The Men & Mice Blog

5 steps to sensible IPAM for multi-faceted networks

Posted by Greg Fazekas on 10/15/18 6:57 AM

Let's say your business has just gone through a merger or acquisition. The network environments and resources are incompatible-- each using different vendors to operate and manage various segments of your network. You want to consolidate these network resources for better control, security, and efficiency. How do you go about it? Creating a project plan is a good start, until it gets out of hand and vendor lock-ins create impossible, costly hurdles. 

You need solutions that support your plan.

Men & Mice Suite DNS DHCP IPAM

Here are our five basic steps to successfully taking control of your scattered network assets. We'll cover each step in greater detail in later posts.  Think of this as a 'big picture' blueprint.

1. Addressing IP overlaps and DNS conflicts

The number one obstacle to control is resolving conflicts, at the IP address, DHCP and DNS levels. It's true, whether you're trying to integrate new network groups after a successful merger or acquisition, or simply need to get a better handle on the ones resulting from various segmented projects across your business.

Look for a solution that gives you a complete overview of every asset you have, and a convenient - even automated - way to resolve conflicts. An overlay, a solution that lives on top of your IP infrastructure and analyzes data from across network components, can help ensure that new IP address assignments, DNS zones, and DHCP scopes are not created without cross-checking for conflicts throughout the entire network.

2. Scaling existing configurations

Then there's the issue of 'if it ain't broke, don't fix it'. Many neglect to upgrade software services in fear that it will cause unforeseen conflicts that could potentially render a network inoperable. Plus, any organization that's been around for a while generally has its workflows and configurations worked out. It makes no sense to start from scratch or risk misconfigurations, unless you have no other option, right?

A proper DNS, DHCP, and IPAM suite should be able to unobtrusively pull data from your existing configurations, without further complicating the network. Even better,  if it can replicate at scale to suit your expanding needs, particularly into cloud. Look for API-first solutions that demonstrate compatibility with best-in-class providers. 

3. Taking advantage of the cloud

Speaking of expanding needs: cloud platforms offer many advantages to businesses experiencing network strain as a result of business growth and the digitization of every aspect of life and commerce. Little to no up-front costs, metered billing, and flexibility to scale up or down as needed makes cloud services attractive. They also introduce new problems, chief of which is additional network complexity and vendor 'lock-in'.

To avoid lock-in, increase scalability and portability, find a backend-agnostic solution that reduces the need for non-scalable, home-grown software and frees up valuable engineering and operational resources to focus on growth. Data and network assignments from core network components should work and synchronize across multiple platforms to adapt to changing needs.

Further, a solution that capitalizes on its compatibility with cloud-native functionality in cloud services like AWS and Azure, rather than retro-fitting its own solutions into cloud environments, is more apt to mitigate additional complexities down the line. It also give network administrators the ability to migrate between services as needed.    

4. Simplifying the day-to-day

Simplicity also boosts operational efficiency. Automating mundane network functions and unifying all on-prem and cloud DNS, DHCP and IPAM into a single-pane-of-glass console reduces network complexities.

A lightweight, agile management software should complement your desire to easily see and control everything across your network while enabling you to simplify everyday actions, scale and replicate as well as control delegation responsibilities to those in the field.

5. Securing the networks

Delegation can become one of the largest pain points when proactively defending against security issues, however. Increasing access can create more attack vectors. This combined with the utilization of multiple vendors across network functions, creates opportunities for misconfigurations and vulnerabilities. The balance between implementing conveniences and ensuring network security can often be tricky. 

Choosing a solution that enables granular, role-based access and complete operational transparency is not only useful but critical. Find a solution that allows you to retain access controls from various network components and delegate only a well-defined set of permissions to individuals or groups across network resources, whose actions are then logged through a unified audit trail.  

Keeping an eye on your bottom line

Consolidating and upgrading your core network components doesn't have to be riddled with runaway costs and operational headaches. Just like your network itself, your network management toolset needs to work for you. Both operationally and financially you need something as complex as it absolutely has to be.

Men & Mice Suite is a robust, agnostic, overlay software solution for DNS, DHCP and IP address management that includes a powerful unified console for consolidating control and visibility over hybrid and multi-cloud networks. 

Trusted for decades by the architects and managers overseeing some of the world’s largest network infrastructures, Men & Mice Suite offers simplified integration, advanced control, and improved security.

