The Men & Mice Blog

Men & Mice at VMworld 2018 Las Vegas Part 2: Network and Security

Posted by Greg Fazekas on 8/14/18 12:47 PM

DNS_DHCP_IPAM_vmworld2018

As we mentioned in Part 1 of our 2-part VMWorld series, we’re returning to VMWorld in Las Vegas, August 26-30, (Booth #2124) and focusing on two main tracks from the agenda: Data Center and Cloud and Networking and Security. Our first post, discussed the advantages of our newly released Men & Mice Suite v9.1. Here we’ll discuss its networking & security advantages.

We already discussed how The Men & Mice Suite v9.1 supports Unix/Linux, Windows, and Cisco IOS and stretches into the cloud with functionality across Azure DNS, Amazon Route 53, Dyn, NS1 and Akamai Fast DNS, as well as IPAM in AWS, Azure and OpenStack.  Further, it can be dropped on top of an organization’s existing infrastructure to manage, sync and automate network changes, authorizations and provide comprehensive insight into large-scale networks through one unified dashboard.

NETWORKING AND SECURITYmen-mice-visibility-network

Organizations with well-considered DNS, DHCP and IP address management (DDI) strategy in place, are less vulnerable. Access to systems is binary; either you have access or you don't. Proper DDI management can help prevent vulnerabilities because critical resources are better protected through fine-grained access control, for both authorizing individuals and authorizing systems, which DDI offers. But DDI services vary in their offerings.

Deployed in a high-availability configuration as a management and automation layer on top of some of the world’s largest networks, the Men & Mice Suite supports thousands of concurrent users and API connections, with millions of managed IPs and DNS records, for automation and provisioning.  DNS updates and IP address allocation through workflow from provisioning systems is accomplished in milliseconds.

men-mice-network-securityThe Men & Mice Suite’s fine-grained access controls, ability to filter and record through its audit trails the network changes made across various on-prem and cloud services in a network, and reliable, compatible APIs, give organizations a strategic advantage to mitigate network vulnerabilities, limiting the impact of human error and attack probes, who otherwise would be more likely to go unnoticed.

xDNS redundancy is a focal point for our newest, 9.1 release. It’s designed to mitigate exposure to DDoS, ransomware, and other attacks; while keeping the transparency that plays a great role in security itself. We’ve also added a ‘read-only’ option within xDNS redundancy groups in Men & Mice Suite v9.1. With it, network managers can protect their configurations from spreading an otherwise isolated problem to the entire network. Together with the support of Active Directory zones in xDNS groups, organizations can easily bring their on-prem DNS configurations to a cloud environment and vice versa, proactively minimizing common network availability issues.

Enterprise organizations require exemplary network functionality and security. Much of that security comes from fine-grained control and visibility, especially when the sprawl of IT resources scale up. Recently, John P. Mello Jr. reported on the inherent, large-scale threats faced by critical infrastructure and enterprise organizations. The TechNewsWorld article, interviewed several security and network management companies, including Men & Mice, to learn various ways to protect against such threats. 

Can’t make it? No worries!

You can book an appointment to meet our team onsite at VMWorld (Booth #2124).

Or, if you’re missing the event, book a walk-thru any time by clicking the button below.

We’re always happy showcase the benefits of deploying our best-in-class overlay management solution on top of your network.

Book appointment

DNS, DHCP & IPAM Software Trial

Topics: vmworld, hybrid cloud, hybrid network, networking best practices, High availability, Redundant DNS, Men & Mice, DDI, network security, "cloud dns", Cisco IOS, Azure DNS, Amazon Route 53, Dyn, NS1, Akamai Fast DNS, azure, aws

Men & Mice at VMworld 2018, Las Vegas Part 1: DATA CENTER AND CLOUD

Posted by Greg Fazekas on 7/30/18 6:30 AM

men_mice_dns_vmworld2018

We’re returning to VMworld in Las Vegas, August 26-30 (Booth #2124, come say hi!) — and excited to not only see how our industry is evolving to virtualization and automation, but to also contribute our two cents to the dialog (Or 9.1 cents, as it were).

Since the newly released Men & Mice Suite v9.1 offers highly scalable and efficient APIs that act as an abstraction layer to manage an organization’s whole DNS, DHCP and IP address infrastructure, across multiple vendors and cloud platforms, we’re focusing on two main tracks from the VMWorld agenda: Data Center and Cloud and Networking and Security, the first of which we’ll discuss in this post (the latter will appear in the next post).

DATA CENTER AND CLOUD

VMworld’s focus on integrated IT strategy plays nicely with the Men & Mice Suite v9.1 release (and our larger objectives as well).

Men & Mice has been providing compatibility with VMware’s vRealize Orchestrator and vRealize Automation for years now. As the industry turns toward virtualization and cloud technology to build its next-generation, hyper-converged infrastructure in hybrid cloud environments, running cloud-native applications to cut costs and increase efficiency, so to have we adapted our Men & Mice Suite of DNS, DHCP and IPAM solutions to help organizations manage networks effectively and at scale.

