IP address management solutions

IP address management solutions

BT DDI software and appliances

Overview

IP address management (IPAM) makes communicating easy - email, web browsing, voice over IP, even wireless. Most of us take for granted the technology that automates the process of connecting to websites, email or IP applications.  We just power up and go.

BT DDI software and appliancesBehind the scenes, though, your IT managers or service provider operations staff need to provide the technology for your devices to communicate on your respective networks. One such technology involves assigning an IP address to the user device, based on the type of device and its current location. This assignment process is usually done through an automated address assignment mechanism called DHCP (Dynamic Host Configuration Protocol). Once a device has its IP address, it can communicate with other IP devices using their IP addresses.

Fortunately, users don’t need to type in an IP address to communicate, they can use a simple email or website address. A related IP management technology makes this text-based navigation possible, via web or email address, using DNS (Domain Name System) which is like a ‘phone directory’ for
IP. DNS servers translate web or email addresses into IP addresses. So while we humans use web addresses, phone numbers or email addresses to communicate, DHCP and DNS work behind the scenes to assign and identify the relevant IP addresses needed for IP communications.

The organisation of DHCP addresses assigned to end user devices and the DNS name-to-address mappings must fall within an overall IP address plan. IP address planning provides the foundation on which DHCP and DNS servers can be properly configured. The collective discipline of managing DHCP, DNS and IPAM is sometimes referred to as DDI.

BT DDI software and appliancesAs we increasingly use the cloud for extra or new computing capacity, we need IPAM to track IP addresses we’ve assigned to virtual machines and virtualised network functions. Automated subnet, IP and DNS record assignment with IPAM systems reinforces cloud benefits, such as agility, flexibility and automation. As your network expands into the cloud and supports your users’ own devices, security concerns increase. DNS has proven an increasingly popular target for malicious activity aiming to disrupt your network or steal sensitive data. Securing your DNS infrastructure is critical to minimising the risk of attack on your network.

Our DDI solutions and services mean you can integrate and secure your DNS, DHCP and IPAM into a unified, centralised platform. Using this single interface, you can manage IP address space inventory and assignments across cloud and non-cloud environments, configuration and capacity for IPv4 and IPv6, and manage multi-vendor DNS and DHCP servers.

The benefits

Our DDI solutions enable you to:

  • Reduce complexity - simplify DNS, DHCP and IPAM (DDI) configuration and management through a centralised platform, even in multi-vendor, multi-cloud infrastructures.
  • Streamline processes - replace time-consuming spreadsheets with automated IPAM administration, and integrate IPAM with broader workflows using our REST API. (Representational State Transfer API)
  • Automate cloud DDI - whether using private cloud, public or both, our cloud automation streamlines VM / VNF IP address and DNS assignment, increasing your agility.
  • Improve network stability - helps ensure consistent use of available IP space and pre-empts IP address depletion, through timely address re-allocation and quick name resolution.
  • Enhance security - identify potential access control violations, secure DNS with DNS firewall services, DNSSEC and more, audit IP address assignments, and assign multiple administrators with varying degrees of responsibility.
  • Manage rapid network expansion - monitor and assign your IP address pools appropriately, enabling new devices, such as IP telephony handsets, mobile devices and wireless routers, to be quickly set up.
  • Minimise service outages - manage and automate critical DNS and DHCP network services through a single interface, reducing configuration errors caused by multi-step manual processes.

We provide market-leading software and IPAM appliances that can help you effectively manage your complex IP networks. Our DDI solutions are available as a software application, pre-installed on Sapphire hardware or virtual appliances, and as an IPAM managed service.

IPControl software

IPControl IPAM software is a centralised IPAM system that gives you control of your IP address space and manages it according to your specific requirements, policies and procedures through:

  • IPv4 and IPv6 address space assignment, allocation, discovery, reclaim and re-allocation.
  • IP address pool monitoring and utilisation tracking.
  • Visibility and control of your IP address space spanning cloud and non-cloud networks.
  • Creation and deployment of multi-vendor DNS and DHCP configurations.
  • Integration with your multi-vendor DNS / DHCP infrastructure.
  • Unsurpassed user-definability and easy-to-use, intuitive graphical user interface.
  • Extensibility with REST APIs for integration within the IT management architecture including private, public and hybrid cloud IP management.

