The Men & Mice Blog

Men & Mice Suite 9.1: cloud-ready network management for DNS, DHCP and IPAM

Posted by Men & Mice on 7/11/18 7:47 AM

Changing the way the world sees LI

Our commitment to efficient network management has a new number! The Men & Mice Suite 9.1 is a feature release with a host of cloud-ready enhancements plus the usual suspects (bug fixes and improvements).  

Network Management just got easier

Transparency, responsiveness, and ease-of-use are all core principles of Men & Mice for keeping networks healthy and safe from DDoS attacks and other DNS network failures.

The 9.1 release continues our mission to simplify network management without sacrificing features. Included in Men & Mice Suite v9.1:

  • A new web-based Men & Mice Suite management application
  • Optimized and enhanced cloud support
  • Improved xDNS Redundancy read-only zones for hybrid and multi-cloud networks
  • DNS software on appliances upgraded to BIND 9.11 with DNSTAP support
  • NTP functionality for virtual appliances
  • Various improvements and bug fixes

5 Things You’ll Love About Men & Mice Suite v9.1

Men & Mice Suite v9.1 focuses on features and refinements gleaned from customer feedback and engagement as well as refinements of previously introduced functionality. Here's what you will find in the new release: 

Web-based management application

The new web-based management application serves as an alternative to the Men & Mice Suite Windows-based management console. It’s designed to make performing day-to-day tasks, management functions and generating reports related to DNS and DHCP operations easier. The application features three sections: DNS, Networks and Reporting.

  • The DNS section makes all your DNS zones accessible from a single place.
  • The Networks section gives you instant access and overview of your networks.
  • Reporting lets you quickly find and run existing reports.

men_and_mice_quick_command-1

Its Quick Command functionality cuts down time on common tasks such as finding and working with DNS zones or records, IP address ranges, DHCP scopes and IP addresses.

Read-only zones in xDNS Redundancy groups

xDNS Redundancy, which can be used to synchronize DNS zones hosted with multiple cloud providers, now includes support for Active Directory-hosted zones. Zones in a redundancy group can be assigned to read-only mode, so that changes made to a DNS zone outside of the Men & Mice Suite will not be replicated to all other zone instances.

Optimized and enhanced Cloud support


Version 9.1 streamlines the migration and management of a large number of DNS zones with Azure DNS and Amazon Route 53 by utilizing cloud-native features to monitor changes to DNS made outside of the Men & Mice Suite, greatly improving synchronization of DNS data from the cloud providers.

Men & Mice virtual appliances upgraded to BIND 9.11 with 

DNSTAP support

DNS software on Men & Mice virtual appliances has been upgraded to BIND 9.11, which supports various new features as well as DNSTAP. Details on DNS queries received and DNS replies sent by the Men & Mice virtual appliances can now be logged for further processing by enabling and utilizing the powerful DNSTAP feature with minimal performance impact on the appliances.

NTP functionality for virtual appliances

The virtual appliances can also now function as NTP (Network Time Protocol) servers and be served by the same network infrastructure as DNS and DHCP.  Currently this functionality is manual and can be implemented per request with our support team. 

Nearly 30 years of DNS experience in one solution

The Men & Mice Suite v9.1 represents our commitment to enabling customers to adapt their infrastructure to be more software-enabled, cloud-ready and redundant, with increased visibility, control, security and automation.” --Magnús Björnsson, CEO of Men & Mice.

Complex enterprise network infrastructure can — and should — have the same elegant simplicity and responsiveness as IT professionals expect from customer-grade solutions. In the new release, Men & Mice has combined its nearly 30 years of expertise in developing DNS, DHCP and IPAM solutions with modern UX best practices to deliver a compelling, enjoyable management interface on top of a best-in-class, robust software-based DDI product.  

 If you want to try Men & Mice Suite v9.1 for free just click the button below. 

DNS, DHCP & IPAM Software Trial

Not ready? Read more about the Men & Mice Suite, or get an online demo.

DNS, DHCP and IPAM Demo

Topics: IPAM, DNS, DHCP, Redundant DNS, DDoS, IP address management, hybrid cloud, hybrid network, "cloud dns"

Network Outages, Human Error and What You Can Do About It

Posted by Men & Mice on 12/18/17 7:14 PM

When your route leaks 

Human error. As far as mainstream reporting on network outages goes, it’s the less flamboyant sidekick to DDoS and other cyber attacks. But in terms of consequences, it’s just as effective.

Once again, beginning of November, large parts of the US found themselves unable to access the internet due to one small error: a misconfiguration at Level 3, an ISP (Internet Service Provider) that underpins other, bigger networks.

