Integrating Nixu IPAM with Microsoft AD. White Paper January 2011

Similar documents
Integrating FusionLayer IPAM with Microsoft AD. A White Paper by FusionLayer

Integrating FusionLayer Infinity With Microsoft AD. A White Paper by FusionLayer Inc.

Virtualized Domain Name System & IP Addressing Environments. White Paper by FusionLayer, Inc.

Technical Description: Nixu Registry Server

IPAM for Enterprise Environment

WHITEPAPER. Top Reasons Why Enterprises Must Automat DNS, DHCP and IP Address Management

IP ADDRESS MANAGEMENT SOLUTIONS

Integrated DHCP, DNS & IP Address Management

FusionLayer Infinity. Management and Provisioning for F5 BigIP DNS November 2017

Data Sheet: Endpoint Security Symantec Multi-tier Protection Trusted protection for endpoints and messaging environments

WHITE PAPER. How Virtualization Complements ShoreTel s Highly Reliable Distributed Architecture

Hyper-Converged Infrastructure: Providing New Opportunities for Improved Availability

The Case for Virtualizing Your Oracle Database Deployment

A Better Way to a Redundant DNS.

Total Cost of Ownership: Database Software and Support

One Release. One Architecture. One OS. High-Performance Networking for the Enterprise with JUNOS Software

Power IQ for econnect

nddprint 360 White Paper - Corporate Printing

SOLIDserver Quick Start Guide

INTRODUCING VERITAS BACKUP EXEC SUITE

Symantec Data Center Transformation

The case for cloud-based data backup

Cisco Prime IP Express Technical Data Sheet

Automated Deployment Services

Reducing Skype for Business Costs via Proactive Management Using management tools cuts SfB operational costs by more than half

Simplify Hybrid Cloud

White paper. The three levels of high availability Balancing priorities and cost

Infoblox Cloud Platform and Cloud Network Automation

ITSM SERVICES. Delivering Technology Solutions With Passion

Microsoft IT deploys Work Folders as an enterprise client data management solution

LGS INNOVATIONS IP ADDRESS MANAGEMENT

StarWind Virtual SAN Installing and Configuring SQL Server 2017 Failover Cluster Instance on Windows Server 2016

WHITE PAPER. Why Infoblox for DDI. It is time to migrate from BIND and Microsoft

The Benefits of Wireless Infrastructure Management in the Cloud

Managing Exchange Migration with Enterprise Vault

Benefits of SD-WAN to the Distributed Enterprise

Applying ITIL Best Practice Principles to IPAM

Paper. Delivering Strong Security in a Hyperconverged Data Center Environment

Virtualizing the SAP Infrastructure through Grid Technology. WHITE PAPER March 2007

Cisco Wide Area Application Services: Secure, Scalable, and Simple Central Management

Redefining Networking with Network Virtualization

Cloud Operations for Oracle Cloud Machine ORACLE WHITE PAPER MARCH 2017

GET CLOUD EMPOWERED. SEE HOW THE CLOUD CAN TRANSFORM YOUR BUSINESS.

Infoblox VMware vrealize Log Insight Content Pack User Manual Version 1.1

Implementing ITIL v3 Service Lifecycle

Cloud Automation of Core Network Services

innovi Edge Installation & Configuration Guide

IT your way - Hybrid IT FAQs

Deploying Cisco SD-WAN on AWS

white paper SMS Authentication: 10 Things to Know Before You Buy

SNIA Discussion on iscsi, FCIP, and IFCP Page 1 of 7. IP storage: A review of iscsi, FCIP, ifcp

BIG-IP Global Traffic Manager

TrustNet Manager Group Encryption Management for Policies, Keys and Devices

7 Things ISVs Must Know About Virtualization

DS Series Solutions Integrated Solutions for Secure, Centralized Data Center Management

StarWind Virtual SAN. Installing and Configuring SQL Server 2014 Failover Cluster Instance on Windows Server 2012 R2. One Stop Virtualization Shop

Cisco Data Center Network Manager 5.1

Moving From Reactive to Proactive Storage Management with an On-demand Cloud Solution

Unleash IT to Accelerate Radical Business Innovation. Hyperconverged Infrastructure Powered by Lenovo ThinkAgile HX Series with Nutanix

Accelerate Graphics in Virtual Environments

Core DDI Basics NIOS 8.1

Features. HDX WAN optimization. QoS

Running the Setup Web UI

5 OAuth Essentials for API Access Control

Total Cost of Ownership: Benefits of ECM in the OpenText Cloud

ForeScout Extended Module for IBM BigFix

Total Cost of Ownership: Benefits of the OpenText Cloud

A Digium Solutions Guide. Switchvox On-Premise Options: Is it Time to Virtualize?