The Men & Mice Suite v9.1 supports Unix/Linux, Windows, and Cisco IOS and stretches into the cloud with functionality across Azure DNS, Amazon Route 53, Dyn, NS1 and Akamai Fast DNS, as well as IPAM in AWS, Azure and OpenStack.  It can be dropped on top of an organization’s existing infrastructure to manage, sync and automate network changes, authorizations and provide comprehensive insight into large-scale networks through one unified dashboard.

The Men & Mice Suite v9.1 supports thousands of concurrent users and API connections, with millions of managed IPs and DNS records, for automation and provisioning.

Virtualized Infrastructure and Applicationsmen & mice_secure_visible_dns

We favor virtualization over physical appliances and platform-specific, custom hardware allocation. Turns out, our customers do too.  We want our customers to be able to make the right choices for their network infrastructure (DDI) needs. Then, we offer our environment- and platform-agnostic Men & Mice Suite to help them manage it.

Virtualized infrastructure is both cost and performance efficient. Men & Mice Suite gives organizations the flexibility and adaptability they need as every area of business operations goes digital, providing the managaibility and visibility needed for high-availability networks to be, well, highly available.

Our new Men & Mice Suite v9.1, an overlay network management solution, offers many advantages for virtualizing and automating, as well as increasing visibility and ease-of-management of an enterprise organization’s network infrastructure, including its new web-based management application, which takes the “daunt” out of day-to-day operations and reporting.

Another way we’re making virtualization easier is through the Men & Mice virtual appliances, the DNS software for which we’ve upgraded to BIND 9.11, supporting various new features as well as DNSTAP. For example, details on DNS queries received and DNS replies sent by the Men & Mice virtual appliances can now be logged for further processing by enabling and utilizing the powerful DNSTAP feature with minimal performance impact on the appliances. They can also function as NTP (Network Time Protocol) servers and be served by the same network infrastructure as DNS and DHCP.

men_mice_hybrid network managementPrivate, Hybrid, and Public Clouds

Every cloud vendor is different. Different platforms and configurations offer different advantages (and drawbacks) for customers. They also offer very different, and often incompatible APIs. Men & Mice Suite v9.1 services complex enterprise hybrid and multi-cloud networks by providing single-pane-of-glass visibility and cross-platform functionality for DNS, DHCP and IPAM (DDI) operations, whose networks use either multiple cloud (cloud native) vendors or a combination of on-prem and cloud (hybrid).

The ability to bulk migrate DNS zones and DHCP scopes, ability to implement role-based authorizations, as well as providing 3 management interfaces (Windows-based management console, web-based management application and REST, SOAP and JSON-RPC APIs), the Men & Mice Suite v9.1 overlay software solution eliminates many of the complexities of today's large-scale networks while mitigating DNS failures such as configuration errors and DDoS attacks.

Further, Men & Mice Suite's xDNS Redundancy provides a level of abstraction that builds automation, provides centralized views, eliminates human error and removes conflicting DNS service provider platform complexities (e.g. incompatible APIs).

The Men & Mice Suite v9.1 also allows organizations to add Active Directory zones to xDNS groups. This, tied with the read-only members of xDNS groups, makes it easy for organizations to bring their internal, on-premises DNS into their virtual private clouds, and vice versa.

Cloud operations monitoring, a topic to which we’re looking greatly forward discussing at VMworld, is transparent and easy in the Men & Mice Suite v9.1. Not only have we integrated true cloud DNS into the Men & Mice Suite, but we also paid attention to the cloud-unique challenges it brings with it.

Can’t make it? No worries!

You can book an appointment to meet our team onsite at VMWorld (Booth #2124).

Or, if you’re missing the event, book a walk-thru any time by clicking the button below.

We’re always happy showcase the benefits of deploying our best-in-class overlay management solution on top of your network.

Book appointment

DNS, DHCP & IPAM Software Trial

Topics: "cloud dns", hybrid cloud, networking best practices, IP address management, DDoS, VMware, API, Redundant DNS, DNS redundancy, hybrid network, DHCP, DNS, Men & Mice, DDI

Network virtualization with visibility and automation of DNS, DHCP and IPAM

Posted by Greg Fazekas on 7/16/18 8:45 AM

The Men & Mice Suite version 9.1, released last week, introduced several new features and improved functionality for hybrid and multi-cloud networks. One of the additions we developed in our mission to change the way the world sees networks is a cross-platform, easy-to-use web-based management application.

Seamless integration

We intend the web-based management application for the Men & Mice Suite to be the go-to interface for the most common tasks. In the future, it will also serve as the central platform for our innovations across DNS, DHCP and IPAM (DDI). We're highly focused on developing an increasing number of partnerships to make integration across services and vendors even more seamless.

Day-to-day DDI operations made simple


With three major sections — DNS, Networks, and Reporting — the Men & Mice web-based management application is organized around operational efficiency.

