to reports the outage was the result of what is known as a “route leak”. In short, a route leak occurs when internet traffic is routed into inefficient, or simply wrong, directions due to incorrect information provided by one, or multiple, Autonomous Systems (ASes). ASes are generally used by ISPs to keep track of IP addresses and their network locations. Packets of data are routed between ASes, which use the Border Gateway Patrol (BGP) to establish and communicate the most efficient routes so you can browse the whole internet, and not just the IP addresses on your particular ISPs network.

Route leaks can be malicious, in which case they’re referred to as “route hijacks” or “BGP hijacks”. But in this case, it seems the cause of the outage was nothing more spectacular than a simple employee blunder, when (as speculation goes) a Level 3/Century Link engineer made a policy change which was, in error, implemented to a single router while trying to configure an individual customer BGP. This particular incident constitutes what the IETF defines as a Type 6 route leak,  generally occurring when “an offending AS simply leaks its internal prefixes to one or more of its transit-provider ASes and/or ISP peers.”

Route leaks, small and large, are regular occurrences – it’s part and parcel of the internet’s dependency on the basic BGP routing protocol, which is known to be insecure. Other recent high impact route leaks include the so-called Google/Hathway leak in March 2015 and a misconfiguration at Telekom Malaysia in June 2015 which had a debilitating roll-on effect around the world.

To minimize the possibility of route leaks, ISPs use route filters that are supposed to catch any problems with the IP routes that peers and customers intend to use for the sending and receiving of packets of data.

Other ways of combating route leaks include origin validation, NTT’s peer locking and commercial solutions. Additionally, the IETF is in the process of drafting proposals on route leaks.

Factoring in the human element

Tools and solutions aside, Level 3’s unfortunate misconfiguration once again highlights the fact that, despite keeping a low profile in the news, human error still rules when it comes to causing common network outages.

In an industry focused on how to design, build and maintain machines and systems that enable interconnected entities to send and receive millions of packets of data efficiently every second of every day, it’s maybe not all that odd that the humans behind all of this activity become of secondary importance. Though, as technology advances and systems become more automated, small human errors such as misconfiguring a server prefix are likely to have ever larger knock-on effects. At increasing rates, such incidents will roll out like digital tsunamis across oceans, instead of only flooding a couple of small, inflatable IP pools in your backyard.

Boost IT best practices - focus on humans

So outside of general IT best practices, what can you do to help the humans on your team to avoid human error?

Just as with any network, human interaction is based on established relationships. And just as in any network, a weak link, or a breakdown in the lines of communication, can lead to an outage. Humans who have to operate in an atmosphere of unclear instructions, tasks, responsibilities and communication, can become ineffective and anxious. This eats away at employee morale and workflow efficiency and lays the groundwork for institutional inertia and the stalling of progress. At other times, a lack of defined task-setting and clear boundaries may resort to employees showing initiative in the wrong places and at the wrong times.

To limit outages due to human error, just distributing a general set of best practices or relying on informally communicated guidelines amongst staff are simply not enough. While networking best practices always apply, the following four steps can be very effective in establishing the kind of human relationships needed to strengthen your network and optimize network availability.

 

Define DDI-1.png

1. Define

Draw up, and keep updated, a diagram not only of your network architecture (you do have one, don’t you?), but also make sure you have a workflow diagram for your teams: who is tasked with which responsibility and where does their action fit into the overall process? What are the expected outcomes? And what alternative plans and processes are in place if something goes awry? Most importantly, match tasks and responsibilities with well-defined role-based access management.

2. Communicate

Does everyone on your team, and collaborating teams, know who is responsible for what, when and where, and how the processes flow? Is this information centrally accessible and kept up to date? Clarity, structure and effective communication empower your team members to accept responsibility and show initiative within bounds.

3. Train

Does everyone on your team know what’s expected of them, and did they receive appropriate training to complete their assignments properly and responsibly? Do they have the appropriate resources available to do what they need to do efficiently? Without training and tools in place, unintentional accidents are simply so much more likely to occur.

4. Refresh

Don’t wait until team members run into trouble or run out of steam. Check in with each other regularly, and encourage a culture of knowledge sharing where individuals with different skill sets can have ample opportunity to develop new skills and understanding.

Refresh DDI.png

Finally

The saying goes, a chain is only as strong as its weakest link. The same goes for networks.

At a time in history when we have more technological checks and balances available than ever before, it turns out the weakest networking link is, too often, a human. While we’re running systems for humans by humans, we may as well put in the extra effort to help humans do what they do, better. Our networking systems will be so much stronger for it.

 

New Call-to-action

 

Topics: DDI, DDoS, network outages, IT best practices, IP address management

Secure Your DNS Across Multiple DNS Service Platforms with Men & Mice xDNS Redundancy

Posted by Men & Mice on 7/10/17 12:50 PM

DNS (Domain Name System) is the most critical aspect of any network’s availability. When DNS services are halted, or slowed down significantly, networks become inaccessible, leading to damaging losses in revenue and reputation for enterprises.

To ensure optimal network availability, many enterprises depend on top-tier managed DNS service providers for their external DNS needs. The basic “table stakes” characteristics of an enterprise-class managed DNS service are high reliability, high availability, high performance and traffic management. However, even the most robust DNS infrastructure is not immune to outages.

Outages may be localized, in which only certain DNS servers in the network are not responding, or, less commonly, system-wide. A system-wide DNS failure can take an entire business offline - the equivalent of power failure in every one of their data centers.

To prevent this, top-tier managed DNS systems have a great deal of built-in redundancy and fault tolerance, yet the danger of a single point of failure remains for enterprises that rely solely on a single-source DNS service.

If no system of DNS is failure proof, this begs the question: what should an enterprise do about it?

Using multiple DNS service providers for ultimate DNS redundancy

DNS availability statistics for managed DNS providers shows that the industry norm exceeds 5 nines (99.999%) uptime. This is the equivalent of about 5 minutes per year downtime. However, this top line number does not provide any detail on the impact of degraded performance, or the cascading effect of a system-wide outage of various duration, on individual enterprises.

To discover the true impact of a potential loss of DNS availability, enterprises need to properly assess the business risk associated with relying on a sole source provider, and compare that with the cost of a second source DNS service. What would a 30-minute loss of DNS cost the business in terms of revenue loss, reputation damage, support costs and recovery? What does it cost to maintain a second source DNS service?

Research amongst enterprises for whom online services are mission critical generally concludes that the cost ratios are in the range of 10:1 – one order of magnitude. Put another way, the cost of one outage is roughly estimated to be ten times the annual cost of a maintaining a second service. A business would have to have second source DNS for ten years to equal the cost of one major DNS outage.

Looking at the odds and costs of outages, many enterprises are opting to bring in a second, or even a third, DNS service to hold copies of critical DNS master zones.

This system of external DNS redundancy boosts DNS availability by:

External-DNS-Redundancy.png

1. removing the danger of exposure to a single point of DNS failure.

2. reducing traditional master-slave DNS redundancy vulnerabilities, where slave zones can’t be changed if the master becomes unavailable.

3. improving infrastructure resilience by hosting critical zones with multiple providers, ensuring continued service availability and updates of changes if one DNS service provider becomes unavailable.

The risky business of maintaining DNS redundancy across platforms

In theory, DNS redundancy across multiple DNS service provider platforms should be the best solution for optimal DNS high reliability, high availability and high performance. In practice, however, the complexity of tasks and scope for error involved in replicating and maintaining identical DNS zones on multiple platforms pose additional threats to DNS availability. The situation is made worse by:

  • A lack of centralized views
  • A lack of workflow automation
  • The difficulty of coordinating multiple platform APIs

This inability to view, synchronize and update identical zones’ data simultaneously can, in itself, lead to errors and conflicts in DNS configuration and result in a degradation of network performance, or even a network outage – the very events that multi-provider DNS redundancy is intended to prevent.

Protect your DNS on multiple platforms with Men & Mice xDNS Redundancy

Breaking new ground in the battle against DNS disruption, the Men & Mice xDNS Redundancy feature provides the abstraction level necessary to replicate and synchronize critical DNS master zones across multiple DNS service provider platforms, on-premises, in the cloud, or in hybrid or multi-cloud environments.

Men & Mice xDNS provides a unified view and centralized management of DNS data, regardless of the DNS service provider platform. Network administrators and other authorized users can use xDNS to perform necessary updates to their network’s DNS, as well as benefit from building automation with the powerful Men & Mice API, instead of having to dig around in different DNS platforms and deal with coordinating conflicting APIs. DNS-redundancy-and-Men-and-mice-suite.png

Combined with the flexibility of building automation on top of the Men & Mice Suite, xDNS offers you the freedom to better distribute your DNS load based on zone priority, performance requirements and accompanying costs. With xDNS, you are better equipped to steer the tiered price points of externally hosting, for example, critical high-performance or less essential low-performance zones, and utilize the DNS service best suited to your situation at a given time.

 


How xDNS Redundancy Works

Using the Men & Mice xDNS feature, create a zone redundancy group by selecting critical zones from DNS servers and services such as BIND, Windows DNS, Azure DNS, Amazon Route 53, NS1, Dyn and Akamai Fast DNS.

Once an xDNS zone redundancy group has been created, xDNS assists the administrator in creating identically replicated zone content, resulting in multiple identical master zones. Additional zones can be added or removed from the xDNS group as required.

All changes initiated by the user through Men & Mice, both the UI and API, will be applied to all zone instances in the group. All changes made externally to zones existing in the xDNS group, will be synchronized to all zones in that particular xDNS group. However, if DNS record conflicts arise, xDNS will alert the user and provide an option on how to resolve conflicts before the group is re-synchronized.

If an xDNS zone is not available for updating, for instance if one DNS service provider experiences an outage, that zone will be marked as out-of-sync. Once the zone becomes available again, it will be automatically re-synchronized and will receive all updates that were made while the DNS service was unavailable.

 

 

Men & Mice and NS1

NS1, the leading intelligent DNS and traffic management provider, recognizes the growing need for diverse application resiliency. NS1 has joined forces with Men & Mice in improving the efficacy of external DNS redundancy. Kris Beevers, Co-founder and CEO, says:

"Leveraging multiple managed DNS networks is the clear best practice for maintaining 100% uptime in today's rapidly evolving operational environment.  Configuring and operating multiple managed DNS services can be a complex, time-consuming process.  NS1 is excited to partner with Men & Mice to help enterprises minimize management overhead and seamlessly enable redundant DNS. xDNS Redundancy is well-suited to enable multi-network DNS without the usual headaches."

Men & Mice xDNS – making external DNS redundancy truly resilient

DNS redundancy is a great concept on paper, but a daunting challenge in practice. With xDNS, enterprises can seek out second, or even third source DNS services, confident in the knowledge that their DNS, and ultimately their business, will truly be safer that way.

Magnus Bjornsson, Men & Mice CEO, considers xDNS an important step towards providing enterprises with greater, and more reliable, network availability.
“Recent prominent network outages once again illustrate the critical importance of building more effective network resiliency through a powerful and secure system of DNS redundancy. Men & Mice xDNS provides a simple way for companies to manage their DNS on multiple external platforms, with the Men & Mice Suite software automatically taking care of the replication and synchronization of data in a reliable and consistent manner. We are looking forward to cooperating with NS1 on developing xDNS and extending DNS redundancy offerings.”

Men & Mice xDNS takes the ‘daunt’ out of maintaining external DNS redundancy, providing the centralized views and control necessary to reduce the risk of network exposure to a single point of failure, improve network reliability and performance and bolster the successful mitigation of DDoS attacks and other potentially harmful DNS incidents.

To learn more about xDNS Redundancy, check out the xDNS webinar, jointly presented by Men & Mice and NS1.

Check out the video to discover how it DDI all comes together:

Or try it out in the Men & Mice Suite:

New Call-to-action

Topics: DNS, Security, High availability, DNS redundancy, DDoS, External DNS, Failover

Men & Mice Breaks New DDI Ground with xDNS Redundancy and Multi-Cloud IPAM

Posted by Men & Mice on 6/29/17 1:30 PM

The joke goes: “How did God create the universe in seven days? No legacy infrastructure.”

Funny (or not) as that may be, how to make the most of legacy infrastructure in the age of accelerating technological disruption and rapid cloud services adoption, is the harsh reality most enterprises face today.

Well-known for its fast, reliable and efficient performance on large enterprise networks, the Men & Mice Suite already has a reputation as the go-to, enterprise-class, software overlay DNS, DHCP and IP Address Management (DDI) solution. With the release of Version 8.2 of the Suite, Men & Mice further solidifies our position as the commercial DDI solution best equipped to help large enterprises capitalize on legacy infrastructure, while adopting cloud services to advance business agility and scalability.

The Men & Mice Suite – IP wherever you are 

architecture.png

Almost three decades of expert innovation in DNS, DHCP and IP Address Management has given Men & Mice unique insight and expertise into creating solutions that confidently mitigate the shocks of technological disruption.

Built as an enterprise-grade, back-end agnostic solution and deployed on top of DNS and DHCP infrastructure, the Men & Mice DDI Suite pulls together critical network data from wherever it is kept, on-premises, in the cloud, hybrid cloud or multi-cloud, and turns a potential hot mess into a comprehensive overview, accessed and controlled from a single pane of glass.

The Men & Mice Suite provides consistent administrative controls on heterogeneous networks, with unparalleled support for Windows DNS and DHCP, BIND, Unbound, PowerDNS, ISC DHCP, Kea DHCP, Cisco IOS, OpenStack and Azure DNS and Amazon Route 53.

Designed to integrate seamlessly with the VMware Orchestrator framework, the Men & Mice Suite VMware vRealize Orchestrator plug-in allows for fast and efficient provisioning of virtual machines.

The first DDI solution to fully integrate with Microsoft Active Directory (AD), the Men & Mice Suite incorporates management of users and groups through AD, while granting access rights and building up roles and responsibilities through the Men & Mice Suite, ensuring advanced and secure granular role-based access management.

Offering you the flexibility to control your network as it suits you best, the Men & Mice Suite provides three powerful interfaces: the Men & Mice management console, the Men & Mice web interface, and, the strong and consistent Men & Mice API, communicating in SOAP, JSON-RPC and REST. The Men & Mice API, especially popular with our customers, provides the robust abstraction tools necessary to build and extend automation.

New in Men & Mice Suite Version 8.2

From Version 8.2, the Men & Mice Suite’s back-end agnostic capabilities are extended to include advanced, multi-cloud IP Address Management and integrated support for external DNS service providers.

Building on the flexibility of its architecture, Men & Mice Suite Version 8.2 consolidates on-premises and cloud networks in one view and point of access through support for IPAM in Azure and AWS, and by adding support for DNS service providers NS1 and Dyn to existing Men & Mice support for Azure DNS and Amazon Route 53.

Unique on the DDI market, and new in Version 8.2, the Men & Mice xDNS redundancy feature enables multi-platform DNS redundancy for ultimate network high availability, and successful mitigation of the fallout from DDoS attacks and other DNS failures.

xDNS redundancy provides the abstraction level necessary to replicate and synchronize critical DNS zones across multiple DNS service provider platforms, eliminating the possibility of a single point of failure resulting from dependency on one external DNS service provider.

Men & Mice - Changing the way the world sees networks

As IT matures into a key element for easily scalable business development and product delivery, and ultimately a driver of business growth, the need for high network availability, reliability and performance escalates.

For Magnus Bjornsson, Men & Mice CEO, delivering DDI products that boost business performance by bridging the gap between on-premises, cloud, hybrid cloud and multi-cloud network environments, is a challenge happily accepted. “We live in a world that’s getting more complicated by the minute. Cloud vendors are continuously bringing powerful new services online and enterprises are wrestling with how and when to best utilize them. Men & Mice Suite Version 8.2 is a landmark release, tackling this great challenge with innovative new features. Consolidating hybrid and multi-cloud IP Address Management in a single view and bolstering DNS availability across service provider platforms with xDNS redundancy, are great steps towards strategically improving the most critical of a company’s IT assets – its network. The Men & Mice Suite, used to run some of the largest corporate networks on the planet, is designed to give you the freedom and flexibility to use the back-end platform you want, to build the network you need.”

Looking for more?

Follow these links for more information on Men & Mice xDNS redundancy feature, or multi-cloud IP Address Management.

To see Men & Mice xDNS redundancy in action, check out the xDNS Redundancy webinar, jointly presented by Men & Mice and NS1.

Curious about how the Men & Mice Suite can benefit your network? Get in touch with one of our Men & Mice Sales Engineersor get your free Version 8.2 license for a complimentary 30-day trial experience.

New Call-to-action

Topics: IPAM, DNS, Security, CLOUD, High availability, DNS redundancy

Keep IT outages off your network with redundant DNS

Posted by Men & Mice on 5/31/17 11:43 AM

British Airways is still reeling after a weekend IT system outage that affected more than 1,000 flights and stranded approximately 75,000 passengers at Heathrow and Gatwick airports. Some sources speculate that the compensation costs could be similar, if not considerably more than the $100 million that last year’s crippling IT failure cost Delta Airways.

Statements from British Airways blamed the IT meltdown on a power supply issue at a data center, while ruling out any possibility of a cyber attack. Though it’s far too early to speculate on exactly how a power supply problem could knock a thousand flights off schedule, one thing is certain: British Airways’ Disaster Recovery Plan failed spectacularly - where system redundancy should’ve kicked in, there was none.

British Airways’ woes serve as an unpleasant, but urgent, reminder that the way we back up our systems is sometimes even more critical than how we run it day-to-day. As it goes with life insurance or a last will and testament, there’s no point in waiting until your plane goes down (or fails to go up) before you start getting your house in order.

The most effective way of providing ‘life insurance’ for your network, is to make sure that exactly mirrored copies of critical parts, such as DNS, are replicated to other locations away from your own data centers, thereby providing system redundancy. That way, if your data centers are knocked out, due to power failure, human error or malicious cyber activity, this critical service is still active, ensuring service continuity and retaining critical operational data – and keeping your passengers happy in the air, instead of sleeping on yoga mats in conference centers.

So how do you make your DNS redundant?

In a traditional DNS setup, a DNS master-slave deployment is used to maintain network availability, with one DNS server as the single writable source, or the master (see Diagram 1). Other DNS servers, or slaves, serve as back-ups, but rely on the availability of the master for new data. If the master becomes unavailable, critical DNS zones cannot be changed, and as ‘inferior’ entities, slaves can only serve zones temporarily in absence of their master.

Reduntant-dns-1.png

(Diagram 1)

Depending exclusively on a master-slave deployment poses a significant risk to a company in the event of any DNS outage. The risk is compounded when automation has been built on top of the DNS infrastructure, as the automation piece will halt until the master has been restored, or a slave has been manually promoted to the status of master. However, manual change, especially on networks serving hundreds of thousands internal and external customers, is not only very complicated, but carries a huge potential for error. When combined with the time factor and the complexities related to siloed teams and applications, reverting to manual change can too easily lead to disaster.

DNS redundancy is the process of expanding the choice of available DNS nameservers and distributing them between separate networks - basically keeping your DNS servers replicated in a lot of places, and pointing it at a lot of places.

To further limit risk, companies are increasingly turning to storing their critical external DNS zones on-premises, as well as with more than one specialized DNS or cloud provider that possesses the security, equipment and expertise to handle large amounts of DNS traffic from a variety of sources successfully. Ideally, the most effective redundant DNS architecture will have multiple masters, each possessing the advanced functionality to act as a primary server responding to DNS queries (see Diagram 2). Keeping the multiple master DNS records up to date and in sync can prove a challenge, but one that is totally outweighed by the ultimate benefits of continuous high availability.

Reduntant-DNS.png

(Diagram 2)

Why make your DNS redundant?

Sensible as it may seem, maintaining DNS redundancy is an IT expense that many enterprises try to avoid in order to keep operational costs down – a bit like putting off getting life insurance because it feels like such a waste to spend on the what ifs of tomorrow when all systems seem to be running just fine today. Yet these kinds of short-term savings can too easily turn into a “save a million, lose a billion” scenario, as (quite possibly) several airline bosses have recently discovered the hard way.

Keeping the running of your DNS diverse and distributed is an essential backup mechanism for any company wishing to stay connected, providing services and generating income 24/7/365.

For more information on how to manage redundant DNS complexity from one point of access, gain secure versatility and keep down unexpected expenses.

Topics: Redundant DNS, High availability

Why follow Men & Mice?

The Men & Mice blog publishes educational, informational, as well as product-related material for everyone and anyone interested in IP Address Management, DNS, DHCP, IPv6, DNSSEC and more.

Subscribe to Email Updates

Recent Posts