Integrated Switching: Cisco Blade Switch Modules for HP BladeSystem Enclosures. Reduce data center complexity

Citrix Commercial Licensing Program

Evolved Backup and Recovery for the Enterprise

Smart Data Center From Hitachi Vantara: Transform to an Agile, Learning Data Center

Citrix NetScaler LLB Deployment Guide

Desktop virtualization for all

Deploying a Next-Generation IPS Infrastructure

Table of Contents HOL HCI

Professional Services for Cloud Management Solutions

Secure Industrial Automation Remote Access Connectivity. Using ewon and Talk2M Pro solutions

How to Protect Your Small or Midsized Business with Proven, Simple, and Affordable VMware Virtualization

APPLYING DATA CENTER INFRASTRUCTURE MANAGEMENT IN COLOCATION DATA CENTERS

REMOTE IT MANAGEMENT SOLUTIONS: MANAGE REMOTE OFFICES WITHOUT LEAVING YOURS

Shift CAPEX to OPEX. With an Expedient On-Site Private Cloud

Mitigating Branch Office Risks with SD-WAN

Total Cost of Ownership: Database Software and Support

SMARTARCHITECTURE TM : DNS-DHCP ARCHITECTURE MANAGEMENT

arcserve r16.5 Hybrid data protection

Security Platform. Security. Availability. Manageability. Scalability.

Implementing Fax over IP in your Organization

SYMANTEC: SECURITY ADVISORY SERVICES. Symantec Security Advisory Services The World Leader in Information Security

StarWind Virtual SAN Installing and Configuring SQL Server 2019 (TP) Failover Cluster Instance on Windows Server 2016

C H A P T E R Overview Figure 1-1 What is Disaster Recovery as a Service?

5 Best Practices for Transitioning from Legacy Voice to VoIP and UC&C

ATA DRIVEN GLOBAL VISION CLOUD PLATFORM STRATEG N POWERFUL RELEVANT PERFORMANCE SOLUTION CLO IRTUAL BIG DATA SOLUTION ROI FLEXIBLE DATA DRIVEN V

"Charting the Course to Your Success!" MOC D Administering System Center 2012 Configuration Manager. Course Summary

Quick Start Guide for Cisco Prime Network Registrar IPAM 8.0

Frequently Asked Questions

Evaluator Group Inc. Executive Editor: Randy Kerns

ADMINISTERING SYSTEM CENTER 2012 CONFIGURATION MANAGER

An AlgoSec Whitepaper MANAGE SECURITY AT THE SPEED OF BUSINESS

ScaleArc for SQL Server

Transcription:

Integrating Nixu IPAM with Microsoft AD White Paper January 2011

DNS, DHCP and IP Address Management (IPAM) in Microsoft AD Environments Organizations running Microsoft DNS and DHCP services have traditionally relied on Excel spreadsheets in their IP Address Management. This results in inefficiencies that increase the Operating Expense (OPEX) associated with managing subnets, IP addresses and other mission-critical network resources. By automating the manual IP Address Management process, organizations can streamline and automate their day-to-day network management routines, reducing the associated costs by more than 50%. A high percentage of organizations continue to run Microsoft Windows Server 2003 and/or 2008 to provide DNS and DHCP services in their enterprise network. In environments such as this, allocation and management of subnets, tracking of individual IP addresses and other network resources, and management of different administrative attributes and properties pertaining to the IP address space are often carried out manually using Excel spreadsheets. The larger the network, the more inefficient this approach becomes, because Microsoft based solutions offer no process automation that would help network administrators keep their spreadsheets in synch with the live production data. The problem is especially dire in mid-sized and large geographically distributed network environments where the management of DNS and DHCP services is delegated to several network and/or systems administrators. This White Paper describes how organizations can implement Nixu NameSurfer TM Suite as an IPAM layer on top of their existing Microsoft DNS and DHCP architecture, without having to install any agents and/or other software on the existing Microsoft AD servers. For further details on individual Nixu Products, please visit. Benefits of Running Nixu IPAM in Microsoft AD Environments 1. Nixu IPAM has been designed for efficient management of organizations name and address space, replacing Excel spreadsheets and allowing delegated management with configurable access rights and audit trail via web-based GUI 2. Automated synchronization of all static and dynamic hosts in AD Zone(s) to the appropriate subnets managed in Nixu IPAM, without any manual intervention, complemented with IP Sweep tools for network discovery 3. Bindings between MS DHCP servers and subnets as well as configuration of DHCP scopes can be carried out centrally from Nixu IPAM for each subnet 4. Support for making static DNS entries to AD Zone(s) from Nixu 5. Support for centralized user authentication via LDAP / Microsoft AD 6. Can be run as virtual machine in existing Citrix XenServer or VMware environment, eliminating the need for operating platform investment 2