Where the existing Windows-based management console of the Men & Mice Suite gives you the full range of configuration and management options for your networks, the web-based management application focuses on day-to-day tasks, such as finding and working with DNS zones or records, IP address ranges, DHCP scopes and IP addresses. You may want to use the full Men & Mice Suite application for the yearly inspection or the large restructuring of your networks, but can quickly get things done from anywhere, on any device, with the web application.

Quick Commands: lightning-fast, best-in-class user experience

men_and_mice_quick_command

Another way the web-based management application helps to efficiently manage networks is through its Quick Commands feature.

If you ever used the Spotlight functionality in MacOS or the universal search bar in other platforms or services, you know how a deceptively simple function can save incredible amounts of time. The Quick Command feature interacts with a single click or key combination (ctrl+space) and uses auto-complete to arrive at the needed information or function in just a few keystrokes. 

We’ll continue to focus on and add functionality to Quick Commands in future releases. As it gets smarter, so to will your network management get easier.

Visit the Men & Mice Suite web-based management console guide for more information on its capabilities and full functionality.

Virtualization and automation 

In addition to our virtual DNS/DHCP appliances and Virtual DNS Caching appliances, in a larger context of network management, the v9.1 release of the Men & Mice Suite continues to forge its path towards greater network virtualization and automation. The Men & Mice Suite restores and significantly improves the unified network visibility usually forfeited in the process of virtualization, intuitively pulling data from critical network components and consolidating it in an easy-to-use UI with extensive centralized control and functionality.

The Men & Mice Suite offers unrivalled integration with Microsoft Active Directory Sites and Subnets, combined with real-time synchronization across diverse server environments and distributed virtual and physical locations.

The comprehensive built-in tracking and logging tools ensure the systematic keeping of records. It's important to know who made what change, when, where, and why. Transparency takes the sting out of the fast and dynamic change procedures that are the hallmarks of virtualized environments.

Access management is granular and fully integrated with Active Directory. Role-based access provides strong, centralized control and delegation. Different IT teams experience painless cooperation and efficiency, respecting the often hazy task boundaries created by the transformation from physical machines to virtual instances.

The Men & Mice roadshow continues!

men&mice_vmworld_Booth #2124

What we do at Men & Mice is help companies with large, complex network infrastructure automate and virtualize their networks. We also believe in the value of other forms of networking-- meeting customers and future customers in person.

We’ll be exhibiting at VMworld in Las Vegas August 26-30, to showcase the Men & Mice Suite at booth# 2124.  We'll report in on our social media and on this blog — hope to see you either there!

Topics: hybrid cloud, hybrid network, IP address management, External DNS, VMware, vmworld, DNS, DHCP, Men & Mice, DDI

Everything’s changed in DNS. Nothing’s different in DNS.

Posted by Greg Fazekas on 5/10/18 7:56 AM

globe_menmicelogo

The history of DNS (Domain Name System) starts with the earliest of early networked systems: ARPANET. DNS has often been characterized as the “phone book” for the internet — that analogy was, of course, invented  in an era where phonebooks were a thing.

It may be more fitting to liken it to a phone company switchboard. Even in the earliest days of ARPANET, however, the required communication was to send an email to Stanford Research Institute at Stanford University, where the hosts.txt file was maintained, to get a new Hostname into the list. Then, all Internet hosts updated the hosts.txt file twice a week via FTP file transfer. Twice a week... by FTP!

Interesting fact: whatever platform you’re using, chances are you can find a hostsfile somewhere on your computer. This is a remnant of the early ARPANET days. Back then, a simple static text file controlled the entirety of the network.

The Making of a Network (a.k.a. “everything has changed”)

As the networks grew, the need to wait became cumbersome, if not unbearable. Business was increasingly conducted outside of bank hours, and computers were moving data faster for us. So, why not use computing to handle IP assignments as well?

In 1983, the standard for DNS was accepted by the ARPANET community. By 1984, at UC Berkeley, we saw the advent of "Open Source" Berkeley Unix Distribution (BSD) and ported TCP/IP to Unix, making Unix a networked OS (under a DARPA grant) resulting in the first version of the Berkeley Internet Name Domain (BIND). To this day BIND serves as the de facto DNS software of the internet.

Thereafter, the Internet Engineering Task Force (IETF) was founded, and with it came new formal processes that have shaped the backend of the internet as we know it today.

Fast Forward To Now (a.k.a. “nothing’s different”)

You may be thinking: that’s interesting and all, but what does that have to do with my DNS network?

Well:  DNS hasn’t changed much in the last 4 decades. Of course, the explosive growth of the internet has changed the ways we map, scale and secure our networks. But the fundamental operating principles of DNS haven’t changed since its inception-- it’s still the switchboard of the internet. Instead of humans making a request through email, however, systems can call on DNS services, any time of day, to assign a multitude of IP addresses at a time.

The introduction of IPv6 (which has yet to be fully realized), and the dawn of cloud computing and IoT (Internet of Things) brought  significantly increased device requests and IP traffic.However, all that has not changed what DNS does; rather only how it does it.