DNS, DHCP & IPAM Software Trial

Topics: multi-cloud, "cloud dns", CLOUD, networking best practices

Men & Mice at VMworld 2018 Las Vegas Part 2: Network and Security

Posted by Greg Fazekas on 8/14/18 12:47 PM

DNS_DHCP_IPAM_vmworld2018

As we mentioned in Part 1 of our 2-part VMWorld series, we’re returning to VMWorld in Las Vegas, August 26-30, (Booth #2124) and focusing on two main tracks from the agenda: Data Center and Cloud and Networking and Security. Our first post, discussed the advantages of our newly released Men & Mice Suite v9.1. Here we’ll discuss its networking & security advantages.

We already discussed how The Men & Mice Suite v9.1 supports Unix/Linux, Windows, and Cisco IOS and stretches into the cloud with functionality across Azure DNS, Amazon Route 53, Dyn, NS1 and Akamai Fast DNS, as well as IPAM in AWS, Azure and OpenStack.  Further, it can be dropped on top of an organization’s existing infrastructure to manage, sync and automate network changes, authorizations and provide comprehensive insight into large-scale networks through one unified dashboard.

NETWORKING AND SECURITYmen-mice-visibility-network

Organizations with well-considered DNS, DHCP and IP address management (DDI) strategy in place, are less vulnerable. Access to systems is binary; either you have access or you don't. Proper DDI management can help prevent vulnerabilities because critical resources are better protected through fine-grained access control, for both authorizing individuals and authorizing systems, which DDI offers. But DDI services vary in their offerings.

Deployed in a high-availability configuration as a management and automation layer on top of some of the world’s largest networks, the Men & Mice Suite supports thousands of concurrent users and API connections, with millions of managed IPs and DNS records, for automation and provisioning.  DNS updates and IP address allocation through workflow from provisioning systems is accomplished in milliseconds.

men-mice-network-securityThe Men & Mice Suite’s fine-grained access controls, ability to filter and record through its audit trails the network changes made across various on-prem and cloud services in a network, and reliable, compatible APIs, give organizations a strategic advantage to mitigate network vulnerabilities, limiting the impact of human error and attack probes, who otherwise would be more likely to go unnoticed.

xDNS redundancy is a focal point for our newest, 9.1 release. It’s designed to mitigate exposure to DDoS, ransomware, and other attacks; while keeping the transparency that plays a great role in security itself. We’ve also added a ‘read-only’ option within xDNS redundancy groups in Men & Mice Suite v9.1. With it, network managers can protect their configurations from spreading an otherwise isolated problem to the entire network. Together with the support of Active Directory zones in xDNS groups, organizations can easily bring their on-prem DNS configurations to a cloud environment and vice versa, proactively minimizing common network availability issues.

Enterprise organizations require exemplary network functionality and security. Much of that security comes from fine-grained control and visibility, especially when the sprawl of IT resources scale up. Recently, John P. Mello Jr. reported on the inherent, large-scale threats faced by critical infrastructure and enterprise organizations. The TechNewsWorld article, interviewed several security and network management companies, including Men & Mice, to learn various ways to protect against such threats. 

Can’t make it? No worries!

You can book an appointment to meet our team onsite at VMWorld (Booth #2124).

Or, if you’re missing the event, book a walk-thru any time by clicking the button below.

We’re always happy showcase the benefits of deploying our best-in-class overlay management solution on top of your network.

Book appointment

DNS, DHCP & IPAM Software Trial

Topics: vmworld, hybrid cloud, hybrid network, networking best practices, High availability, Redundant DNS, Men & Mice, DDI, network security, "cloud dns", Cisco IOS, Azure DNS, Amazon Route 53, Dyn, NS1, Akamai Fast DNS, azure, aws

Men & Mice at VMworld 2018, Las Vegas Part 1: DATA CENTER AND CLOUD

Posted by Greg Fazekas on 7/30/18 6:30 AM

men_mice_dns_vmworld2018

We’re returning to VMworld in Las Vegas, August 26-30 (Booth #2124, come say hi!) — and excited to not only see how our industry is evolving to virtualization and automation, but to also contribute our two cents to the dialog (Or 9.1 cents, as it were).

Since the newly released Men & Mice Suite v9.1 offers highly scalable and efficient APIs that act as an abstraction layer to manage an organization’s whole DNS, DHCP and IP address infrastructure, across multiple vendors and cloud platforms, we’re focusing on two main tracks from the VMWorld agenda: Data Center and Cloud and Networking and Security, the first of which we’ll discuss in this post (the latter will appear in the next post).

DATA CENTER AND CLOUD

VMworld’s focus on integrated IT strategy plays nicely with the Men & Mice Suite v9.1 release (and our larger objectives as well).