Sapphire appliances

Our Sapphire DDI appliances are designed for if you have distributed network locations, enabling remote administration of IPAM policies and DNS / DHCP services through an intuitive central system. Built-in security and redundancy features via a hardened Linux operating system help increase your network availability, minimise your exposure to attacks and reduce your DNS / DHCP outages.

Sapphire IPAM appliances are delivered with our IPAM software pre-installed. All hardware models also offer an Intelligent Platform Management Interface (IPMI) that enables remote ‘lights out’ management. This IPMI interface gives you remote power control and monitoring of key hardware metrics, including voltage and temperature. Our virtual models mean you can quickly deploy virtualised DDI network functions anywhere in your private or public cloud.

Deployment of Sapphire appliances provides:

  • Straightforward plug-and-play installation, with configuration directly via the IPControl web graphical interface.
  • Virtual appliance deployments, including support for VMware appliances, Oracle VM, AWS appliances, Azure appliances and Xen.
  • Centralised dashboard view of appliance status and services states with drill-down to device status, diagnostics and performance statistics.
  • Diverse role-based deployment options including as IPAM appliances, DHCP appliances, DNS appliances, DNSSEC appliances and cloud automation appliances.
  • Automated patches and upgrades.
  • Improved network security with a hardened operating system and kernel, access controls and user credentials and functional controls.
  • Management of DNS and DHCP services across local or remote locations, or full lifecycle IPAM administration.

Related videos

Dual-Stack IP Address Management

IPv6 deployments continue to increase around the world, with over 20% of users hitting Google websites using IPv6 growing to 50% within two years. Deploying IPv6 may seem intimidating given the far-reaching impacts of network protocols on applications, devices, security and network management. This webinar provides information regarding how to justify IPv6 deployment, how to go about assessing IPv6 readiness and how to manage your IPv4-IPv6 address space.

IPv6 Deployment Strategies

More and more organizations are deploying IPv6 given the growing scarcity of IPv4 address space. This webinar provides a brief update on the status of IPv4 address space availability and discusses key findings from our recent IPv6 survey. We then discussed IPv6 deployment strategies such as assessing your current network infrastructure capabilities, applications, staff knowledge, security and network management.

IP address management for Internet of Things (IoT)

IoT refers to the extension of today’s internet beyond traditional user devices into the realm of connectivity and interaction with sensors, monitors and remotely controllable devices. This brings challenges in terms of the huge number of IP addresses to manage for unmanned devices. This webinar discussed IP address planning, IPv4 vs. IPv6, thing addressing using SLAAC and / or DHCPv6 and DNS considerations.

  • Dual-Stack IP Address Management
    Dual-Stack IP Address Management
  • IPv6 Deployment Strategies
    IPv6 Deployment Strategies
  • IP address management for Internet of Things (IoT)
    IP address management for Internet of Things (IoT)
Show more Show less

FAQs

IPAM basics

What is IPAM?
IPAM, IP Address Management, is a crucial network management function required when managing an Internet Protocol (IP) network. IPAM is the discipline of managing an organisation’s IPv4 and IPv6 address space and associated naming of IP-addressed devices. IPAM entails segmentation of IP address space to the subnet level, the assignment of device IP addresses statically or via DHCP, and the management of IP address-to-name associations in DNS. IPAM simplifies the management of these critical inter-related networking functions.
What is DHCP?
The Dynamic Host Configuration Protocol (DHCP) provides a mechanism for devices to obtain an IP address automatically. When you plug-in at home or at the office, your device automatically initialises on the corresponding IP network using DHCP. Most people don’t know or need to know DHCP is at work on their devices. DHCP also simplifies life for network managers because it automates the critical function of IP address assignment. Other device parameters may also be configured using DHCP and it gives network administrators control over which and how many devices may acquire IP addresses.
What is DNS?
The domain name system, DNS, is often referred to as the internet directory. Computers identify other computers by IP address, but humans prefer easy-to-remember names. DNS provides the linkage mapping names to IP addresses. Whenever you enter a ‘www’ address in your browser, your browser looks up your entry using DNS. DNS returns the IP address to which your browser makes the connection. And most web pages link in images, ads, and other content with the use of DNS. DNS is also useful for machine to machine references particularly in software defined networks where names can be easily remapped to multiple IP addresses using DNS.
What is DDI?
DDI is an initialism of initialisms, short for DHCP, DNS, and IPAM. While technically IPAM comprises the supporting DHCP and DNS technologies, DDI became a popular alternative reference to the technology over the past decade. Typically IPAM and DDI are used interchangeably.
What is IPv4?
Internet Protocol version 4 is the first widespread production version of the Internet Protocol which was initially specified in 1980 and has enjoyed explosive success in the ensuing decades to the present. In fact, it’s been so successful, the capacity of address space defined for IPv4 has been exhausted and a new version of IP, version 6 has been defined to expand IP addressing capacity and add additional features.
What is IPv6?
Internet Protocol version 6 is the latest version of the Internet Protocol that has been developed to expand IP addressing capacity. IPv6 also adds new features and improvements including address auto-configuration, extension headers, improved mobility support, and multicast enhancements. Unfortunately IPv6 is not backward compatible with IPv4 and most implementations require support of both IPv4 and IPv6, an approach termed, ‘dual stack’. Nevertheless, the presence of IPv6 on the Internet continues to expand as organisations deploy.
How does an IPAM solution help with DDI management?
The underlying IPAM technologies of IPv4 / IPv6, DHCP, DNS, and DNS security, are very complex yet indispensable to IP network operations. Your network engineers must accurately provision and effectively manage IPAM technologies to keep your networks running, so you can keep your business running. An IPAM solution, such as ours, vastly simplifies the management of these complex technologies to help IT engineers keep your networks up and running.