We’ve Seen It Change and Stay the Same

DNS has changed very little; but the way we utilize it changed immensely. We've seen it: since the 1990’s, Men & Mice has serviced enterprise companies with DNS, DHCP and IPAM solutions.

We proactively evolve our overlay network management solutions to meet the needs of enterprise customers, and now high growth IoT companies as well. (Note: the two are not mutually exclusive.)

We are working with perhaps the most fundamental building (scaling) block of the internet. Our expertise is focused on the importance of adaptation. Network infrastructures have become hybrid, or have moved to the cloud completely. Multitudes of DNS services and environments have come to market introducing greater choices, but also complexities for network managers.

Men & Mice and the future of DNS

menandmice_unified_console_

Men & Mice has evolved its DNS, DHCP and IPAM solutions to cater to these changing environments. We adapted to become more flexible, so that the networks of our clients can migrate across network vendors easier. We created a  unified network management console to manage, in one place, all of the diverse platforms that make up a company’s network.

We’ve introduced new services such as xDNS in 2017 to help companies manage all external DNS. Likewise, we added deeper functionality with Microsoft Azure and Azure DNS for Microsoft customers with large domain portfolios.

We’ve streamlined our sales and customer journey processes, to reflect the same ease of use customers experience in our software solutions. Get a Live Demo directly from our website, for example.

We continue to offer some of the most sought-after training courses for companies and individuals who wish to learn or sharpen their understanding of DNS, enabling them to significantly increase expertise levels across their teams.

Meet our team

Join us in Berlin on May 15th, for a special event with the Embassy of Iceland in Germany. We will discuss the “State of Network Management” and the new challenges of DNS, DHCP and IPAM.

Or, meet us at Managed Service Hosting Summit, Cisco Live, Microsoft Inspire,VMWorld and Microsoft Ignite in the coming months.

Interesting fact: Bob Metcalfe, who invented the standard of the ethernet, predicted in 1995 that the internet would collapse in a year. He  also envisioned an end to wireless technologies, and that computers would stay wired.To his credit, he did — as per his promise — eat his words, literally, after none of those things happened.

menandmice_dns_CLUS_ linkedin

Topics: DNS, TechEd, DDI

Network Outages, Human Error and What You Can Do About It

Posted by Men & Mice on 12/18/17 7:14 PM

When your route leaks 

Human error. As far as mainstream reporting on network outages goes, it’s the less flamboyant sidekick to DDoS and other cyber attacks. But in terms of consequences, it’s just as effective.

Once again, beginning of November, large parts of the US found themselves unable to access the internet due to one small error: a misconfiguration at Level 3, an ISP (Internet Service Provider) that underpins other, bigger networks.

According to reports the outage was the result of what is known as a “route leak”. In short, a route leak occurs when internet traffic is routed into inefficient, or simply wrong, directions due to incorrect information provided by one, or multiple, Autonomous Systems (ASes). ASes are generally used by ISPs to keep track of IP addresses and their network locations. Packets of data are routed between ASes, which use the Border Gateway Patrol (BGP) to establish and communicate the most efficient routes so you can browse the whole internet, and not just the IP addresses on your particular ISPs network.

Route leaks can be malicious, in which case they’re referred to as “route hijacks” or “BGP hijacks”. But in this case, it seems the cause of the outage was nothing more spectacular than a simple employee blunder, when (as speculation goes) a Level 3/Century Link engineer made a policy change which was, in error, implemented to a single router while trying to configure an individual customer BGP. This particular incident constitutes what the IETF defines as a Type 6 route leak,  generally occurring when “an offending AS simply leaks its internal prefixes to one or more of its transit-provider ASes and/or ISP peers.”

Route leaks, small and large, are regular occurrences – it’s part and parcel of the internet’s dependency on the basic BGP routing protocol, which is known to be insecure. Other recent high impact route leaks include the so-called Google/Hathway leak in March 2015 and a misconfiguration at Telekom Malaysia in June 2015 which had a debilitating roll-on effect around the world.

To minimize the possibility of route leaks, ISPs use route filters that are supposed to catch any problems with the IP routes that peers and customers intend to use for the sending and receiving of packets of data.

Other ways of combating route leaks include origin validation, NTT’s peer locking and commercial solutions. Additionally, the IETF is in the process of drafting proposals on route leaks.

Factoring in the human element

Tools and solutions aside, Level 3’s unfortunate misconfiguration once again highlights the fact that, despite keeping a low profile in the news, human error still rules when it comes to causing common network outages.

In an industry focused on how to design, build and maintain machines and systems that enable interconnected entities to send and receive millions of packets of data efficiently every second of every day, it’s maybe not all that odd that the humans behind all of this activity become of secondary importance. Though, as technology advances and systems become more automated, small human errors such as misconfiguring a server prefix are likely to have ever larger knock-on effects. At increasing rates, such incidents will roll out like digital tsunamis across oceans, instead of only flooding a couple of small, inflatable IP pools in your backyard.