Men & Mice has been providing compatibility with VMware’s vRealize Orchestrator and vRealize Automation for years now. As the industry turns toward virtualization and cloud technology to build its next-generation, hyper-converged infrastructure in hybrid cloud environments, running cloud-native applications to cut costs and increase efficiency, so to have we adapted our Men & Mice Suite of DNS, DHCP and IPAM solutions to help organizations manage networks effectively and at scale.

The Men & Mice Suite v9.1 supports Unix/Linux, Windows, and Cisco IOS and stretches into the cloud with functionality across Azure DNS, Amazon Route 53, Dyn, NS1 and Akamai Fast DNS, as well as IPAM in AWS, Azure and OpenStack.  It can be dropped on top of an organization’s existing infrastructure to manage, sync and automate network changes, authorizations and provide comprehensive insight into large-scale networks through one unified dashboard.

The Men & Mice Suite v9.1 supports thousands of concurrent users and API connections, with millions of managed IPs and DNS records, for automation and provisioning.

Virtualized Infrastructure and Applicationsmen & mice_secure_visible_dns

We favor virtualization over physical appliances and platform-specific, custom hardware allocation. Turns out, our customers do too.  We want our customers to be able to make the right choices for their network infrastructure (DDI) needs. Then, we offer our environment- and platform-agnostic Men & Mice Suite to help them manage it.

Virtualized infrastructure is both cost and performance efficient. Men & Mice Suite gives organizations the flexibility and adaptability they need as every area of business operations goes digital, providing the managaibility and visibility needed for high-availability networks to be, well, highly available.

Our new Men & Mice Suite v9.1, an overlay network management solution, offers many advantages for virtualizing and automating, as well as increasing visibility and ease-of-management of an enterprise organization’s network infrastructure, including its new web-based management application, which takes the “daunt” out of day-to-day operations and reporting.

Another way we’re making virtualization easier is through the Men & Mice virtual appliances, the DNS software for which we’ve upgraded to BIND 9.11, supporting various new features as well as DNSTAP. For example, details on DNS queries received and DNS replies sent by the Men & Mice virtual appliances can now be logged for further processing by enabling and utilizing the powerful DNSTAP feature with minimal performance impact on the appliances. They can also function as NTP (Network Time Protocol) servers and be served by the same network infrastructure as DNS and DHCP.

men_mice_hybrid network managementPrivate, Hybrid, and Public Clouds

Every cloud vendor is different. Different platforms and configurations offer different advantages (and drawbacks) for customers. They also offer very different, and often incompatible APIs. Men & Mice Suite v9.1 services complex enterprise hybrid and multi-cloud networks by providing single-pane-of-glass visibility and cross-platform functionality for DNS, DHCP and IPAM (DDI) operations, whose networks use either multiple cloud (cloud native) vendors or a combination of on-prem and cloud (hybrid).

The ability to bulk migrate DNS zones and DHCP scopes, ability to implement role-based authorizations, as well as providing 3 management interfaces (Windows-based management console, web-based management application and REST, SOAP and JSON-RPC APIs), the Men & Mice Suite v9.1 overlay software solution eliminates many of the complexities of today's large-scale networks while mitigating DNS failures such as configuration errors and DDoS attacks.

Further, Men & Mice Suite's xDNS Redundancy provides a level of abstraction that builds automation, provides centralized views, eliminates human error and removes conflicting DNS service provider platform complexities (e.g. incompatible APIs).

The Men & Mice Suite v9.1 also allows organizations to add Active Directory zones to xDNS groups. This, tied with the read-only members of xDNS groups, makes it easy for organizations to bring their internal, on-premises DNS into their virtual private clouds, and vice versa.

Cloud operations monitoring, a topic to which we’re looking greatly forward discussing at VMworld, is transparent and easy in the Men & Mice Suite v9.1. Not only have we integrated true cloud DNS into the Men & Mice Suite, but we also paid attention to the cloud-unique challenges it brings with it.

Can’t make it? No worries!

You can book an appointment to meet our team onsite at VMWorld (Booth #2124).

Or, if you’re missing the event, book a walk-thru any time by clicking the button below.

We’re always happy showcase the benefits of deploying our best-in-class overlay management solution on top of your network.

Book appointment

DNS, DHCP & IPAM Software Trial

Topics: "cloud dns", hybrid cloud, networking best practices, IP address management, DDoS, VMware, API, Redundant DNS, DNS redundancy, hybrid network, DHCP, DNS, Men & Mice, DDI