How to talk to your boss about buying a DDI solution

You need a DNS, DHCP, and IPAM solution, but now you have to convince your boss of it, too. Learn more from BlueCat about how to broach the conversation.

Rebekah Taylor

November 4, 2021

You’re feeling ready to find an alternative to your free or otherwise DIY method to managing DNS, DHCP, and IP address management (together known as DDI). Good.

You might have even already done your homework and know what particular solution you want to buy to replace it with. Excellent!

Now you just have to convince your boss that he or she should feel the same way. Hard.

DDI can seem like a very small part of running a large enterprise. So it can feel awkward or daunting to start a conversation with management about the need to invest in a solution for it.

But let’s not forget that it’s critical (the internet can’t work without it, after all) and can simplify your network. So you deserve your moment to make your ask, too.

First, this post will discuss mapping your solution to business value as the key to getting your boss’s attention. Then it will lay out conversation starters that you can actually use. They cover four key areas that are priorities for many organizations: automation, resilience, embracing cloud, and reducing risk. Finally, it will touch on why BlueCat is offering up this advice in the first place.

The key to selling up: mapping to business value

Just asking to implement a DDI solution for its own sake probably isn’t going to win over your IT managers and executives. At this level, leaders are looking for what greater benefits a DDI solution can provide to bolster your organization’s strategic objectives. They might be looking to save money, cut resource consumption, find efficiencies, or increase capabilities and offerings.

Specifically, here are some questions management is likely to be looking for answers to in order to give their approval:

  • Will it save our organization money?
  • Does it reduce manning or physical resource requirements?
  • Does it provide more security over our existing solutions?
  • Will it better help us meet our service level agreements (SLAs)?
  • How does it help us move to the cloud?
  • Does it make it less likely that we’ll have embarrassing and costly outages?
  • Does it help us work or innovate faster to get ahead of the competition?

The list can go on. The point is that you should be armed with some substantive answers to explain not just why you need a DDI solution, but what benefits it will provide.

Thought bubbles for how to talk to your boss about buying a DDI solution

Conversation starters you can actually use

That said, it can be easier said than done to bring this up with the decision-makers.

Not sure what to say, exactly? Depending on what your organization’s priorities are, below are some specific conversation starters that BlueCat and its customers have actually used. Give them a try!

(And if you want to connect with others who have done it, join Network VIP, our Slack-based community for DNS professionals.)

Just looking for some ideas for a specific priority? Feel free to find just what you need.

Drive rapid change to innovate faster with automation

Increase the resilience of critical infrastructure

Embrace hybrid cloud

Leverage DNS data to reduce risk

Priority 1: Drive rapid change to innovate faster with automation

Many network teams struggle to keep up with DevOps and cloud teams’ pace of innovation. Automation helps. A lot. Depending on what your team’s unique struggles are, here are some conversation starters for the benefits that a DDI solution can provide to automation.

Too many manual network changes:

“We can’t ever get ahead of the stream of DDI-related manual changes that are driving up our support costs to meet SLAs. We need automated DDI provisioning, but our current solution doesn’t support that. Our admins can spend more time on strategic work instead and avoid the manual errors that have caused some outages. I know of a tool; what do you think?”

DevOps and cloud teams turning to shadow IT:

“DevOps/cloud teams want to stand up cloud computing faster than we can keep up with, so they’re resorting to setting up their own configurations. We need to implement self-service options for DDI. We could automate to give them the speed they need and avoid shadow IT. What do you think about a tool that could help us do that?”

Unable to meet network SLAs:

“Our application development teams can’t meet SLAs for delivery of compute. We need to automate our network processes with workflows and APIs. If we have some automation, we would help app development innovate more quickly and better meet SLAs. If you’re open to it, I have found a tool that can help us.”

Priority 2: Increase the resilience of critical infrastructure

A centrally managed DDI solution can significantly increase the resilience of your core network infrastructure and keep downtime at bay. Depending on what you’re team’s particular resiliency vulnerabilities are, here are some conversation starters about the benefits of a DDI solution.

Unpredictable downtime:

Configuration errors are causing us unscheduled and unpredictable network downtime. We need a platform to give us central management and visibility into our DDI. We’ll increase service reliability and avoid the lost productivity and revenue that these DNS outages cause. I know of a tool; what do you think?

Difficulty meeting and maintaining compliance:

We’re getting fines and penalties because we’re not staying compliant. We need to centrally manage our DDI and have more visibility into all our core network activity. We’ll better be able to ensure our network infrastructure is staying compliant and ready for an audit. I know of a platform that can help us; want to hear more?

Single point of failure:

It’s just me and my very small team who hold all the knowledge in our heads about how our core DDI infrastructure works. We need a platform that anyone on the network team can use to see and manage our DDI while following our governance model. We’ll eliminate the risk of a single point of failure. If you’re open to it, I have found a tool that can do that.”

