mac oem software

IP Address Tracking and Reconciliation Provide Greater Visibility, Control and Security

  • Tracks IP address allocations through DNS and DHCP in real time
  • ‘Discovers’ all network-attached devices and reconciles findings against current data
  • Identifies IP addresses that are unused, unauthorized or misaligned
  • Notifies administrators of unauthorized network changes
  • Provides network administrators with an accurate view of their networks
  • Occurs on a per network event basis and does not require entire network to be polled

Market Drivers

As corporate IP networks increase in size and complexity, it becomes increasingly difficult for administrators to get an accurate perspective of network activity. Network, system and security administrators need to be aware of all networked devices, who owns them, and their intended purpose. They also need to ensure that authorized devices have valid IP addresses so that network accessibility and availability are not affected unduly.

If administrators don’t know what’s happening on the network, they cannot control network operations effectively. For example, if a machine is added to a static network (i.e. a new MAC address appears in a static network range), administrators need to be alerted. This activity could represent a network intruder, or simply an unauthorized user adding a printer.

Without good visibility to operations, network managers have difficulty forecasting network growth and resource requirements. As network performance and reliability become critical to a wider range of business applications, limited awareness and control become increasingly detrimental.

Visibility Starts with IP Address Tracking

BlueCats’ Proteus appliance maintains an accurate inventory of IP addresses by monitoring address allocations through DNS and DHCP in real time. Proteus tracks when IP addresses are assigned, what devices they are assigned to, the identities of end-users, associated MAC addresses, port information as well as the corresponding network or subnet, among other customizable information that can be IP-centric (for example, some customers my wish to associate employee numbers, ever green lease expiry dates, department code, cost centers, etc.) to IP address information. This level of visibility greatly increases network management efficiency, particularly in large, geographically dispersed networks where resolving accessibility issues can be challenging. It also reduces network abuse and enhances network security.

 

IP Reconciliation

Proteus provides administrators with tools to reconcile their network designs with the current state of their networks. Proteus’ IP reconciliation algorithm:

  • Discovers new machines on the network;
  • Removes (with notification) machines that were once on the network, but have since been removed; and,
  • Uncovers mismatch conditions, where an IP/MAC address association has changed (i.e. an IP address that was associated with one MAC address, but is now associated with a different one).

 

IP Reconciliation IPAM

The benefits of this functionality include reclamation of unused IP addresses – particularly useful in light of IP address scarcity, and discovery of unauthorized IP addresses, which can represent security vulnerabilities.

Proteus’ IP reconciliation tools are based on ‘discovery modules’ that routinely (and non-invasively) scan the network to uncover IP allocation information. The discovered information is then compared to current data to identify addresses that are in use, unused and can be reclaimed, or mismatched. Once the network has been reconciled, administrators can then determine what actions should be taken. For example, reconciliation can indicate dynamic IP address allocations that do not match states within the DHCP service. This information can then be used to identify a machine that might have hijacked a reserved address.

Reconciliation sweeps can be defined for a block of the IP address space or for an entire network. They can span across layer two and layer three boundaries, and detect routable networks, default gateways and port information. Administrators typically define IP reconciliation policies that call for several, periodic network sweeps. Since many networks have mobile users, the IP addresses reported during a single reconciliation sweep might not be an accurate representation of the full network configuration. The scheduling mechanism allows for ad-hoc scans when irregular network conditions are suspected.



Return to top

 
© 2001-2010 BlueCat Networks - All Rights Reserved
Solutions
IP Address Management
Windows® Management
IPv6
DNS and DHCP
DNSSEC
Voice Over IP
High Availability
Virtual Solutions
Auditing and Control
DDI 		Products
Proteus IP Address Management
Proteus Management Agent
Adonis DNS/DHCP 		Industries
Public Sector
Education
Financial Services
Health Care
Manufacturing
 Retail
Services
Telecommunications 		Resource Center
Whitepapers
Solution/Technical Briefs
Datasheets/Brochures
Video Library/Webinars
Case Studies 		Partners
Partner Support
Partner Benefits
Partner Types
Partner Requirements
Partner Portal Login
Partner Documents 		Customer Services
Customer Care
Care Login
End User License Agreement
End-Of-Life Process
Security Updates
Training 		Company
Management Team
Industry Alliances
Awards and Accolades
Customer Testimonials
Video Interviews
Careers
Articles & Reviews
Press Releases
Events and Speaking
Upcoming Events
Past Events
Request a Speaker
Contact Us

Secure, Simplified Next Generation DNS management, DHCP and IP address management Network Appliances. Security - hardened and purpose - optimized, BlueCat Networks'
Appliances are a leading choice for DNS Security Servers, DHCP Servers and Web based IP Address Management (IPAM) solutions. IPv4 and IPv6 DNS and DHCP compliant.