According to reports the outage was the result of what is known as a “route leak”. In short, a route leak occurs when internet traffic is routed into inefficient, or simply wrong, directions due to incorrect information provided by one, or multiple, Autonomous Systems (ASes). ASes are generally used by ISPs to keep track of IP addresses and their network locations. Packets of data are routed between ASes, which use the Border Gateway Patrol (BGP) to establish and communicate the most efficient routes so you can browse the whole internet, and not just the IP addresses on your particular ISPs network.

Route leaks can be malicious, in which case they’re referred to as “route hijacks” or “BGP hijacks”. But in this case, it seems the cause of the outage was nothing more spectacular than a simple employee blunder, when (as speculation goes) a Level 3/Century Link engineer made a policy change which was, in error, implemented to a single router while trying to configure an individual customer BGP. This particular incident constitutes what the IETF defines as a Type 6 route leak,  generally occurring when “an offending AS simply leaks its internal prefixes to one or more of its transit-provider ASes and/or ISP peers.”

Route leaks, small and large, are regular occurrences – it’s part and parcel of the internet’s dependency on the basic BGP routing protocol, which is known to be insecure. Other recent high impact route leaks include the so-called Google/Hathway leak in March 2015 and a misconfiguration at Telekom Malaysia in June 2015 which had a debilitating roll-on effect around the world.

To minimize the possibility of route leaks, ISPs use route filters that are supposed to catch any problems with the IP routes that peers and customers intend to use for the sending and receiving of packets of data.

Other ways of combating route leaks include origin validation, NTT’s peer locking and commercial solutions. Additionally, the IETF is in the process of drafting proposals on route leaks.

Factoring in the human element

Tools and solutions aside, Level 3’s unfortunate misconfiguration once again highlights the fact that, despite keeping a low profile in the news, human error still rules when it comes to causing common network outages.

In an industry focused on how to design, build and maintain machines and systems that enable interconnected entities to send and receive millions of packets of data efficiently every second of every day, it’s maybe not all that odd that the humans behind all of this activity become of secondary importance. Though, as technology advances and systems become more automated, small human errors such as misconfiguring a server prefix are likely to have ever larger knock-on effects. At increasing rates, such incidents will roll out like digital tsunamis across oceans, instead of only flooding a couple of small, inflatable IP pools in your backyard.

Boost IT best practices - focus on humans

So outside of general IT best practices, what can you do to help the humans on your team to avoid human error?

Just as with any network, human interaction is based on established relationships. And just as in any network, a weak link, or a breakdown in the lines of communication, can lead to an outage. Humans who have to operate in an atmosphere of unclear instructions, tasks, responsibilities and communication, can become ineffective and anxious. This eats away at employee morale and workflow efficiency and lays the groundwork for institutional inertia and the stalling of progress. At other times, a lack of defined task-setting and clear boundaries may resort to employees showing initiative in the wrong places and at the wrong times.

To limit outages due to human error, just distributing a general set of best practices or relying on informally communicated guidelines amongst staff are simply not enough. While networking best practices always apply, the following four steps can be very effective in establishing the kind of human relationships needed to strengthen your network and optimize network availability.

 

Define DDI-1.png

1. Define

Draw up, and keep updated, a diagram not only of your network architecture (you do have one, don’t you?), but also make sure you have a workflow diagram for your teams: who is tasked with which responsibility and where does their action fit into the overall process? What are the expected outcomes? And what alternative plans and processes are in place if something goes awry? Most importantly, match tasks and responsibilities with well-defined role-based access management.

2. Communicate

Does everyone on your team, and collaborating teams, know who is responsible for what, when and where, and how the processes flow? Is this information centrally accessible and kept up to date? Clarity, structure and effective communication empower your team members to accept responsibility and show initiative within bounds.

3. Train

Does everyone on your team know what’s expected of them, and did they receive appropriate training to complete their assignments properly and responsibly? Do they have the appropriate resources available to do what they need to do efficiently? Without training and tools in place, unintentional accidents are simply so much more likely to occur.

4. Refresh

Don’t wait until team members run into trouble or run out of steam. Check in with each other regularly, and encourage a culture of knowledge sharing where individuals with different skill sets can have ample opportunity to develop new skills and understanding.

Refresh DDI.png

Finally

The saying goes, a chain is only as strong as its weakest link. The same goes for networks.

At a time in history when we have more technological checks and balances available than ever before, it turns out the weakest networking link is, too often, a human. While we’re running systems for humans by humans, we may as well put in the extra effort to help humans do what they do, better. Our networking systems will be so much stronger for it.

 

New Call-to-action

 

Topics: DDI, DDoS, network outages, IT best practices, IP address management