Why IPAM

Why do I need an IPAM solution?
If you think about it, every network initiative involves IPAM at some level. Whether you need to consolidate data centres, expand or migrate to cloud, strengthen network security, deploy IPv6, optimise your network, or implement new IP services, you need to consider IP addressing and management. An IPAM solution can streamline management of your IT environment by facilitating provisioning automation, IP address tracking and auditing, DHCP and DNS server configuration, network troubleshooting, integrating DNS security, and centralising IP management of your network of diverse platforms and services.
What does it take to deploy IPAM?
IPAM deployment can take on many shapes and sizes. Each IP network is unique and likewise IPAM deployments may differ accordingly. From a functional perspective one can deploy IPAM simply to manage IP address space: block and subnet allocations. This model is useful for Internet Service Providers (ISPs) or large organisations that separate IP space tracking from other IPAM duties.

Other functional deployment models consist of IPAM with DHCP, IPAM with DNS, or IPAM with DNS and DHCP or full DDI. These models imply deployment of respective DHCP and DNS servers. For multi-vendor IPAM solutions like ours you can overlay IPAM to manage in-place Microsoft, ISC or Cisco CNR DHCP / DNS servers. Or you may deploy our Sapphire appliances physically or virtually. As to where you deploy these DHCP / DNS servers, you may choose to deploy servers close to large client populations to optimise performance or you may choose to deploy fewer servers in a more centralised architecture. You may choose an ad hoc model where you deploy DHCP / DNS within data centres, some larger remote sites and within your private and public cloud infrastructures.

Beyond deployment, you may also decide to operate and manage your IPAM on your own or leverage our managed IPAM services to assist with DDI administration and moves, adds and changes. No matter what deployment and management model you choose, WE would be happy to work with you to explore trade-offs and economies.
Should I use freeware IPAM?
While freeware offers the right acquisition price, you should consider your total cost for IPAM functions within your organisation. Our IPAM solutions offer versatile feature sets which automate IPv4 and IPv6 subnet and individual assignments, create DHCP and DNS server configurations, perform subnet and IP discoveries, monitor address utilisation, track cloud and non-cloud address space, and much more. Our IPAM solution enables you to schedule these tasks to run without manual intervention. Using freeware may require manual running of some or all of these tasks, which costs your organisation in staff resources to setup and run the task, then confirm or analyse the results.

And since every new network or computing initiative involves IPAM in some way, our IPAM system simplifies this association through our user-definability including containers, block types, domain types, user-defined fields and more. Such activity could prove challenging with freeware solutions or when using a confederation of tools. So new initiatives such as expanding to private or public cloud, IPv6, DNS security, network renumbering and so on, can be streamlined with our IPAM solutions.
What is the IPAM ROI?
Calculating the ROI for an IPAM solution, much like that of any automation type of system entails weighing the cost savings and benefits against the IPAM system investment. Customers have experienced over 150% ROI well within a year and most exceed that quantity. To quantify your ROI, we offer an ROI tool that our professionals can walk you through to calculate and perform sensitivity analysis upon.

