Many large-scale IT organizations are moving to a shared services model, where a single office is responsible for delivering baseline technology to the entire organization. This model is gaining particular traction in the government, where Federal and State agencies are insourcing the procurement and delivery of IT services to offices which manage underlying infrastructure for the entire organization.
Cost is the prime driver of shared services models. Rather than maintain redundant stovepipes, it makes sense to consolidate the personnel, procurement, and product costs into a single organization. Efficiency is another key consideration. Most core IT functions can be managed with greater economies of scale from a single point. Standardization is a common motivation behind shared services models as well – with a single set of tools, collaboration between organizational units generally follows.
At BlueCat, we’ve found that DNS is not only a key foundation of shared IT services, but also delivers the functionality which makes those shared services thrive.
As a general rule, shared IT services require centrally managed DNS. By definition, the scale and complexity of a shared services architecture makes decentralized DNS unwieldy and difficult to manage. Keeping multiple “points of truth” for DNS is just asking for trouble in the form of error-driven network outages which can be time-consuming to solve.
Centralized DNS provides the “single pane of glass” approach that most network administrators need to effectively manage day-to-day DNS requirements in a large, complex organization. It’s not just about efficiency; it’s also about managing risk. Ensuring that everyone in the shared services shop knows the lay of the land is critical to minimizing mistakes that can lead to cascading network outages.
Centrally managed DNS allows shared service providers to deliver the functionality that users across the enterprise demand:
- Centralized DNS is essential for automation and DevOps, providing the self-service provisioning of IP space which many applications require. If organizations are looking to take full advantage of automation, waiting for a human to provision IP space isn’t an option.
- Management of cloud assets and compute often depends on centralized DNS as well. Particularly in a multi-cloud or hybrid cloud environment, shared services providers want to direct DNS resources at the enterprise level, not in separate instances for separate cloud resources and on-prem environments.
- In cases where shared services are merely an option, we’ve found that centralized, automated DNS produces the reliability of core network services which drives adoption of shared services across the enterprise. This is particularly important in organizations where shared services are optional – offices and agencies will want to know that what they’re moving to is going to be more stable and offer better functionality than what they already have.
- Compliance can be tricky when everyone in an organization does their own thing. With a shared services model, centralized DNS can deliver a compliant network that adheres to standard requirements such as DNSSEC, failover capabilities, and network segmentation.
Want to learn more about how centralized, automated DNS can provide value to the core network functions in a shared services model? Learn more here.
Critical conversations on critical infrastructure
Find out how your peers are managing their networks through profound change. Watch this series of live interactive discussions with IT pros & join the debate in Slack.
Temporary workaround for SAD DNS
Ahead of Linux’s patch taking effect, BlueCat Labs has a temporary workaround for protecting against the revived Kaminsky DNS cache poisoning attack.
IT pros debate: Should you DIY your DDI?
Five IT pros get real about DIY vs. enterprise DNS solutions during the second Critical Conversation on Critical Infrastructure hosted in Network VIP.
How to Configure DHCP Failover
The DHCP failover protocol provides a method for two DHCP servers to communicate with each other.
How to configure Crossover High Availability (XHA)
In this demo, learn how to configure an XHA pair in BlueCat Integrity.