You need DNSBOX if:
- Your DNS, DHCP and IP Address Management (DDI) admin takes a lot of time and effort
- You want more control over your IP address space usage
- You want to ensure these core network services are secure and available
DNSBOX is a range of DDI appliances – with a variety of different models for different tasks – combining the benefits of enterprise-class DDI management software with the security, reliability and ease-of-use of the appliance format.
DNSBOX customers come in all shapes and sizes: Global 100, governments/public sector, service providers and SMEs around the world use DNSBOX because it makes DDI much easier, saves money and means they have less to worry about.
These customers’ needs vary:
- Many are looking for an end-to-end fully integrated DDI solution
- Others are looking to solve a narrower issue:
- maybe only one of DNS, DHCP or IPAM
- maybe just to fix a local DNS or DHCP server issue in a specific location
Whatever their needs, customers choose DNSBOX because, compared with alternatives, it is:
- Simpler – saving time and money on deployment, training and administration
- Rock-solid – making your DDI more secure, reliable and robust
- More flexible – with options to better fit each user’s specific requirement
- Comes with outstanding service – to make your life easier
- More affordable – saving on capex
Eliminate DNS Management Headaches
Using tools like BIND or Windows DNS in growing networks can quickly make DNS workload unmanageable. Larger networks can involve many man-years simply administering DNS. A lot of this could be saved with better tools:
Administering DNS is complex, repetitive and time-consuming:
- Editing DNS records involves inefficient workflows – with lots of repetition and copying – and errors are easy to make. The data is not human-friendly.
- Now DNSSEC and IPv6 are creating even more work and complexity.
- Controlling, maintaining and administering multiple linked DNS servers individually creates more inefficiency.
Controlling DNS data and enforcing administrative procedures is challenging. It’s difficult to:
- See the big picture or navigate around the data
- Share the work among multiple administrators without tools for controlling delegated editing rights or viewing history
- Ensure DNS records are set up in line with any overall plan for use of IP address space
Protecting your core DNS services from security threats and service failures:
- DNS is a top security target. BIND and Windows DNS are vulnerable to intrusion, DoS attacks and cache poisoning, with new vulnerabilities often emerging
- Configuration is error-prone: a single mistyped character could bring down your entire network, with disastrous business consequences
- A DNS server failure could be caused by application or operating system software, hardware or operator error. Robust DNS architectures need redundancy, which itself is complicated to get right
DDI appliances overcome these issues by simplifying DNS administration, giving you more control over your DNS systems, and protecting your DNS service from attack or failure.
Managing DNS Data
DDI solutions like DNSBOX make editing DNS data much easier than editing configuration files directly. Tasks which take many steps in BIND are automated, saving time and minimizing errors.
For example, adding a zone in BIND takes 10-20 minutes, while the same task takes < 30s on DNSBOX.
Configuring multiple remote DNS slaves
Copying zone data from a master to slaves is hard work. If you’re managing a number of slaves across multiple locations configuring one server at a time can quickly turn into a major headache. DDI solutions automate synchronization, enabling you to configure all the slaves from a single web-based interface.
Gain better control over your data
- Make DNS data entry more disciplined through forms and automation tools
- Share pre-populated templates with other users
- Make advanced DNS configurations accurate and error-free using validation tools
Share workload in a controlled way
- Assign permissions to view and edit specific data to individuals or groups of people
- Audit trails to log who made which changes and when
Increase visibility with audits and reports
- Easier to see and navigate through – be more disciplined and consistent in the way you name and number
- Reports on historical and real-time activity levels of remote DNS servers – control performance and DNS query traffic
Enhanced reliability & redundancy
Having your network grind to a halt because your only DNS server has gone offline is a nightmare scenario for most organizations. Validating data entries dramatically reduces the risk of entering incorrect DNS data and so ensures the stability of DNS is never compromised. DDI solutions offer software security features like DNSSEC to protect against security threats such as cache poisoning. Introducing options such as failover units and clustering to your existing architecture can address issues with hardware failure.
These additional layers of redundancy ensure business critical core network services are always available.
