mac oem software

Workflow Management Reduces Administrative Costs while Enhancing Network Governance

  • Supports ‘controlled delegation’ of change management responsibilities to distribute administrative workloads – delegate with authority;
  • Aligns administrative tasks with the appropriate network management resources;
  • Hierarchical structure ensures proper controls and safeguards are maintained;
  • Tracks all configuration changes in Proteus’ audit trail.

Market Drivers

Organizations looking to lower IT expenses want to ensure network administrators are assigned to tasks commensurate with their skill sets and pay grades. They do not want senior staff spending undue effort on mundane or repetitive change management tasks that could easily be handled by junior administrators or even the user community. Best practices in network governance dictate that there be strict controls and oversight on network configuration changes however. It is inappropriate to give any one individual, particularly a junior network administrator, unfettered access to configuration utilities. Organizations must then strike a balance between the economic benefits of delegating administrative duties to junior staff, with the requirements for proper oversight and control.

Proteus Workflow Management

Proteus’ workflow management features balance these seemingly competing requirements. Workflow features allow senior network administrators to assign access rights to local administrators who are then permitted to make changes to the network infrastructure within the boundaries of their privileges. Privileges can be assigned system wide or on an object level basis.

Workflow management empowers local administrators while reducing demands on more experienced senior staff. Extending restricted administrative rights to less experienced administrators, frees senior staff to address more pressing issues, requiring their specialized skills. Proteus ensures proper controls are maintained by providing senior administrators with visibility to – and veto control over – changes initiated by junior staff.

Change Control and Oversight in Practice

Proteus’ granular approach to workflow management allows for individual or group administrative access rights on a hierarchical basis, that establish who can make changes, what objects can they change, who can approve such changes, and when such changes can take effect. Proteus controls delegation of change management as follows:

  1. A network administrator utilizes access controls to delegate change management to a specific user or user group. The administrator specifies that changes must follow the workflow management model.
  2. In accordance with the workflow model, a user makes a required change to IPAM data in a sandbox environment. Each such change generates a ‘request’ to the administrator to approve or reject the change.
  3. Change requests are actionable by administrators who have full control over the affected objects. Changes requests are also visible to other administrators and users.
  4. When an administrator approves the change, all updates are realized and the system indicates that it was the approving administrator who issued the updates. Alternatively, if an administrator rejects the change, it will be discarded and any other associated changes will be suspended.
  5. Proteus’ audit logs are updated accordingly.

Why You Need Workflow

Example – Logical Delegation of Administrative Control

Consider the following example: an organization requires that its Windows group, and only this group, has control of its 192.168.0.0/16 address space and its windows.domain.com zone. The Windows group is to be restricted such that it is only able to request changes within the 10.0.0.0/8 address space and the regular domain.com zone.

Proteus’ flexibility supports the following scenario:

  • The Windows group has full control over the 192.168.0.0/16 address space as well as the windows.domain.com zone.
  • The Windows group is required to make requests to change linux.domain.com. The group has no access to change the 172.16.10.0/24 network.
  • The Linux group can approve or deny change requests for linux.domain.com made by the Windows group.



Return to top

 
© 2001-2010 BlueCat Networks - All Rights Reserved
Solutions
IP Address Management
Windows® Management
IPv6
DNS and DHCP
DNSSEC
Voice Over IP
High Availability
Virtual Solutions
Auditing and Control
DDI 		Products
Proteus IP Address Management
Proteus Management Agent
Adonis DNS/DHCP 		Industries
Public Sector
Education
Financial Services
Health Care
Manufacturing
 Retail
Services
Telecommunications 		Resource Center
Whitepapers
Solution/Technical Briefs
Datasheets/Brochures
Video Library/Webinars
Case Studies 		Partners
Partner Support
Partner Benefits
Partner Types
Partner Requirements
Partner Portal Login
Partner Documents 		Customer Services
Customer Care
Care Login
End User License Agreement
End-Of-Life Process
Security Updates
Training 		Company
Management Team
Industry Alliances
Awards and Accolades
Customer Testimonials
Video Interviews
Careers
Articles & Reviews
Press Releases
Events and Speaking
Upcoming Events
Past Events
Request a Speaker
Contact Us

Secure, Simplified Next Generation DNS management, DHCP and IP address management Network Appliances. Security - hardened and purpose - optimized, BlueCat Networks'
Appliances are a leading choice for DNS Security Servers, DHCP Servers and Web based IP Address Management (IPAM) solutions. IPv4 and IPv6 DNS and DHCP compliant.