Upgrade your Microsoft DNS to BlueCat

Outgrown Microsoft DNS? BlueCat has all the features you need in an enterprise DDI solution. Better still, BlueCat has a proven migration process designed to minimize disruption to the network.

Is your Microsoft DNS at the breaking point?

Most organizations start off managing their Domain Name System (DNS) with a simple, out-of-the-box Microsoft DNS solution. For the number of DNS zones and DNS servers in most small networks, it probably works fine. It’s the default choice for Active Directory, so everything seems natural.

Yet there will inevitably come a time when the cost of free network infrastructure management is simply too high. Organizations scale, strategic initiatives introduce more complexity, and workloads grow. And then all of the downsides of a Microsoft DNS server infrastructure begin to show themselves.

Here are some indicators that you’ve outgrown Microsoft DNS:

High stakes IPAM spreadsheets

Juggling spreadsheets for IP address management is unwieldy and inefficient.

Error-related downtime

“Fat finger” changes to DNS records regularly bring down the network.

Configuration madness

Managing the wall of patches and configurations in Microsoft DNS is a full-time job. Not to mention that Microsoft DNS vulnerabilities can create real security risks.

Overwhelming DNS workload

Your team is falling behind on important initiatives because they’re stuck dealing with service tickets.

Symptoms of a system weighed down by Microsoft DNS

What are the symptoms of a system weighed down by Microsoft DNS issues? These charts detail some of the issues customers see when they might be ready to migrate away from Microsoft DNS.

Issues for DNS:
DNS IssueCaused ByImpact
Hidden zonesInconsistent query pathsTraveling users suffer a loss of access to important services
Delayed DNS zone synchronizationSetting up secondaries but failing to enable notifications for those secondariesSome internal locations or customers can see the modified/new record, and others are still receiving the wrong answer
Delegations reference missing glue recordsMisconfiguration, stale data, and decommissioned hardwareService outages caused by failure to update all instances of a delegation target
Stale DDNS host and PTR recordsMisconfigured, broken, or unused MS DNS scavenging and allowing company-wide DNS self-registrationVisual inspection becomes impossible because of a huge, cluttered list of stale DNS records
Issues for DHCP:
DHCP IssueCaused ByImpact
DHCP reservations with invalid MAC addressesBad data entryInaccurate IP address data; confusion as to why the device has the wrong IP address or it no longer exists
Fake DHCP reservationsManually misconfigured DHCP rangesInaccurate IP address data; inability to know if it’s safe to allocate the IP address
Unreachable gatewayBad data entryDHCP outages
Conflicting scopes between serversDHCP services moved without cleanup or creation of backup serverIP address conflicts caused by dueling DHCP servers; DHCP reservations and DHCP option changes don’t take effect or stop working; DHCP pool exhaustion
Issues for IP address management (IPAM):
IPAM IssueCaused ByImpact
Microsoft IPAM networks conflict with DHCP dataBad data entryMisconfiguration of routing tables; overlapping IP address space inaccessible by DHCP clients due to netmask errors
DNS data references unknown private networksNo single source of truth—each group or BU tracks networks in a different wayImpossible to properly provision networks and wasted IP space, network equipment, and under-utilized servers
Static and DHCP-reserved IP addresses within active DHCP scopesBad practice from Microsoft requirement in early versions of their DHCP serviceUnintentional reduction in DHCP pool size; increased risk of surprise DHCP pool exhaustion; risk of DHCP conflicts
Stale IPAM data and lack of input restrictionsLegacy networks from sold-off divisions or old work sitesUnnecessary purchase of additional network hardware; vulnerable services present on the production network

Put your DNS in order with a centralized, automated solution

BlueCat’s Adaptive DNS solutions for DNS, DHCP, and IPAM (DDI) create a solid foundation for your network infrastructure. Adaptive DNS eliminates the heavy workload and systemic risk that comes with using Microsoft DNS on complex global networks.

Single source of truth

Put all your DDI data into a single repository to eliminate errors and increase agility.

DNS firewall

Restrict access based on threat feeds and response policy zone (RPZ) rules.

DNS automation

Increase efficiency by automating standard management tasks.

Deploy everywhere

Put DNS and DHCP wherever you need them. Do so with appliances, virtual instances (VMware, KVM, HyperV), and public cloud (AWS, Azure, Google Cloud Platform).

Reporting and auditing

Capture information on users, DNS servers, deployments, and RPZ activity for easy audits.

Seamless DNS migration

Cleanse your data, ensuring nothing gets left behind.

Granular DNS traffic logs

Agent-less visibility into any device. Track originating IP, DNS queries and DNS response data, authoritative nameserver, query type, and protocol information. Do so for both internal and external DNS client queries.

Robust APIs

Integrate your existing systems using REST APIs.

Common concerns in a Microsoft DNS migration

We get it. Migrating your core infrastructure is inherently risky, and a big change to the DNS management system you’re probably used to. Here are some topics we regularly address with customers considering a switch from Microsoft DNS to BlueCat.

What about Active Directory?

BlueCat integrates seamlessly with any Active Directory infrastructure. Contrary to popular perception, Active Directory can use any DNS service, including BlueCat—it does not require Microsoft DNS.

Can we get by with an overlay?

So-called “overlay” solutions can help with visibility during the migration process. But they cannot address the architectural challenges inherent in Microsoft DNS. Only an enterprise approach to DNS can solve these problems definitively.

How do we minimize migration risk?

Any infrastructure change comes with inherent risk. BlueCat’s proven migration process cleanses and rationalizes your DNS data, ensuring a smooth transition.

How will this work in the cloud?

There are many ways to implement DNS in the cloud. BlueCat offers a wide variety of supported platforms and architectures.

Get in touch

Ready to upgrade your Microsoft DNS to BlueCat? Let us show you how.

We’re using cookies on this site to improve your experience. Cookies help us learn how you interact with our website, and remember you when you come back so we can tailor it to your interests.

You can find out more about cookies and usage on our privacy policy page.