Network admins’ top 10 checklist for holiday prep

From syncing NTP to having readily accessible DNS maps, here are 10 things you can do to keep your networks reliable during the holiday lull.

However your celebrations might look this year, there are several things that you can do to ensure that your networks stay reliable during the holiday lull. Even if you’re just staying home, the last thing you want is for the network to go down and to unexpectedly get called back into work mode.

A small group of IT professionals who are part of our open DDI and DNS expert conversations recently discussed these tips. All are welcome to join the community conversation in Network VIP on Slack.

BlueCat’s network admin checklist for holiday preparedness

Below is BlueCat’s top 10 checklist for network admin holiday preparations to ensure everyone gets to enjoy their end-of-the-year festivities. System administrators deserve a break, too.

While most of these tips apply to all network configurations, some are specific to DNSSEC implementations and BlueCat customers. Something for everyone this holiday season!

  1. NTP synced. Make sure your systems are synced up on NTP. Keeping your NTP resilient avoids issues with certificates being rejected and preventing communication between systems because of time differentials.
  2. DNS zone transfers all working. Make sure your DNS zone transfers (or AXFRs) are all working after you make any server changes. With changes that affect AXFRs, it’s wise to give yourself enough time to ensure that everything is operating properly before the holiday exodus.
  3. Root/admin credentials accessible in the password vault. Make sure that the admins who are monitoring things over the holidays have access to your credentials as needed.
  4. Syslog target configured. Make sure that your security information and event management (SIEM) solution is well-fed, in case you need to see what happened if something does go wrong.
  5. SNMP collectors active and plotting. Make sure that your Simple Network Management Protocol (SNMP) collectors are running so you can stay on top of network monitoring.
  6. Backup of DNS mappings readily accessible. Make sure that you have documented your DNS mappings and have backups. Hardware failures are bad enough without difficulty restoring your configuration.

If you implement DNSSEC on your network:

  1. DNSSEC key signing keys not expiring. If you are using DNSSEC, make sure that your key signing keys won’t expire over the holidays.
  2. SOA serials synced for DNSSEC. If you are using DNSSEC and have delegations that require consistency, make sure that your serial numbers on all your start of authority (SOA) records for your DNS zones are synchronized.

If you are a BlueCat customer:

  1. Valid BAM license. For BlueCat customers, make sure your BlueCat Address Manager (BAM) licenses are valid and aren’t going to expire over the holidays.
  2. Valid BAM X.509 certificates. For BlueCat customers, make sure that your SSL certificates are valid, too.

Pay attention to planned maintenance

It’s also important to be aware of and understand any maintenance occurring over the holidays, especially if it might require intervention. Certainly, network teams like to take advantage of the quiet time during the holidays to get changes done. That’s all well and good, but make sure that you plan ahead to have all the people and skillsets available that you might need. And make sure you have a good backup plan, too.

Surely there are 50 more to add to this list. So, in the spirit giving, here’s one more:

Don’t forget to leave out the cookies for DNS Claus!

Published in:

An avatar of the author

Rebekah Taylor is a former journalist turned freelance writer and editor who has been translating technical speak into prose for more than two decades. Her first job in the early 2000s was at a small start-up called VMware. She holds degrees from Cornell University and Columbia University’s Graduate School of Journalism.

Related content

Detect anomalies and CVE risks with Infrastructure Assurance 8.4 

The Infrastructure Assurance 8.4 release features an anomaly detection engine for outliers and a CVE analysis engine to uncover device vulnerabilities.

Read more

Get fast, resilient, and flexible DDI management with Integrity 9.6

With Integrity 9.6, network admins can get support for new DNS record types, architect and configure multi-primary DNS, and automate IP assignments.

Read more

Deepen your security insight with Infrastructure Assurance 8.3

BlueCat Infrastructure Assurance 8.3, with an enhanced analytics dashboard, including interactive widgets and top 10 alerts, is now available.

Read more

Security, automation, cloud integration keys to DDI solution success

Only 40% of enterprises believe they are fully successful with their DDI solution. Learn how to find greater success with new research from EMA and BlueCat.

Read more

Our commitment to Micetro customers and product investment

From CEO Stephen Devito, a word on BlueCat’s ongoing commitment to supporting Micetro customers and Micetro’s evolution as a network management tool.

Read more

Seven reasons to rethink firewall monitoring and boost automation 

With BlueCat Infrastructure Assurance, you can better protect your network with automated alerts and suggested remedies for hidden issues in your firewalls.

Read more