Boost IT best practices - focus on humans

So outside of general IT best practices, what can you do to help the humans on your team to avoid human error?

Just as with any network, human interaction is based on established relationships. And just as in any network, a weak link, or a breakdown in the lines of communication, can lead to an outage. Humans who have to operate in an atmosphere of unclear instructions, tasks, responsibilities and communication, can become ineffective and anxious. This eats away at employee morale and workflow efficiency and lays the groundwork for institutional inertia and the stalling of progress. At other times, a lack of defined task-setting and clear boundaries may resort to employees showing initiative in the wrong places and at the wrong times.

To limit outages due to human error, just distributing a general set of best practices or relying on informally communicated guidelines amongst staff are simply not enough. While networking best practices always apply, the following four steps can be very effective in establishing the kind of human relationships needed to strengthen your network and optimize network availability.

 

Define DDI-1.png

1. Define

Draw up, and keep updated, a diagram not only of your network architecture (you do have one, don’t you?), but also make sure you have a workflow diagram for your teams: who is tasked with which responsibility and where does their action fit into the overall process? What are the expected outcomes? And what alternative plans and processes are in place if something goes awry? Most importantly, match tasks and responsibilities with well-defined role-based access management.

2. Communicate

Does everyone on your team, and collaborating teams, know who is responsible for what, when and where, and how the processes flow? Is this information centrally accessible and kept up to date? Clarity, structure and effective communication empower your team members to accept responsibility and show initiative within bounds.

3. Train

Does everyone on your team know what’s expected of them, and did they receive appropriate training to complete their assignments properly and responsibly? Do they have the appropriate resources available to do what they need to do efficiently? Without training and tools in place, unintentional accidents are simply so much more likely to occur.

4. Refresh

Don’t wait until team members run into trouble or run out of steam. Check in with each other regularly, and encourage a culture of knowledge sharing where individuals with different skill sets can have ample opportunity to develop new skills and understanding.

Refresh DDI.png

Finally

The saying goes, a chain is only as strong as its weakest link. The same goes for networks.

At a time in history when we have more technological checks and balances available than ever before, it turns out the weakest networking link is, too often, a human. While we’re running systems for humans by humans, we may as well put in the extra effort to help humans do what they do, better. Our networking systems will be so much stronger for it.

 

New Call-to-action

 

Topics: DDI, DDoS, network outages, IT best practices, IP address management

Men & Mice Suite Version 8.1 – Loving you long time

Posted by Men & Mice on 1/24/17 10:10 AM

It’s January, so it must be time for the annual Men & Mice Suite LTS release, aka long term support release.

A version upgrade of the Men & Mice Suite is scheduled for release three times a year. The versions are differentiated as Long Term Support (LTS) releases, and feature releases.

The first release in January of every year is an LTS release. By LTS we mean this version will be supported for two years after its initial release date. The two feature releases have a shorter LTS.pngsupport cycle.

While the primary focus of the feature releases is to introduce new functionality and features, the primary focus of the LTS releases is to fine-tune and improve newly introduced features, as well as to improve the stability and performance of the Men & Mice Suite in general. We like to see our annual LTS release as the prime example of our commitment to quality, superior functionality and keeping our solution as fast, simple and stable as our customers have become accustomed to.

To have a peek at what good features found their way into the Suite in 2016 and are fine-tuned in Version 8.1, check out details on our Windows Server 2016 support, REST API and VMware plug-in here. If you want to sink your teeth into the REST API, read our detailed article on the subject. And if you’re curious about support for ISC Kea DHCP and Windows Server 2016 Response Rate Limiting, look no further than here.

Finally, read more on how Men & Mice also made inroads into the cloud in 2016 with support for Azure DNS, developed in close cooperation with the Microsoft Azure Team.

One brand new tidbit added to 8.1. is a beautiful new look to the console. A new, fresher font and some easy-to-follow icons are sure to make the superior Men & Mice Suite ergonomic experience all that much more visually pleasing. Enjoy!

All further information on Men & Mice Suite Version 8.1 is obtainable from the Documentation Release Notes.

New Call-to-action


If you’d like to meet up with Men & Mice in person, please come and visit us at Booth E54 at Cisco Live Berlin at the end of February.

If you can’t make it to Berlin, let Men & Mice come to you - sign up for the Bind 9 Logging Best Practices webinar on February 2nd!

Happy January all the way from a not-so-chilly Iceland,

The Men & Mice Team

 

Topics: DDI, Men & Mice Suite

Men & Mice Suite Version 7.3 – Plugging into VMware while having a REST

Posted by Men & Mice on 11/10/16 9:12 AM

Men & Mice Suite Version 7.3 has arrived - and not a minute too soon! Yet considering that it’s jam-packed with goodies such as a brand-new REST API, VMware vRealize Orchestrator plug-in and further support for Windows Server 2016, it was definitely worth the wait.

Let’s take a quick peek at what Version 7.3 has in store for our customers.

