DNS as the Foundation of Shared Services

Many large-scale IT organizations are moving to a shared services model, where a single office is responsible for delivering baseline technology to the entire organization.  This model is gaining particular traction in the government, where Federal and State agencies are insourcing the procurement and delivery of IT services to offices which manage underlying infrastructure for the entire organization.

Cost is the prime driver of shared services models.  Rather than maintain redundant stovepipes, it makes sense to consolidate the personnel, procurement, and product costs into a single organization.  Efficiency is another key consideration.  Most core IT functions can be managed with greater economies of scale from a single point.  Standardization is a common motivation behind shared services models as well – with a single set of tools, collaboration between organizational units generally follows.

At BlueCat, we’ve found that DNS is not only a key foundation of shared IT services, but also delivers the functionality which makes those shared services thrive.

As a general rule, shared IT services require centrally managed DNS.  By definition, the scale and complexity of a shared services architecture makes decentralized DNS unwieldy and difficult to manage.  Keeping multiple “points of truth” for DNS is just asking for trouble in the form of error-driven network outages which can be time-consuming to solve.

Centralized DNS provides the “single pane of glass” approach that most network administrators need to effectively manage day-to-day DNS requirements in a large, complex organization.  It’s not just about efficiency; it’s also about managing risk.  Ensuring that everyone in the shared services shop knows the lay of the land is critical to minimizing mistakes that can lead to cascading network outages.

Centrally managed DNS allows shared service providers to deliver the functionality that users across the enterprise demand:

  • Centralized DNS is essential for automation and DevOps, providing the self-service provisioning of IP space which many applications require. If organizations are looking to take full advantage of automation, waiting for a human to provision IP space isn’t an option.
  • Management of cloud assets and compute often depends on centralized DNS as well. Particularly in a multi-cloud or hybrid cloud environment, shared services providers want to direct DNS resources at the enterprise level, not in separate instances for separate cloud resources and on-prem environments.
  • In cases where shared services are merely an option, we’ve found that centralized, automated DNS produces the reliability of core network services which drives adoption of shared services across the enterprise. This is particularly important in organizations where shared services are optional – offices and agencies will want to know that what they’re moving to is going to be more stable and offer better functionality than what they already have.
  • Compliance can be tricky when everyone in an organization does their own thing. With a shared services model, centralized DNS can deliver a compliant network that adheres to standard requirements such as DNSSEC, failover capabilities, and network segmentation.

Want to learn more about how centralized, automated DNS can provide value to the core network functions in a shared services model?  Learn more here.


Published in:


An avatar of the author

BlueCat provides core services and solutions that help our customers and their teams deliver change-ready networks. With BlueCat, organizations can build reliable, secure, and agile mission-critical networks that can support transformation initiatives such as cloud adoption and automation. BlueCat’s growing portfolio includes services and solutions for automated and unified DDI management, network security, multicloud management, and network observability and health.

Related content

Article

Network Device Configuration Standardization – Thoughts on Ethan Banks’ post

Ethan Banks has an interesting newsletter called The Hot Aisle. Worth following if you’re not familiar with it, basically the thoughts of a very…

Read more
Article

Gold Standard Configuration for Network Devices

  Network and security teams in large enterprises spend quite a bit of time defining their “Gold Standard Configuration” for network…

Read more
Article

Comparing Check Point’s SmartEvent and SmartReporter vs indeni

Check Point’s SmartEvent and SmartReporter blades have made quite some progress over the last two years. The database used for collecting log data has…

Read more
Article

NERC Compliance Best Practices for Critical Infrastructure Protection (CIP) v5

We have a number of US-based energy grid operators that are leveraging indeni’s capabilities to meet the NERC CIP v5 requirements, that are soon to be…

Read more
Article

Vulnerabilities from SWEET32 in F5 Load Balancers Reveal

How to Mitigate Vulnerabilities from SWEET32 in F5 Load Balancers The SWEET32 vulnerability is targeting long lived SSL sessions using Triple DES in CBC…

Read more
Article

Check Point Hardware Diagnostic Tool for Hardware and OS

Check Point Firewalls Diagnostic Tool Below are samples of hidden issues that maybe lurking in your network environment. Keep the clocks in sync…

Read more