So you’re looking to invest in an enterprise DDI solution. [If you’re wondering, “what is DDI“, we’re talking about DNS, DHCP and IP Address Management (IPAM).] Whether approaching network management for the first time or looking at alternative solutions, these are 5 important questions you should ask about a DDI management solution.
1. Does the DDI solution limit the number of objects that each system can manage?
When it comes to DDI, a lack of scalability can have real costs. Some DDI solutions place numerical limits your ability to manage IP addresses or objects you can manage per virtual or physical appliance, meaning you may need to upgrade sooner than you planned. Artificial object limits penalize customers for growth. With these hard limits, implementing new capabilities like IPv6 or DNSSEC down the road may require you to re-architect your DDI solution. Look for a solution that allows you to adapt to change and scale up without changing the architecture or requiring forced upgrades. Ask the vendor what the impact of adding IPv6 and/or DNSSEC is on the capacity of the system, and how many objects are counted for each registered DHCP lease.
2. Will you own your IPAM software perpetually?
If you buy it, you own it, right? With some vendors, it isn’t quite that simple. Look carefully at the vendor’s sales, maintenance and refresh policies and read the fine print to understand exactly how much it will cost you to stay current. With some DDI solutions, software updates may force you to pay to upgrade your hardware prematurely. If customers want the latest functionality, they must upgrade their virtual or physical infrastructure.
It may be disguised with discounts or rebates, but when your appliance has an artificial expiry date, you’re paying more than you need to – you might even argue that you’re being forced to rebuy the software you already own. Look for a DDI vendor that stands behind its products with a public end of life policy and warranty that guarantees you at least 3 to 5 years of software support, so the hardware you buy today isn’t obsolete tomorrow.
Multi-version support is also important. Will every new version of the DNS, DHCP and IPAM software work across all virtual and physical appliances under support without exception? You want a DDI architecture that allows older and new servers to coexist, so you can build on your investment without having to make disruptive and costly global infrastructure upgrades.
3. Will the solution provider commit to a 5-year cost summary?
When you’re making a multi-year DDI investment, you have every right to expect that the vendor will be transparent about the costs involved. You need to know up-front that the solution will enable you to grow your network and your business at a predictable cost. Ask the DDI vendor to provide a detailed 5-year cost summary at the time of quote that includes the cost and dates for refreshing end-of-life hardware. If they can’t, it’s time to start asking even harder questions (e.g. please refer to question #2 above).
4. How easy will it be to expand the footprint of the DDI solution?
Business demands are unpredictable. Adding additional locations for DNS or DHCP services shouldn’t require re-architecting your environment. Look for a DDI solution with a flexible architecture that allows you to instantly add core network services so you can grow your network incrementally and infinitely without having to start again from scratch. Look for a solution that is architected with a separation of management and core services delivery, so that new core services can be quickly and easily added wherever they are needed with no changes to the management layer. This architecture has the added benefit of minimizing network traffic because there’s no need for constant server communication.
5. How will the vendor handle the migration to their solution?
Swapping out a business-critical DDI infrastructure takes careful planning. To avoid business disruption and ensure a smooth migration, your DDI vendor should have demonstrated expertise in services management in a migration context. They’ll also need the migration tools, methodology, and best practices to get your system up and running correctly from the start. Your migration process should maintain data integrity and transparency, update legacy data, remove and clean up inconsistencies and normalize data structures before going live to ensure a smooth deployment. Ask your vendor for customer migration references and make sure you understand their approach to ensure that the migration can be done in a safe and controlled manner with zero impact on your day-to-day business operations.
Critical conversations on critical infrastructure
Find out how your peers are managing their networks through profound change. Watch this series of live interactive discussions with IT pros & join the debate in Slack.
9 tech leaders’ advice on running a technology organization (part 2)
A compilation of 8 tech leaders’ (+ BlueCat CSO Andrew Wertkin) advice on driving innovation and achieving overall success as a tech organization.
9 tech leaders’ advice on sustaining business alignment (part 1)
Now that Season 1 of the popular podcast Network Disrupted has wrapped, it’s time to parse insights from the show and share them with you.
Temporary workaround for SAD DNS
Ahead of Linux’s patch taking effect, BlueCat Labs has a temporary workaround for protecting against the revived Kaminsky DNS cache poisoning attack.
IT pros debate: Should you DIY your DDI?
Five IT pros get real about DIY vs. enterprise DNS solutions during the second Critical Conversation on Critical Infrastructure hosted in Network VIP.