Taking a break with the REST API

API.png

API. In the world of the Internet, it means Application Programming Interface. In the world of the Icelandic language (where Men & Mice has its roots) it means … monkey. Literally. And maybe just as well – a good API, with or without hair, really does seem to make life so much better.

Monkey business or no monkey business, the Men & Mice REST API is sure to offer customers a very welcome extra set of hands - and feet, so to speak – with which to create workflows and write handy scripts for the import and export of data, amongst other things.

Used by browsers, REST (Representational State Transfer) is often considered to be the language of the internet. By using HTTP requests to GET, POST, PUT and DELETE data, REST paves the way for two computers to communicate over the internet by one acting as a web server and the other as a web browser. Making use of a stateless protocol, RESTful services exhibit particularly fast performance, reliability and scalability.

The Men & Mice REST API includes all the functionality of the existing Men & Mice SOAP API and JSON-RPC, but delivers the added advantages of ease of use, combined with a rich set of tools and support libraries. Additionally REST, as a resource-based instead of a standards-based API, means users gain considerably greater operational flexibility.

More information on how to get the most out of REST can be found in the Men & Mice REST API article.

Plugging in where it matters – VMware vRealize Orchestrator Plug-In

Men & Mice takes a further step towards simplifying virtualization by introducing the VMware vRealize Orchestrator plug-in. Designed to integrate seamlessly within the VMware Orchestrator framework, the Men & Mice Suite VMware plug-in allows for fast and efficient provisioning of virtual machines.

 

vmware_plugin.png

 

When a Men & Mice Suite user puts in a request for a new virtual machine (VM), the vRealize Orchestrator receives the next available IP address from the requested subnet, together with other essential configuration information. vCenter creates the VM and communicates the changes back to the Men & Mice Suite, which then updates DNS infrastructure accordingly. Additionally:

  • the Men & Mice Suite’s custom properties allow further customization of the VM’s visibility and status.
  • VM information retained in the Men & Mice Suite enables VM tracking, synchronization and updates, including the release of IP addresses after a virtual server is taken down.
  • the Men & Mice Suite talks to DNS servers and registers DNS entries and other changes, such as updates to DNS policies, thereby consolidating DNS data required by the vRealize Orchestrator.

By plugging into the vRealize Orchestrator, the Men & Mice Suite enables integrated functionality that not only saves time, but also strengthens security, eliminates errors of configuration and ensures improved and continuously synchronized network manageability.

Windows Server 2016 Support Released in Tandem with General Availability

Men & Mice Suite support for primary Windows Server 2016 DNS and DHCP features was already included in Version 7.2, released in May 2016. A stand-out feature was support for Response Rate Limiting, which significantly reduces the impact of a Denial of Service (DoS) attack on servers.

With Windows Server 2016 achieving General Availability in September 2016, Men & Mice expands its support for the following additional Windows Server 2016 features:

DNS policies

DNS policies grant a user control over how queries are handled based on specific criteria. These criteria can, for example, be used in the following scenarios:

  • High availability of DNS services
  • Traffic management
  • Split brain DNS 
  • Filtering
  • Forensics
  • Redirection based on date/time

Specific types of policies are:

  • Zone transfer policies
    Essentially used to define how zone transfers take place, zone transfer policies control zone transfer permission on the server level or the zone level. 
  • Recursion policies
    Control how the DNS server performs recursion for a query. 
  • DNS query resolution policies
    Used to specify how incoming DNS queries are handled by the DNS server. 

IPv6 root hints

The IPv6 root servers can now be used for performing name resolution. 

DANE TLSA records

DANE, or DNS-based Authentication of Named Entities, allows a domain owner to specify in a particular DNS record which certificates authorities are allowed to issue for the domain.

The Men & Mice Suite Release Notes provide more detail on other minor improvements and fixes that form part of the Version 7.3 Release.

That wraps it up for a quick round-up of all things new and shiny that the Men & Mice Suite Version 7.3 has to offer. If you’d like to jump right in and try out these new features, treat yourself to a Version 7.3 free trial. 

Men & Mice Suite trial

 

Coming up in December is the last in our 2016 series of webinars, this time focusing on DNS high availability tools. Don’t forget to sign up!

 

Topics: DDI, Men & Mice Suite, API, VMware

Winter is coming ... time to Go & go DDI

Posted by Men & Mice on 9/12/16 10:56 AM

OK, that may be jumping the gun - it’s only September, some might say. But seriously, this is Iceland. Once the darkness sets in early enough to put on a dazzling display of Northern Lights, as it has done the last few nights, we know it’s game over for summer.go.jpg

But perhaps the peace that comes with a blanket of darkness and the silence of snow is not a bad thing. We at Men & Mice need the time to turn inwards after being out and about all summer doing tradeshows, webinars and, outside of catching the midnight sun, indulging in a strong dose of R&D (as always).

So what have we been up to this summer?

A number of industry trade shows saw Men & Mice on-site, spinning up demos on great demand and dishing out opportunities to win a free trip to Iceland. If you happened to miss us in Las Vegas or New York, don’t forget to drop by to meet with us at booth #1960 at Microsoft Ignite in Atlanta end of September!