Multiple points of failure:

We’re managing DDI with a bunch of different tools that all use different terms and even different programming languages. We need one central platform to track and manage our entire DDI infrastructure. If we do have an outage, it would make troubleshooting and recovery much faster. What do you think about a tool that could help us do that?”

Priority 3: Embrace hybrid cloud

Integrating cloud computing with on-premises network infrastructure presents real challenges for DNS management. Depending on what you’re struggling with, here are some conversation starters about the benefits of a DDI solution for hybrid and multi-cloud environments.

Lack of visibility into cloud DNS:

“We’ve been having issues with IP address overlap between cloud and on-premises. We can’t see what’s happening with DNS in the cloud and need more centralized visibility into our IP address management. It would help us to avoid overlap and the resulting outages we’ve been having. I know of a tool; what do you think?”

Complex DNS forwarding rules:

“We have a rat’s nest of complex DNS forwarding rules that are slowing down service delivery. We need to control forwarding with one tool, cut back on our rules, and be smarter about how we forward. It would help us to avoid latency and service disruptions. What do you think about a tool that could help us do that?”

Lack of control over IP space and DNS records:

“It’s tough to track, deploy, and make changes to all our DNS records both on-premises and in the cloud. We need more centralized record management. It would help us to get a better handle on our DNS records and deploy them quickly and without mistakes. If you’re open to it, I have found a tool that can do that.”

Inability to automate and orchestrate rapid change:

It’s hard to automate DDI with our on-premises and cloud silos, especially when we have bad data. We need a single source of truth for DDI. And we need to adopt an infrastructure-as-code approach so we can use applications and plug-ins. We’d be able to automate much faster and even automate DDI ticket fulfillment. I know of a platform that can help us; want to hear more?”

Priority 4: Leverage DNS data to reduce risk

Your DNS query and response logs can help inform you about what’s happening on your network. With a protective DNS approach, you can analyze those queries and responses and mitigate or block connections to malicious domains. Depending on where your team is at, here are some potential conversation starters about how a DDI solution can help.

Time-consuming and cumbersome DNS data compilation for security teams

When security teams need to collect and analyze our DNS data, it’s time-consuming and cumbersome for them. We need real-time and centralized access to DNS query and response data on our network. It would make breach detection and remediation go a lot faster. I know of a tool; what do you think?”

Lack of visibility into DNS traffic

Our DNS traffic can give us clues about anything suspicious happening on our network, but we lack full visibility. We need a complete picture of both internal and external network traffic that we could integrate with our SIEM. It would make it much easier and faster to detect anomalies and put a stop to them. I know of a platform that can help us; want to hear more?”

Inconsistent blocking of malicious traffic

Threats creep into our network because we can’t keep up with blocking them. We need a tool to easily apply DNS-based security policies to block known malicious queries when they happen. We can configure and deploy these policies across our network to better ward off all the threats. What do you think about a tool that could help us do that?”

Why we are sharing this advice

Trying to get management to seriously consider a change you know you need is hard—but critical.

Even if you don’t think the time is right just yet, this information should give you the confidence to broach the subject with your boss when you’re ready.

BlueCat works with all sorts of organizations to help them understand and articulate why a DDI solution would be right for them.

Contact us and we’ll suggest even more conversation starters that would work best for you.

And when you do bring your boss on board and you’re ready to consider investing in BlueCat, we’re ready to respond.

PS: If you’re looking for guidance on what questions to ask a potential DDI vendor or how to budget for a DDI solution, we’ve got some suggestions for that, too.

Published in:

An avatar of the author

Rebekah Taylor is a former journalist turned freelance writer and editor who has been translating technical speak into prose for more than two decades. Her first job in the early 2000s was at a small start-up called VMware. She holds degrees from Cornell University and Columbia University’s Graduate School of Journalism.

Related content

Detect anomalies and CVE risks with Infrastructure Assurance 8.4 

The Infrastructure Assurance 8.4 release features an anomaly detection engine for outliers and a CVE analysis engine to uncover device vulnerabilities.

Read more

Get fast, resilient, and flexible DDI management with Integrity 9.6

With Integrity 9.6, network admins can get support for new DNS record types, architect and configure multi-primary DNS, and automate IP assignments.

Read more

Deepen your security insight with Infrastructure Assurance 8.3

BlueCat Infrastructure Assurance 8.3, with an enhanced analytics dashboard, including interactive widgets and top 10 alerts, is now available.

Read more

Security, automation, cloud integration keys to DDI solution success

Only 40% of enterprises believe they are fully successful with their DDI solution. Learn how to find greater success with new research from EMA and BlueCat.

Read more

Our commitment to Micetro customers and product investment

From CEO Stephen Devito, a word on BlueCat’s ongoing commitment to supporting Micetro customers and Micetro’s evolution as a network management tool.

Read more

Seven reasons to rethink firewall monitoring and boost automation 

With BlueCat Infrastructure Assurance, you can better protect your network with automated alerts and suggested remedies for hidden issues in your firewalls.

Read more