Case Study: Hochschule Ostwestfalen-Lippe University
Located in North-Rhine Westphalia (NRW), western Germany, the Hochschule Ostwestfalen-Lippe – University of Applied Sciences (www.hs-owl.de), or HS-OWL, has three campuses in the cities of Lemgo, Detmold and Höxter.
THE CHALLENGE
Located in North-Rhine Westphalia (NRW), western Germany, the Hochschule Ostwestfalen-Lippe – University of Applied Sciences (www.hs-owl.de), or HS-OWL, has three campuses in the cities of Lemgo, Detmold and Höxter. The university’s strong technological and scientific departments are complemented by other courses of study including ecology, sociology, economics, design and language instruction. HS-OWL’s network environment including routing, switching, telephony and wireless runs on Cisco.
“We have a limited IPv4 address space, so the ability to effectively manage that address space is important,” explains Martin Hierling, Dipl.-Ing., Hochschule Ostwestfalen-Lippe. “We used an open source tool to document our IP addresses and networks; however, there was no integration between this tool and our DNS and DHCP core network services. We used a combination of BIND, Windows DNS and ISC DHCP, and the management and maintenance of all these separate tools was very time-consuming for our IT staff.
“The lack of integration also increased the risk of a network configuration error causing an outage that would directly impact our students, faculty and staff.”
HS-OWL’s network encompasses about 10,000 active IP addresses on campus, and serves the needs of some 6,000 students and 600 staff. The DNS, DHCP and IP Address Management (IPAM) solution selected would have to be scalable to support network growth.
It would also have to include a flexible API to enable integration with the university’s existing in-house and custom-built network management tools.
THE SOLUTION
HS-OWL began to look for a solution that would introduce automation, IP Address Management (IPAM) and effective permission management to its network. After carefully evaluating several solutions including from other DDI vendors, HS-OWL selected BlueCat because of the flexibility and extensibility of the BlueCat Address Manager IPAM solution (formerly Proteus).
“We thoroughly tested the BlueCat IPAM solution over the Web and found it to be a very flexible solution that met all of our requirements,” says Martin Hierling. “The BlueCat sales team in Germany provided access to a BlueCat Address Manager server sitting in the cloud where we could test our entire requirements list. Product functionality aside, we much preferred working with the BlueCat team, and found them to be the most responsive vendor by far. From initial contact through to proof of concept, BlueCat Germany supported us the entire way.”
“Each network change simply takes much less time with BlueCat. Instead of multiple people making multiple changes in multiple places, we can now have one person making one change in BlueCat [Address Manager] which automatically updates our DNS and DHCP servers. The ability to centrally view and manage ‘everything IP’ using BlueCat has resulted in huge time and cost savings.”Martin Hierling, Dipl.-Ing., Hochschule Ostwestfalen-Lippe
In terms of BlueCat’s technological strengths, HS-OWL was impressed with the solution architecture, which separates management from core services delivery.
“With a dedicated management server and separate DNS/DHCP servers, we could integrate all of our workflows into the BlueCat IPAM server without affecting our core network services,” says Hierling.
“Redundancy and management of the BlueCat DNS/DHCP Servers (formerly Adonis) was also very nice. With BlueCat, the addition or replacement of DNS/DHCP servers is literally plug and play. All settings are centrally stored in the BlueCat Address Manager, so in the event that a remote server fails, it’s simply a matter of configuring the IP address on the new server and then pushing the configuration out from BlueCat Address Manager. Update management and patching is also a big plus, since everything is handled centrally from BlueCat Address Manager.”
HS-OWL preferred the BlueCat Web GUI over all other IPAM vendors, finding it straightforward and intuitive, which made it effortless to train the university’s support staff on using it. In addition, the Web services API enabled HS-OWL to integrate the BlueCat Address Manager server with other network tools and introduce further network automation.
“BlueCat also offered us a five-year support contract which meant they would stand by their hardware and infrastructure over the long-term,” adds Hierling. “This level of support commitment was not available with some of the competition.”
THE IMPLEMENTATION
“BlueCat Professional Services was exceptional during the product rollout. There were no issues that Professional Services could not quickly resolve and additionally we were able to find solutions to some long-standing issues with the previous infrastructure.”Martin Hierling, Dipl.-Ing., Hochschule Ostwestfalen-Lippe
The migration of HS-OWL’s entire DNS, DHCP and IPAM infrastructure to BlueCat was completed in just three days with the on-site assistance of a BlueCat engineer. Not only did HS-OWL migrate its IP Plan database and eight BIND DHCP servers in that short time, but the university was also able to hold a staff workshop with BlueCat to ensure effective knowledge transfer. “BlueCat Professional Services was exceptional during the product rollout,” says Hierling. “There were no issues that Professional Services could not quickly resolve and additionally we were able to find solutions to some long-standing issues with the previous infrastructure. Engaging BlueCat Professional Services to perform our migration was a definite advantage that helped us get up and running very quickly.”
THE RESULTS
Now that HS-OWL has a centralized repository for all IP information within the BlueCat Address Manager, and IPAM is tightly integrated with DNS and DHCP, the university is able to save a significant amount of administration time and effort.
“Each network change simply takes much less time with BlueCat,” explains Hierling. “Instead of multiple people making multiple changes in multiple places, we can now have one person making one change in BlueCat [Address Manager] which automatically updates our DNS and DHCP servers. The ability to centrally view and manage everything IP using BlueCat has resulted in huge time and cost savings.”
BlueCat Address Manager also performs Layer 2 and Layer 3 network discovery, which complements HS-OWL’s IPAM information by appending additional data such as switch port data to the IP address.
“Network discovery was not included in the product when we originally purchased it five years ago,” notes Hierling, “but BlueCat regularly introduces new features and functionality in its releases that are simply available to us via our maintenance contract and a software upgrade. This is in stark contrast to our previous open source IPAM tool, which was limited in functionality and upgraded very infrequently.”
THE FUTURE
Even with better IP Address Management, HS-OWL is still gradually running out of IPv4 space.
“We will likely introduce some degree of NAT in order to make the most of our IPv4 address space, but at the same time, we are implementing IPv6 when and where we can,” says Hierling. “BlueCat has the ability to manage IPv4 and IPv6 networks, and we have already used BlueCat Address Manager to help with our IPv6 planning and to manage a few IPv6 networks and address spaces. We also expect to introduce DHCPv6 in some test networks in the near future.”
“The BlueCat infrastructure has been running rock solid for five years now and we look forward to renewing the infrastructure for at least another 5 years,” Hierling concludes. “Currently, we are re-architecting our BlueCat infrastructure and will likely implement a BlueCat Address Manager virtual server and centralize some of the DNS/DHCP services going forward. We have absolutely no qualms about recommending BlueCat to other organizations and, in fact, we have hosted workshops for other universities in Germany on how we use the BlueCat system for DNS, DHCP and IPAM.”