Preparing Business Case for Nixu IPAM in Microsoft AD Environments When organizations started deploying Microsoft AD in their enterprise networks in the early 00s, clients relying on IP consisted mostly of traditional workstations, laptops and servers. In these environments, Microsoft AD was often the most pragmatic choice for DNS and DHCP, as these services were included in Windows Server by default. Further, because most clients in Microsoft AD networks remained in the same subnet for most of the time and obtained their IP address dynamically from the MS DHCP server, managing IP address space manually using Excel spreadsheets was seen as a feasible solution in an environment that was relatively static. Since the early 00s, enterprise networks have evolved significantly. Over the last few years, both the variety and the number of network clients utilizing IP have increased substantially. Technologies such as virtualization and VoIP place increasing importance on efficient and transparent management of the network and the IP resources. Not only are there more IPs to manage than ever before, but the clients have also become more mobile, making it more difficult and time-consuming for the administrators to keep up with the network environment in constant change. The major shortcoming of many network environments relying on Microsoft DNS and DHCP services is that there are no interactive tools that could be used for efficient real-time management of the IP address space and related resources. Organizations utilizing spreadsheets in their IP Address Management typically lack the following features that automate and centralize IPAM processes, and introduce the transparency required by various compliance requirements: Delegated management process via web-based GUI with granular user management, user authentication via LDAP, and audit trail of changes (who, what, when) Automated synchronization of dynamic & static clients in Microsoft AD networks to corresponding subnets managed in centralized IPAM Centralized management of bindings between subnets and scopes configured to MS DHCP servers. Purpose-built tools used to distribute and allocate subnets Tracking the use of dynamic IP addresses issued by Microsoft DHCP server Tracking the use of static IP entries made to Microsoft DNS By implementing Nixu NameSurfer TM IPAM on top of the existing Microsoft AD architecture, organizations can introduce the above listed features to their network environment in a matter of days, without having to install any software on the Windows Server 2003/2008, and without making changes to the existing architecture. To quantify the annual Operating Expense (OPEX) of the existing IP address management process utilizing Excel spreadsheets, organizations should estimate the number of hours each administrator spends on the tasks listed below, and multiply the result by the number of administrators and their average hourly cost. The OPEX calculation can be carried out by estimating the time spent on the following tasks: 3

How long does it take to add a static host to the DNS? How long does it take to add dynamic hosts to the DHCP service: - With fixed IP address? - Using MAC authentication? How long does it take to find out which IPs the DHCP servers have assigned from the dynamic range at any one time? After making changes to DNS and DHCP, how long does it take to make related changes to the Excel spreadsheet? Before adding hosts or configuring scopes: - How long does it take to find a free IP? - How long does it take to locate correct subnets and calculate bitmasks? - How long does it take to verify that the calculations were correct? - How long does it take to make sure there are no double IP entries and to make sure that the source is up to date? If something goes wrong when network changes are made and the network experiences problems as result, how long is the average outage and what would be the direct and the opportunity cost of downtime? How long does it take to find the location or other information pertaining to a specific client in the network and how often are searches performed? The more IPAM administrators there are in an organization and the more business critical the network is, the higher the cost of a manual IP address management process utilizing Excel spreadsheets. By automating and streamlining the process with Nixu NameSurfer IPAM, organizations can earn a Return on Investment (ROI) that significantly exceeds 100% p.a., especially in cases where the manual process has already led to costly downtime. Virtualization-Ready Solutions for DNS, DHCP and IP Address Management Nixu NameSurfer Suite (NSS) is a secure management system designed for efficient, distributed management of organizations DNS data and IP address space. Nixu Secure Name Server (SNS) is a secure stand-alone server that can be operated as authoritative and/or as caching/recursive DNS server. Nixu DHCP Server (NDS) is a secure, stand-alone DHCP server with configuration validations and built-in support for DHCP failover pairs. Nixu Network Equipment Extractor (NEE) has been designed to extract VLAN, MAC, Port ID and other information produced by routers and switches, in real time, and push that data to Nixu NameSurfer IPAM. 4