Our IPAM solutions

What IPAM solutions do we offer?
Our Diamond IP team offers a diverse set of IPAM solutions. The architecture of our product line features a centralised web application and repository (which may be replicated for redundancy) for management of zero or more distributed DHCP and DNS servers within your network. Our IPControl™ software enables installation on customer-provided hardware (or virtual) and provides a web user interface and REST API for management of your IP address space, DHCP and DNS.

Our Sapphire appliances are hardware or virtual appliances that offer one-stop shopping with the bundling of bare metal, secure operating system and DDI features. Sapphire appliances are available in centralised management models, as well as for DHCP / DNS, DNSSEC, and cloud automation. Additional appliance types for IPAM reporting and enhanced IPAM redundancy will be introduced in the future.

You can procure our software and / or appliances and manage IPAM on your own or you can leverage our managed services to help. Our Sapphire Infrastructure Management (SIM) service provides for the proactive monitoring, troubleshooting, restoration, patching and upgrading of deployed Sapphire appliances within your network. Our fully managed IPAM service builds on the SIM service to offer execution of IPAM moves, adds and changes, e.g., to add a subnet, modify a resource record, etc, on your behalf.

We offer a number of professional services as well as support services to supplement your deployments. So now matter how large or modest your IP network, we can offer a solution to fit your needs and your budget.
Why should I consider BT for IPAM?
Our Diamond IP team consists of industry-leading IPAM experts. Members of our team have worked within the IPAM / DDI discipline for over two decades. We have authored four books, contributed to IETF standards, and have published dozens of white papers and webinars to educate IP network managers on various IPAM technologies as DDI, IPv6, DNSSEC, ITIL, DNS firewall, cloud automation and more. Our IPAM experts have developed a robust, scalable solution considered by IDC as ranking second in market share.
How does BT help secure my DNS?
BT Security offers a variety of network security consulting, monitoring and cloud services. Diamond IP complements these offerings with a DNS firewall service and DNS security products. Only we can offer this breadth of security services.

Our DNS firewall service provides frequently updated bad domain feeds in the form of response policy zones (RPZ) to block malware from communicating outside your organisation and to help you identify infected devices. Our Sapphire appliances also provide access control lists (ACLs), BIND-level ACLs, protocol-level rate limiting, DNS response rate limiting, DNSSEC validation and signing, and several other features.
What is unique about BT’s IPAM?
We are the only company that offers such an extensive variety of network, security and managed services and products to facilitate your digitalisation. Our IPAM managed services modularly complement our network and managed services. Our DNS firewall service likewise complements the plethora of security services we offer. Our DDI cloud automation products dovetail with our Cloud of Clouds strategy in helping you migrate all or part of your networking and computing assets to the cloud. In short, we offer the most diverse and comprehensive networking and value-added products and services, not the least of which includes IPAM.
How does BT stack up with IPAM / DDI competitors?
We’ve been ranked second in market share according to an industry report recently published by IDC. This testifies to the feature richness and adaptability of our product portfolio. Our key competitive differentiators include the following:

  1. IPAM automation – single click allocation of blocks and subnets; enter your ISP or private blocks and auto-allocate your space based on type and size required.
  2. Logical organisation – our patented container feature enables you to define a logical hierarchy, e.g., similar to your network hierarchy to model and apply policies to your address allocations.
  3. Consistency – templates for individual subnets as well as multi-subnet allocations enable modeling of business requirements with one-click allocation, e.g., for a new branch office or retail store.
  4. Diversity – Hardware, software, virtual and managed services offer maximum flexibility for enabling you to manage IPAM on your terms
  5. Full-cycle IPAM – Integrated discovery with our unique ‘planned versus actual’ reports provide simple network reconciliation and detection of rogue devices.
  6. Full configurability – Every option and configuration parameter supported by ISC’s BIND and DHCPD implementations are exposed in our web user interface to provide the full power of these implementations with the ease of management via a web GUI.
  7. Scalable IPAM – our IPAM solutions are used in production to manage the largest IP networks on earth.

White papers

IPAM Best Practices

IPAM Best Practices

Effectively manage your IPv4/IPv6 DNS, DHCP, IPAM.

Download
IPv6 Address Plans

IPv6 Address Plans

Concepts and ideas for IPv6 address planning.

Download
International DNS

International DNS

Internationalized Domain Names in DNS.

Download