Self-service automation tools for IT enterprises are an increasingly common antidote to shadow IT, costly human errors, and prolonged outages.
Adding IP address management (IPAM) to your self-service automation strategy can reduce those errors, resource drains, and outages even further. However, the importance of integrating IPAM into your network self-service delivery sometimes gets little more than a passing glance.
This post will examine two ways to elevate your IT self-service delivery. First, it will outline the importance of tying your enterprise’s IPAM solution to self-service. Then, it will explore fortifying your self-service by planning for automation collisions that can cause IP address over-allocation. Finally, it will highlight capabilities in BlueCat’s Gateway network automation platform that support both strategies.
The discussions of a group of IT professionals who are part of BlueCat’s open DNS expert conversation series inspired this post. All are welcome to join through the Network VIP community on Slack.
Step 1: Tie your IPAM into self-service delivery
A good self-service structure calls on all the right data and systems needed to execute against sound business logic.
With self-service, users can get what they need quickly, keeping them from seeking their own solutions. IT resources can focus on higher-level work instead of fulfilling rote requests. Network automation also significantly reduces manual errors and the risk of service disruptions.
Unfortunately, BlueCat often finds that enterprises’ self-service tools are fully disconnected from their IPAM solution. Look-ups to find an available IP address or server to assign still mostly occur in a manual fashion. That means expending valuable IT resources on basic admin tasks. Furthermore, it increases the risk of introducing human error.
Organizations that don’t automate IPAM as part of self-service delivery ought to. By doing so, they can free up network teams’ time and reduce the risk of mistakes that can lead to outages. And when outages do occur, they can resolve them much faster.
Step 2: Fortify self-service by planning for IP over-allocation
Even for organizations who automate IPAM for self-service, it’s not always smooth sailing.
A user might put in a ServiceNow ticket to, let’s say, create a host record. ServiceNow will then proceed and grab the next available IP address. But by the time that request is fulfilled and approved, that same IP address has been taken by another request.
With automation, you make processes a whole lot faster than if you did them manually. You might be able to handle dozens of requests simultaneously to execute hundreds of actions.
However, when you’re allocating or deallocating from a finite pool of resources like IP addresses, collisions between automation processes are much more likely to occur. Especially if you’re a large shop with thousands of users.
One participant provided a plausible large-enterprise example scenario from his experience.
“Sixty people could all go in and request servers at the same time. And it could be 200 servers that get built and allocated. And if they happen to be going into some combination of the same subnets…” the participant began. “Because automation is so fast, from the time that I identify which IP I’m going to do, somebody else has identified that same IP in a parallel process. And one of the two loses, depending on who gets there first for the actual grab.”
Consequently, it’s important for network teams to keep this in mind when implementing automation. Definitely factor it into resiliency planning.
Make IPAM automation more resilient with BlueCat
Automate IPAM for self-service with Gateway and the ServiceNow Plugin
BlueCat’s automation platform, Gateway, allows you to quickly create and customize DNS, DHCP, and IPAM workflows. Furthermore, it integrates with adjacent systems and technologies, like ServiceNow and VMware vRealize Orchestrator (vRO).
Learn about how to get started with Gateway and watch a quick demo here:
Our ServiceNow Adaptive Plugin for Gateway offers automation and self-service functionality through the ServiceNow user interface. With it, you can automatically add, modify, and delete host records, alias records, and IP addresses and allow end-users to make changes or validate configurations directly.
Get a quick demo of the plugin here:
Ease IP address over-allocation with BlueCat’s API
BlueCat’s API uses automation to address some of the conditions where IP-address over-allocation can occur. And Gateway makes it an especially easy platform for building and compiling these automation building blocks.
The “assign next available IP” API is especially helpful for easing IP over-allocation, even more so than “get next available IP”. When taking the “assign next available IP” action, the API immediately assigns the IP to the host record rather than just getting what is available. It avoids two people assigning the same IP if users make requests during the same timing window.
As a result, it ensures that the IP is actually yours. IP address assignment is consistent and only allocates exactly what a user requires.
Flailing in the cloud?
Seven in 10 enterprises struggle to realize the full value of their cloud investments. New research by Enterprise Management Associates explains why and how to change that.
DNS sinkhole: A tool to help thwart cyberattacks
A DNS sinkhole supplies a false domain name in response to a DNS query, preventing connections to malicious or unwanted domains. Learn more with BlueCat.
Four major DNS attack types and how to mitigate them
In a DNS attack, DNS is compromised or used as a vector. Learn about the different attack types and how to prevent, detect, and mitigate them with BlueCat.
Now customize all response codes in DNS Edge
The ability to customize all DNS response codes for BlueCat DNS Edge namespaces conditional forwarding provides even more network resilience. Learn more.
Sync ServiceNow tickets and IPAM with CMDB Plugin
With BlueCat’s ServiceNow Configuration Management Database, admins can break the silos between ServiceNow and IPAM to improve IT ticket fulfillment.