Integrating Nixu IPAM with Microsoft AD Environment To integrate Nixu NameSurfer IPAM with Microsoft AD Environment as described in this document, the following steps should be taken: 1. Download Nixu NameSurfer Suite for trial and install it as a virtual machine or on native x86-based server. Further installation instructions can be found in the Nixu NameSurfer Suite Reference Manual. 2. Once Nixu NameSurfer Suite has been installed, configure Nixu NameSurfer as secondary to AD master zone(s) in Microsoft AD. After taking this step, all changes taking place in the AD zone(s) are automatically pushed to Nixu NameSurfer. Once the AD zone(s) have been configured as secondary in Nixu NameSurfer, it will be possible to add static hosts to the AD zone(s) from Nixu NameSurfer. Further instructions can be found in the Nixu NameSurfer Reference Manual. 3. Once the AD zone(s) have been added as secondary in Nixu NameSurfer, configure the subnets / blocks in your network as address blocks in Nixu NameSurfer IPAM module. After an address block has been configured in Nixu NameSurfer IPAM, it will automatically retrieve all contents of the AD zone file and populate those IPs automatically to the corresponding address block / subnet configured in Nixu NameSurfer IPAM. Setting up blocks / subnets in Nixu NameSurfer IPAM has been described in further detail in the Nixu NameSurfer Reference Manual. 4. Once the subnets / address blocks have been configured in Nixu NameSurfer IPAM, integrate Microsoft DHCP servers using the Remote Servers module included in Nixu NameSurfer Suite. This process has been described under Setting up Microsoft DHCP Integration in the Nixu NameSurfer Suite Reference Manual. Once integrated, the bindings between subnets in Nixu NameSurfer IPAM and remote MS DHCP server instances (including scopes) can be managed centrally from the IPAM module. 5. As the last step, configure the groups authorized to access the centralized Nixu NameSurfer IPAM and define their user privileges. Once the groups have been configured, they can be attributed to new user accounts generated in Nixu NameSurfer Suite. When accessing the system, users can either be authenticated locally or centrally via LDAP. The User Groups functionality and centralized authentication via LDAP are described in further detail in the Nixu NameSurfer Reference Manual. To obtain a free 30-day evaluation for Nixu NameSurfer Suite, please log on to and proceed to the Software Delivery Portal. After having submitted the evaluation request, an ISO installation media of Nixu NameSurfer Suite and a copy of the Nixu NameSurfer Suite Reference Manual will be added to the newly generated download account, and user credentials sent to the requestor by email. 5

Solution Architecture Below, please find a simplified network diagram of the solution architecture outlined in this white paper. Please note that while the diagram only depicts a single Microsoft AD server and an AD network for the sake of simplicity, Nixu NameSurfer Suite supports integration with any number of remote Microsoft AD instances and AD networks according to the principles described herein. Illustration: Non-Intrusive Nixu IPAM Layer on top of Existing Microsoft AD Architecture 6

About Nixu Software Nixu Software is a privately held affiliate of Nixu Group. Headquartered in Espoo, Finland, and with five regional sales offices in the Americas, EMEA and Asia Pacific, our mission is to offer the best value for money within the DNS, DHCP and IP Address Management (DDI) industry. The execution of our mission is based on unparalleled DDI software appliances providing an industry benchmark for the combination of availability, ease of use, security and Low Cost of Ownership (TCO). Nixu Software leverages Nixu Group's world-class expertise in software development and information security by developing secure DDI solutions and software appliances. Nixu products can be deployed either as standalone end-to-end solutions, or as components of more extensive turnkey solutions developed in cooperation with different OEMs. Nixu Software stresses four fundamentals in all its product development efforts: security, scalability, availability and efficiency. Having longstanding blue-chip customers who have managed 100% DNS uptime for a decade while reducing the related management costs by more than 50% per year, our track record is second to none. Nixu Software's DNS products have an installed base consisting of roughly 3.000 installations worldwide. Our technology is used by nearly one third of all 2.5G and 3G mobile operators globally as well as by dozens of Fortune 500 companies that deem available, reliable, and efficiently managed networks a strategic asset. 7

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback