As it’s now the fourth Friday of September, I have the pleasure of announcing the fourth and the last winner in our series of September draws:

Congratulations to Lei from China! We’ll contact you with further details next week.

Over the last few months, we have been doing quite a lot of consultancy work for large enterprises looking to rationalize their existing DNS and IP address management processes. As many of our readers know, these tend to be network environments that consist of a large number of Windows-based DNS and Active Directory services, and a humble Excel spreadsheet that is used to manage the allocation of the corporate name and address space.

While there are certainly some pragmatic considerations that have made this approach as popular as it is, it doesn’t come without its downsides. Namely, the spreadsheets are often out-of-synch with the reality and the good-old AAA (authorization, authentication, accounting) part of the equation is completely missing. Not to mention that there’s no process automations because… Hmmm… Let’s see… Well, because these Microsoft products have very little built-in intelligence in them. No offence to Redmond.

Now, although there are companies out there who claim it would be a good idea to chuck the existing Windows servers out of the window and introduce a utility-grade-core-network-service-grid beast of a system to one’s network, at Nixu Software we doubt that’s really very clever. Being the simple-minded engineers we are, we’d rather think it would make better sense to simply leave the workstation networks running Microsoft ADs and Microsoft DNS servers as they are (if it works, don’t fix it!) and simply install a single server on top of the existing authoritative DNS servers to manage the whole name and address space from a single place (this seems like an idea that’s also gradually dawning on the grid folks but that’s a different story altogether).

To quote one of our consultants:

“All IP address allocations and the management of CORPORATE X’s name and IP address space will be managed centrally using Nixu NameSurfer Suite, which includes a built-in SQL database used as a central repository for all related data. By utilizing the web-user interface and the hierarchical user groups functionality provided by the solution, CORPORATE X will be able to keep accurate track of the usage of its name and address space in real-time, and to distribute related day-to-day management / administration routines to appropriate parties within the organization or, if appropriate, assign such responsibilities in part or in whole to external contractors and/or service providers. As Nixu NameSurfer Suite’s web-user interface can be accessed remotely over a secure connection using standard web-browsers such as Internet Explorer and Firefox, all data stored in the system can be viewed and managed by authorized staff without having to escalate requests internally or to external service providers.

By centralizing the management of name and IP address space to Nixu NameSurfer Suite, CUSTOMER X will be able to realize the following benefits:

- To track the usage of IP address space in real-time and to manage the distribution (and the IP address allocation) of the CORPORATE X address space to subnets / IP address blocks of different sizes all the way to the level of individual IP addresses; to assign and to maintain accurate records of administrative attributes associated with different subnets such as their physical location, their contents / usage, the responsible person(s) and their contact details, etc.;

- To validate all data entered into authoritative production DNS in order to eliminate configuration errors that would threat the stability of corporate DNS;

- To create a centralized authorization and authentication mechanism for accessing the corporate name and address space, and to store logs (who, what, when) of changes that have been made to the corporate name space;

- To create a centralized and standardized process for accessing and managing the corporate name and IP address space;

- To manage compatible secondary DNS servers (Microsoft, BIND, Nixu SNS) and their configurations centrally from Nixu NameSurfer Suite.

Additionally, the “DNS Views” functionality in Nixu NameSurfer Suite can be used for the centralized management of several different sets of authoritative DNS data using a single server instance. These separate DNS data sets known as DNS Views would include internal/ private authoritative DNS data, external / public authoritative DNS data, and authoritative DNS data used by different CORPORATE X subsidiaries and/or operations abroad, whether internal or external. This approach would provide a single management point for the entire CORPORATE X name and address space whilst allowing organizations operating abroad to run their own authoritative slave DNS servers at remote sites for redundancy.”

I couldn’t have said this better myself! Although, coming to think of it, it might be a good idea to further run this single server instance as software appliance on VMware Virtual Infrastructure…

Please visit our product pages for further details on Nixu NameSurfer Suite. Oh, and if you happen to download the product for evaluation within the next two days (by Friday this week), you will be eligible for a draw in which you can win a $100 Gift Certificate to Amazon.com.

As it’s now the third Friday of September, I have the pleasure of announcing the third winner in our series of September draws:

Congratulations to Cameron from the United States! We’ll contact you with further details next week.

If you’re interested in participating in these draws, we have one left next Friday. To participate, all you have to do is to download any Nixu Product for evaluation.

For those of you who have already downloaded Nixu Software’s latest White Paper of Virtualized DNS and IP Addressing Environments and found it as informative as I did, I thought I’d provide you with a link to another white paper written on DNS and virtual infrastructure. This one is published by VMware and addresses File / Print / DNS Servers in Virtual Infrastructure. It’s a good read for anyone who’s planning to virtualize their operating environment.

As it’s the second Friday of September, I have the pleasure of announcing the second winner in our series of September draws:

Congratulations to Massimo from Italy!

We’ll contact you with further details next week.

Since announcing our technology partnership with VMware a few months back, we have been receiving an increasing number of inquiries from organizations thinking about going virtual with their DNS and IP addressing environments. To share our knowledge and insights on this topic with the networking community, we have prepared and published a brand new white paper “Virtualized Domain Name System and IP Addressing Environments” that we hope will provide our readers with some food for thought on the subject. If you find this paper useful, please feel free to copy and to circulate it as you see fit.

As it’s the first Friday of September, I have the pleasure of announcing the first winner in our series of September draws:

Congratulations to Nick from Canada!

We’ll get in touch with you with further details next week.

Amit Klein from Trusteer has discovered yet another security vulnerability in BIND 8. This time around, it’s a weakness in the transaction ID generation algorithm that can be turned into a mass attack. If you’re still running BIND8 – some 10%+ of organizations still are – we very strongly advice you to upgrade to newer DNS server implementations. After all, as BIND8 has already entered into End-of-Life, continuing to run this particular piece of software makes your organization a sitting duck.

A very convenient way to replace your existing DNS server is to install Nixu SNS (Secure Name Server) in your network. Distributed as an ISO image that auto-installs on x86 servers and VMware virtualization platforms in minutes, it is the easiest and the most cost efficient ($495/server/year incl. maintenance & support) way to insure your DNS servers against attacks and vulnerabilities such as this.

And get this: by downloading Nixu SNS for evaluation during September, you can win a $100 Gift Certificate to Amazon.com (please see my previous blog entry below). Not sure about you, but an offer this sweet brings out the poet in me:

Don’t wait, evaluate!