Reliable DHCP Management
Whether you are using ISC DHCP or Windows, deploying and managing a DHCP service comes with its own set of headaches:
- Initial DHCP setup requires in-depth configuration expertise and detailed knowledge
- Updating DHCP configurations is time-consuming & error prone
- The impact of misconfiguration is high – a typo could bring down your network
- Poor visibility of current IP address usage and historic lease data
- Difficulties implementing redundancy and maintaining an ‘always on’ DHCP service – particularly during server maintenance and upgrades
Whether you’re an enterprise with large IP phone deployments or BYOD schemes to manage or an ISP that needs to dynamically assign addresses to customer routers, a dedicated DHCP appliance can help. It will simplify day-to-day administration, improve visibility & control of IP usage and provide a high level of resilience and availability:
Easier to deploy and use
- Automation tools reduce initial and ongoing configuration overhead – it takes hours to manually setup dynamic DNS and 2 minutes with a DDI tool
- A good user interface directs users to perform data editing in clear, logical steps making administration intuitive
Clear, accurate visibility of your IP address allocation enabling you to implement a plan that caters for devices leaving and joining the network effectively
- DDI solutions like DNSBOX give you aggregated visibility of distributed DHCP servers from a centralized interface
Ensuring maximum availability of this critical network service
- Simplified configuration of synchronized failover servers
- Validation tools can eliminate configuration errors
- Some appliance solutions like DNSBOX feature minimal downtime upgrade mechanisms
Planning your IP Address Space
Planning, tracking and managing IP address usage is a complex, time consuming job.
Many network managers get by without dedicated management software, choosing instead to create complex spreadsheets or databases. But such tools are not good enough:
- You need to manually edit information on IP addresses. This is tedious and error-prone.
- You have to constantly update your plan to reflect any changes to your network.
- You might plan to allocate an IP to one device and end up allocating it to another.
- It’s difficult to determine which IP addresses are in use.
- IP address conflicts can stop devices from working, or in rare events cause a server outage.
- Processes for managing IP addresses and domain names are carried out on separate systems, leading to data inconsistencies.
- It is difficult to control who can edit what and put workflows in place.
- Only one person can safely work on IPAM data at a time and the risk of data loss is high.
- Reporting is often nothing more than “cutting and pasting” long lists of IP addresses.
A DDI solution like DNSBOX makes your IPAM easier through better planning and control.
Organize your IP address space
Using a purpose built IPAM tool is much easier than modifying data in a spreadsheet.
You can divide your address space into a hierarchy of blocks and sub-blocks/subnets, define them as either available for use or reserved, add fields/tags, search for specific records and even modify all data objects matching specific conditions.
Dynamically detect new devices
With options such as subnet scanning, you can automatically detect and add any new devices.
Automate address calculation
An IPAM application simplifies the process of calculating available IPs and eliminates the risk of address conflict by automatically identifying available blocks and addresses for you.
Create a Single, Synchronized System
A key advantage of DDI solutions is the integration of the IP address plan data with the live actual data held in DNS and DHCP servers. Deploying a ‘joined-up’ DDI solution addresses key problems with using separate tools which are only linked, if at all, through manual effort:
- The cost of “fragmentation” is inefficiency and complexity
- Inconsistencies are likely between the live data and your plan: someone will set DNS or DHCP values which conflict with the plan for IP address space usage
- If this task is shared between people in different parts of the organization, maybe in different parts of the world, it creates additional work
- You can’t get visibility of your network to allow you to oversee the provisioning of IP addresses, manage address reservation and detect new devices
An integrated DDI solution allows large, complex data to be automatically synchronized between services and viewed in real time from a single interface. This gives you full visibility and control of your core IP services, saving you time and money.
Drastically reduce your workload
An integrated DDI solution is much more efficient.
- A single intelligent software application takes care of both your IP address plan and your live DNS and DHCP data.
- Instead of 2 or more separate data sets, there is a single consistent data set. The ‘plan’ is always in line with the ‘actuals’. In effect, you see two different views of the same data, depending on what task you are doing.
- The time spent checking and reconciling actual DNS and DHCP values against a separate planning tool is saved.
- You can also save time managing all your connected DDI servers within a consistent single software application.
Control your names and numbers
The idea of having an IP address plan in the first place, is to achieve control over your IP address space.
The IP address plan provides a framework for managing your DNS and DHCP. Because these are automatically mapped against the plan, you will achieve more discipline and control in the organization of your DNS and DHCP.
Control the work
Having a single, shared application – which could be shared by administrators around a whole global organisation – means that the sharing of the workload is much more controlled. Your organisation can design appropriate workflows, defining who does what.
Eliminate configuration errors across DDI services
Because you are now working with a single application and a single dataset, in a more controlled environment, you can expect the level of admin errors to be much reduced.