Speaking of which. Microsoft is planning the official release of its Windows Server 2016 for Microsoft Ignite. As it happens, Carsten Strotmann from Men & Mice Professional services presented a webinar on Windows Server 2016 (based on Technical Preview 5) in May. For those who’d like to dig a little deeper into what’s on offer in Windows Server 2016, the webinar covers things such as DNS policies, application load-distribution with DNS, IPv6 root-hints, and possibly one of the most exciting features of the new Windows Server 2016, Response Rate Limiting. Carsten’s webinar recording and slides are available on our website.

Outside of dabbling in Windows Server 2016 features, Carsten spent some time in June to roll out a deeper understanding of experiments at the root of DNS in the form of a webinar on the Yeti-DNS project. Yeti-DNS is an international research project with the purpose of testing new technologies and procedures in running the Internet root zone. The Yeti-DNS webinar also includes an interview with Shane Kerr, a coordinator for the Yeti-DNS project, in which he divulges all kinds of fascinating information straight from the horse’s mouth, so to speak.

Two more webinars followed in August, this time focused on new features in the popular BIND Version 9.11 DNS server, as well as best practices for a secure BIND 9. For people curious about catalog zones, new *rndc* functions, “chroot” vs “container” or BIND 9 configuration hardening, don’t miss the opportunity to check out these webinars at your earliest convenience.

Though the Men & Mice R&D crew spent a large part of the summer working hard on, amongst other things, new features for Men & Mice Suite Version 7.3 that is scheduled for release this fall, one of our programmers dashed off to go and, well Go, in Russia. For those who don’t know, ‘Go’ is the ancient Chinese board game which has more recently posed a seemingly insurmountable challenge in the field of artificial intelligence: building a computer that can beat a human at Go. Whereas the renowned chess Grandmaster Gary Kasparov already suffered defeat at the ‘hands’ of the IBM supercomputer Deep Blue in 1997, no computer could manage to beat a human at Go. That is, until March this year, when Google DeepMind’s AlphaGo computer defeated the best Go player in the world over the last decade, Lee Sedol. 

Interestingly, just as with any human, AlphaGo has had to spend years learning, training and playing literally millions of matches to emerge the victor at this level of Go. To some, AlphaGo’s victory signifies a watershed moment in the supposed battle of man versus machine. This, they believe, will inevitably lead man to a dark, dystopian future. To others, the match paves the way to greater understanding of the infinity of potential contained in a future forged by the power of teaming man and machine, instead of thinking of it as a death race of one against the other.

Either way, AlphaGo or no-go, humans still very avidly compete amongst each other in Go (as they do, for that matter, in chess). To this end, our very own Hallbjörn Guðmundsson, managed no small feat by finishing 87th out of 601 participants during the European Go Championships held recently in St Petersburg. Way to Go, Hallbjörn!

So what next is in stall here at Men & Mice? Webinars, trade shows, the release of Men & Mice Suite Version 7.3 and perhaps a volcanic eruption courtesy of Iceland’s biggest volcano, Katla (this webcam allows you to keep an eye on her). Katla, being a force of nature and all, isn’t really under our control, but everything that is under our control at Men & Mice is taking place with a brand new CEO at the helm. Magnús E. Björnsson, formerly Senior Director of Engineering at Oracle, brings fresh blood and fresh perspectives into the Men & Mice stable. We bid him a happy welcome - and welcome back to Iceland!

Wishing all of you a happy shoulder season (a.k.a. fall/autumn)!

The Men & Mice Team

 

Topics: DDI, Webinars

Do great network teams need great DDI solutions?

Posted by Men & Mice on 7/22/16 8:59 AM

Did you have a look in the mirror this morning? Hair, face, teeth, lips, cheeks, clothes and other observable bits of body. Everything in the right place, relatively clean and looking as it should?

Regardless of what we see (or want to see), most of us spend quite a bit of time checking our appearance in a mirror. Few of us, however, get to shine a daily mirror on the parts of the body we don’t see. Our brains, hearts, lungs, intestines, bones, kidneys, veins and all those other critical bits and pieces remain largely unobserved under the human camouflage of skin and hair. Yet, much more than the appeal (or not) of our outer appearances, it is our insides that determine how well our bodies really function.

In many ways, networks and network activity are just like the inner workings of the human body: unseen and, unless something goes wrong, most often unnoticed. Billions of people use computer networks and the legion of devices connected to it in the same way we use our bodies. Few have any awareness of what’s inside or how it all functions. Fewer still consider the three critical components underlying network connectivity - the triad of DNS, DHCP and IP Address Management (DDI).

Just like doctors of internal medicine manage the unseen, but crucial, inner health of our bodies, network teams manage this unseen, but crucial, inner DDI health of a successful modern organization’s network. As a result, smart investments in a great network team can play a decisive role in business success.

But what does a great network team need to run a great network? In this new white paper, DDI specialists Men & Mice delve into how a comprehensive DNS, DHCP and IP Address Management solution can boost a network team’s productivity, performance and general well-being, thereby greatly enhancing network security and elevating business efficiency.

Topics explored include;

  • network administrators' DDI pain points
  • DDI solutions and network security
  • DDI solutions and network efficiency
  • DDI solutions and DDI teams
  • how to choose a DDI solution
  • the ups and downs of DDI

To find out whether great network teams need great DDI solutions, download your free copy of this Men & Mice white paper today.

DOWNLOAD_DDI.png 

Topics: DDI, IPAM

Men & Mice Suite Version 7.2 Released

Posted by Men & Mice on 5/19/16 10:38 AM

Flying High with Kea DHCP and Windows RRL

Men & Mice celebrates the arrival of the long, arctic summer nights with the release of Version 7.2 of the Men & Mice Suite.

This blog post offers a quick round-up of what’s new in Version 7.2.

Versatile simplicity, as always, forms our bottom line. Version 7.2 is no exception. This time around, support for the new ISC Kea DHCP server and a dedicated UI for Windows 2016 Response Rate Limiting (RRL) should warm the hearts of network administrators far and wide. At least, that’s what it’s been doing for us here in the North!

Let’s run through what major highlights Version 7.2 contains.

Taking flight with the new ISC Kea DHCP server

Men & Mice introduces support for the brand new ISC Kea DHCP server, the natural successor to the ISC DHCP server.

Like its namesake, the uniquely strong and intelligent New Zealand kea parrot, the brand new ISC Kea DHCP server is a powerful beast that reaches more than 1000 leases/second, allowing for clean and fast implementation of both DHCPv4 and DHCPv6.

Kea DHCP also boasts PXE Boot Support, DHCPv6 prefix delegation, dynamic reconfiguration and dynamic DNS updates.

As with other servers supported by the Men & Mice Suite, the Kea DHCP server functionality is fully controlled through the Men & Mice Management Console. This includes the effortless migration of IP subnets (scopes), including options, from ISC DHCP to Kea DHCP.

In the spirit of open source, Kea DHCP is released under the widely used Mozilla Public License 2.0, paving the way for collaborative improvements to the source code for many years to come. 

A taste of the Kea DHCP and how it integrates with the Men & Mice Suite, can be enjoyed in this recent webinar presented by Mr Carsten Strotmann.

For those interested in plunging into the Kea DHCP full force, Men & Mice, in cooperation with ISC, is offering intensive two-day hands-on training courses in Europe and the USA in the fall of 2016. The courses are aimed at small groups, so don’t forget to sign up in time! 


Scaling up with Windows Server 2016 support

The Men & Mice Suite’s architecture as an overlay solution exhibits a singular synergy with Windows Servers, making it the logical solution for any Microsoft-based network. Consequently, the Men & Mice Team is developing and releasing support for specific new Windows 2016 features as and when they are made available by Microsoft.

From Version 7.2, the Men & Mice Suite supports all of the primary Windows DNS and DHCP Server 2016 features.

Support for other new Microsoft Server 2016 features, such as DNS Zone Scopes and DNS policies, is scheduled for the Men & Mice Suite Version 7.3 release later this year.


Reinforcing DNS Security with Windows 2016 RRL

Security only works if you work it, and the more tools you have to work your security, the better. Adding to your menu of security options, the Men & Mice Suite Version 7.2 introduces a dedicated UI for the Windows 2016 Response Rate Limiting (RRL) feature.

Response Rate Limiting can make all the difference in the event of a Denial of Service (DoS) attack on DNS servers. During a DoS attack, the IP number of a victim computer is used to send high volumes of forged DNS queries to multiple DNS servers. DNS servers tricked into sending replies to these queries can push the number of DNS requests and replies over a manageable threshold and disable targeted networks. Restricting DNS servers’ response rate with Response Rate Limiting helps to control a suspicious volume of malicious enquiries and minimize the impact on the affected servers.

Microsoft sheds more light on Response Rate Limiting and how it works on their TechNet blog.

RRL.png


Men & Mice Suite Console Enhanced

Spring cleaning at the Men & Mice headquarters has resulted in a Management Console with a cleaner, and ultimately more manageable, look. From Version 7.2, windows in the Management Console are dockable, making it both simpler to manage and easier to navigate for the user.

MC.png

 

The Men & Mice Suite Release Notes provide more detail on other minor improvements and fixes that form part of the Version 7.2 Release.

That wraps it up for a quick round-up of what Men & Mice Suite Version 7.2 has to offer. In the next months, Men & Mice will publish further blogs and webinars on installing and managing Kea DHCP, Windows 2016, Docker containers and Yeti. Watch this space! Or better yet, just watch Men & Mice.

Free Trial of Suite

 

Topics: Men & Mice Suite, DDI, IPAM

Why follow Men & Mice?

The Men & Mice blog publishes educational, informational, as well as product-related material for everyone and anyone interested in IP Address Management, DNS, DHCP, IPv6, DNSSEC and more.

Subscribe to Email Updates

Recent Posts