mac oem software

IP Address Management Demands Multi-Core Architectures

The BlueCat Advantage

Summary

Bring order to your network. Build, model, test and verify DNS, DHCP and IP configurations, then deploy them when you are ready -- on your schedule.

Proteus is an enterprise IP Address Management appliance that manages all DNS, DHCP and IPAM services from a central web-based interface. Proteus is intelligent; when one service is changed Proteus will automatically change any other services that may be affected. With Proteus your network is always working, always up, and always operational.

Proteus Helps Organizations To:

  • Remove the barriers of managing large enterprise networks. Account for and manage the allocation of scarce IP addresses within an organization’s IP space.
  • Provision DNS services to ensure delivery of core business applications.
  • Enforce DHCP security and restrict unauthorized users from accessing the network.
  • Stage DNS and DHCP configurations and benefit from centralized management and deployment of IP configurations to distributed DNS and DHCP servers.

Proteus Provides:

Transparency:
Seamless management of a campus or global network with single or multiple concurrent administrators, using a 100% web-based interface.

Continuity:
Synthesized distribution of software upgrades (ISC-BIND, ISC-DHCP), as well as the application of critical OS patches and upgrades.

Measurability:
Ongoing monitoring and reporting of usage data, DNS and DHCP services, thereby improving service levels and providing a highly available infrastructure.



IP Address Management Defined

IP Address Management (IPAM) is a framework designed to simplify the management of IP inventories, while managing dynamic IP address services (DHCP) and IP name services (DNS). Traditional approaches to IPAM have focused primarily on tracking IP allocation and providing rudimentary management capabilities for DNS and DHCP services. First and Second generation approaches to IPAM are essentially built around spreadsheets or non-purpose built database applications; these applications lack effective integration with core DNS and DHCP services.

IPAM is not merely responsible for cataloging IP allocations, but should give organizations multiple perspectives on the topology and configuration of the network to extend its capabilities and guarantee a high level of service provisioning. IPAM effectively enables large numbers of administrators to collaborate on the design and management of the IP and name spaces and then manages the deployment and provisioning of mission critical DNS and DHCP services, enterprise-wide. The Proteus Enterprise IPAM Appliance from BlueCat Networks redefines IP Address Management to enable organizations to model and manage the relationships between IP addresses and the world they represent.

The Rudimentary Functions of an IPAM Solution Include:

IP Inventory Management:

The ability to account for and manage the allocation of scarce IP addresses within an organization’s IP space, in view of individual location-based requirements, subnets, devices, addresses pools and end-users.

Domain Name Services:

DNS is mission-critical to any organization that communicates with customers using the internet or running Microsoft Active Directory. A secure and effectively provisioned DNS service ensures delivery of core enterprise applications. A properly designed IPAM system secures DNS, cleanses configurations of syntactical and logical errors, provides high system availability, and improves service provisioning levels while ensuring IP inventories are up to date and in-line with business requirements/objectives.

Dynamic IP Assignment and Management:

Organizations use Dynamic Host Configuration Protocol (DHCP) to manage the dynamic assignment of IP addresses on their networks.

Driven by the rapid adoption of wireless technology, mobile computing platforms, remote branch offices and applications such as VoIP and Unified Communications, properly managed and provisioned DHCP is business critical. An effective IPAM solution enables organizations to manage the capacity of IP address pools to ensure that dynamic IP addresses are available to users that need them. Beyond simply provisioning IP addresses, effective IPAM also works with DHCP as a point of security enforcement to restrict unauthorized users from accessing the network.

Service Management and Deployment:

IPAM is not only responsible for accounting for IP inventories and staging DNS and DHCP configurations; it is also responsible for providing centralized management and deployment of IP configurations to distributed DNS and DHCP servers throughout the organization. Effective IPAM improves deployment and provides visibility and control of all IP services regardless of physical location.

Upgrades and Patch Management:

Organizations typically adopt IPAM to improve the manageability of distributed networks with a rapidly changing and evolving IP infrastructure. DNS and DHCP are crucial services that require constant diligence to not only ensure adequate service allocation but also to ensure security and resiliency. Similarly, moving beyond just managing IP allocation, next generation IPAM solutions also manage the health and availability of the platforms that provision core services. Effective IPAM will manage the distribution of software upgrades (ISC BIND, ISC DHCP) in addition to the management and application critical OS patches and upgrades. A next generation approach to IPAM additionally includes the use of purpose-built security appliances to safely provision DNS and DHCP services. Using these platforms ensures that all software and operating systems are managed under the care of the IPAM solution, removing the need for localized user intervention.

Traditional enterprise class IPAM solutions consist of software components operating on third party hardware platforms with additional software and an operating system to manage. DHCP and DNS are often handled by software agents on separate servers with client software on administrative workstations. This system is costly both to implement and to maintain due to the myriad of different software and hardware components.

Most IPAM solutions are overly-strict in terms of the way they enable an organization to build, manage and monitor networks; this slows the universal adoption and overall usefulness of the IPAM solution. Rarely are two organization’s IP networks --or the way in which they are managed-- the same. Deploying a clustered DNS/DHCP solution with support for meta-data fields does not provide the required scale, flexibility or resiliency. Neither does deploying an IPAM tool with a secondary function of asynchronous management of DNS and DHCP. Effective IPAM allows organizations to build out network configurations to match operational policy as managed by network configuration, physical location, subnet, devices, services or DHCP.

Multi-Core Architecture is Integral to IP Address Management

IPAM is more than simply managing and monitoring IP address allocation through DNS and DHCP. Therefore it seems unreasonable to expect solutions with built-in/augmented IPAM functionality to provide effective, unified, enterprise-wide management.

Proteus uses a Multi-Core Architecture to seamlessly manage DNS, DHCP, IP Inventory, deployment, patch management, high availability, identity/access management and other portions of the IP network in a unified manner. Proteus enables organizations to manage these seemingly disparate services using a synthesized management approach. This provides the tools for organizations to rapidly and effectively build network configurations that adapt to business requirements; Proteus then translates these IP models into extensible DNS and DHCP configurations.

Should an administrator wish to access a DNS configuration directly, any changes made there are automatically updated within the IP core. This means that the configuration fully integrates both the naming system as well as the IP address structures that the names represent. Both systems can be modeled through a single interface, but are kept separate where practical because of how they are used inside the network. Not only does this ensure that the IPAM tool remains current but also provides visibility into the broader ramifications of a network configuration change.

When a modification is made within either the DNS or IP sections of Proteus (anywhere that these two system-cores intersect), Proteus manages the changes. Proteus maintains all settings independently of the ways that they would normally be associated. Therefore, just because the IP address for a device changes, the links to that IP address or device will not necessarily change, and so on.

Multi-Core in Action

First and second generation IPAM solutions typically require users to be experts or gurus; such administrators have a detailed understanding of the network, its interactions and how changes will affect overall service level agreements and application availability. With Proteus’ Multi-Core architecture, organizations can reduce the high expense of employing teams of experts and enable delegation of most tasks to less qualified, less expensive personnel. This also has a dramatic affect on an organization’s ability to respond rapidly to change requests: Major bottlenecks typically associated with errors are removed without cost to security or network resiliency.

Proteus handles many non-intuitive tasks behind the scenes on behalf of administrators. This lets users focus on implementing the logical structures of a design rather than the details and syntax. An example of this is the automatic creation of reverse DNS zones: Proteus manages reverse DNS through the IP core where it makes more sense. Proteus still enables administrators to change the underlying settings, but normally it manages the complexity of the required relationships on their behalf. This reduces the errors that often arise in certain areas of DNS and DHCP configuration, and it enables administrators that are less highly trained to perform complex tasks quickly and accurately.

Using a Multi-Core Architecture enabled IPAM solution, administrators can also deal with one aspect of IPAM at a time. Because Proteus manages the relationships between the various cores, changes to a specific core -- for example, DNS -- result in changes that are reflected throughout the entire system (IP Model, DNS, Deployment, etc.). Proteus automates the relationship and management of data within the different functional cores to make administration tasks more manageable.

For instance, a DNS administrator can work within the confines of the DNS core, essentially removing worry about the ramifications of name space changes relative to the rest of the network configuration. Proteus will automatically manage these changes on behalf of the administrator, effectively removing a layer of complexity without comprise to accuracy or manageability. This example also demonstrates Proteus’ ability to enable task specialization within organizations, helping to reduce human resource costs, drive efficiencies and improve overall network responsiveness. Organizations with geographically distributed networks and administrators can now drive collaboration in a virtualized environment and will not need to rely as heavily on email, telephone, coordinating group meetings or other communications methods to complete large projects.

What’s in a Name?

A change to an IP address is reflected in the management of its name, but a name change can affect the naming system directly and might be indirect to the address. Domain names permit the abstraction of a network device’s address where the name remains the same, but the address can also change without requiring applications to be reconfigured.

 

Logical Design of a Network

The IP core contains information about network breakdowns or “allocation blocks”, as well as static and dynamic IP address allocations. This information is integrated with the DNS core using realtime feedback from Adonis servers to keep the DNS space current with the IP networks that it represents. This gives administrators the power to monitor allocation as well as assist help desk and network personnel who are validating and troubleshooting address problems. Dynamic DNS changes from Active Directory and other DDNS updating systems are sent to Proteus in real time (as are address allocations), indicating to administrators that a configuration change was made by an automated process.

When a modification is made within either the DNS or IP sections of Proteus (anywhere that these two system-cores intersect), Proteus manages the changes. Proteus maintains all settings independently of the ways that they would normally be associated. Therefore, just because the IP address for a device changes, the links to that IP address or device will not necessarily change, maintaining network functionality.

Multi-Core Enables Conceptual Modeling

Proteus multi-core architecture permits abstracted and conceptual manipulation of the configuration without being tied to a specific server or implementation, unlike other point-based approaches. This kind of conceptual modeling allows configuration-specific data to run in the background -- hidden from the administrator -- thereby enabling administrators to focus on the task at hand. The deployment information for both DNS and DHCP is available at the configuration level as well as on the Deployment Options screen for most objects. A Proteus configuration contains information about the networks and name spaces along with several levels of deployment options, server roles, and server assignments. These controls form the Proteus deployment core. The Proteus deployment services handle the implementation specifics, matching each part of each service to the appropriate managed Adonis Appliances.

Multi-Core Configuration Deployment

Proteus provides a separation between the logical design of a network and its implementation on the actual network hardware. An administrator designs a network as a configuration; the configuration uses global elements such as users and groups, and local elements such as DNS and IP designs. When combined together, these create a complete logical network design. During this process or afterward, servers (defined for each configuration) can be associated with different parts of the configuration using various deployment settings available within the configuration.

For example, DNS authority and glue records are configuration-specific, and are required by name servers for proper resolution, but are repetitive from zone to zone and are not core to conceptualizing the IP/DNS space.

Many administrators do not understand why such records exist and when they need to be changed.

Proteus automatically generates glue records and although the administrator can always view them, it generates the records when the configuration files for the specific Adonis appliance are built by Proteus during deployment. Using Proteus’ deployment core also enables organizations to plan network changes, ensure error free configurations and then deploy the configuration when it makes sense to (such as during nonessential business hours). With some other IPAM solutions, changes are made in real-time and immediately reflected throughout the network configuration because deployment is not staged. For enterprise organizations, this is not an acceptable option.

No Multi-Core Means No IPAM

Proteus is the only IPAM solution that offers users the benefit of a multi-core architecture. The adoption of next generation applications and computing platforms is placing an inordinate amount of strain on enterprise networks. IPAM is no longer just for carriers. These next generation networks require a next generation approach that delivers:

Centralized Management:

Centralized management of IP inventories, DNS and DHCP that enforces change control, improves accuracy and accountability while improving service levels at a lower cost of ownership. Multi-Core enables organizations to centrally manage IP inventories, DNS and DHCP configurations, regardless of physical locations. Proteus’ multi-core architecture simplifies network management.

Administrator Access Controls:

IPAM demands integrated administrator access parameters; delegated permissions and identity controls are pivotal to maintaining and operating a secured network. Proteus enables organizations to assign administrators delegated views of large network configurations (DNS, DHCP, IP Modeling, Subnet, Device, Configuration). Using a Multi-Core architecture along with object tagging,  network administrators can securely provision network services in a logical environment, and then a network manager can use the deployment core to ensure that only approved/verified changes are committed to the physical network.

Business Process-Oriented Management:

A Multi-Core architecture enables organizations to build and model network configurations to meet their specific business and regulatory needs. With Multi-Core Architecture, physical changes to a DNS or DHCP server/subnet can be made in the modeling core based on business policy, and then Proteus will automatically translate the policy-based changes into working DNS and DHCP configurations. This allows network administrators to focus on deploying policy and service applications, ensuring service level agreements are upheld.

Service Management:

A true IPAM solution enables organizations to deploy DNS and DHCP configurations in a timely fashion, without compromise to accuracy or resiliency. Beyond configuration deployment, IPAM is also responsible for ongoing monitoring and management of the IP space. Using a multi-core architecture, an organization can effectively manage and monitor network resources at a number of levels, to dramatically improve quality of service by enabling organizations to act rapidly when changes are required.

 


Multi-Core Configuration

Highly Available Services:

If your network is unavailable, you may lose customers. Organizations must take steps to safeguard the availability of not only DNS and DHCP services but also the IPAM management framework itself. Multi-Core architecture enables organizations to rapidly troubleshoot configuration issues from a number of vantage points. When combined with Proteus’ Disaster Recovery and High Availability functions, network resiliency is dramatically improved.

IP Address Management requires Multi-Core Architecture. Without a Multi-Core architecture you are still essentially playing with glorified, one-dimensional spreadsheets...Isn’t your business better than that?

Return to top

 
© 2001-2010 BlueCat Networks - All Rights Reserved
Solutions
IP Address Management
Windows® Management
IPv6
DNS and DHCP
DNSSEC
Voice Over IP
High Availability
Virtual Solutions
Auditing and Control
DDI 		Products
Proteus IP Address Management
Proteus Management Agent
Adonis DNS/DHCP 		Industries
Public Sector
Education
Financial Services
Health Care
Manufacturing
 Retail
Services
Telecommunications 		Resource Center
Whitepapers
Solution/Technical Briefs
Datasheets/Brochures
Video Library/Webinars
Case Studies 		Partners
Partner Support
Partner Benefits
Partner Types
Partner Requirements
Partner Portal Login
Partner Documents 		Customer Services
Customer Care
Care Login
End User License Agreement
End-Of-Life Process
Security Updates
Training 		Company
Management Team
Industry Alliances
Awards and Accolades
Customer Testimonials
Video Interviews
Careers
Articles & Reviews
Press Releases
Events and Speaking
Upcoming Events
Past Events
Request a Speaker
Contact Us

Secure, Simplified Next Generation DNS management, DHCP and IP address management Network Appliances. Security - hardened and purpose - optimized, BlueCat Networks'
Appliances are a leading choice for DNS Security Servers, DHCP Servers and Web based IP Address Management (IPAM) solutions. IPv4 and IPv6 DNS and DHCP compliant.