Más contenido relacionado
La actualidad más candente (19)
Similar a Nuestar UltraDDI (20)
Nuestar UltraDDI
- 1. White Paper | Neustar Ultra DDI
Managed DNS, DHCP, IP Address Management (IPAM) Services for Private Networks
Read more...
- 2. White Paper | Neustar Ultra DDI
© 2010 NeuStar, Inc. | pg. 2
Contents
In the past, network management was relatively straight-forward. 3
The game has changed. 3
The Problem: DNS, DHCP and IPAM services require specialized knowledge 3
The Neustar Solution: Ultra Managed DNS, DHCP, IPAM Services (Ultra DDI) 4
Management Capabilities of the Ultra DDI Service 4
How Ultra DDI works 5
Ultra DDI Service Components 5
Infoblox Appliances for DNS, DHCP and IPAM (DDI) 5
Neustar Gateway Appliance – On-site Service Proxy 6
Neustar Service Monitoring 6
Neustar Trend Data and Analysis 7
Data Monitoring 7
Areas of Trend Analysis 7
Customer Support Maintenance Channel 8
Neustar Network Operations Center & Customer Support 8
Neustar Ultra DDI: Service Level Agreement 8
Benefits: Reliable, Worry-free service 9
About NeuStar and NeuStar UltraDNS Services 10
About Infoblox 10
Appendix A: Alert Monitoring 11
Neustar Ultra DDI Alert Monitoring 11
Neustar Ultra DDI Statistics Collection 12
- 3. White Paper | Neustar Ultra DDI
© 2010 NeuStar, Inc. | pg. 3
In the past, network management was relatively straight-
forward.
You have DNS servers; you have a spreadsheet with the ranges of IP addresses
for your network equipment. You have one person who assigns out new IP
addresses, and you go weeks or months between any IP address requests.
The game has changed.
Every day, 24x7, users need access to your network, your applications and your core
business resources. Your users need IP addresses for their laptop computers, mobile
devices, VoIP telephones and video teleconferencing. Your users move their equipment
between rooms, floors, buildings and even connect from remote networks – multiple
times a day. In today’s typical business environment, the IP activity is impossible for a
single person to manage. Add in the evolving trends of assigning IPv6 addresses, and
signing for security, and network management has evolved into a really complex task.
The Problem: DNS, DHCP and IPAM services require specialized
knowledge
Networks are designed to help your users share information. Domain Name Services
(DNS) are a critical component of modern networks because they help network endpoints
locate one another so that information may be shared. DNS is the service responsible
for static network points, and DHCP is its counterpart for dynamic addresses. As the
quantity of network endpoints grows, DNS becomes more complicated to manage and
maintain. This is especially true if the endpoint addressing changes frequently (for
example, mobile devices that frequently join, move within and leave your private network).
When DNS or DHCP fail, your network users cannot reach critical network resources.
The DNS industry has spent years building the tools and services required to
simplify the management and maintenance of addressing services such as DNS
and DHCP. Tools such as IP Address Management (IPAM) provide visibility into DNS
and DHCP services, but no matter how automated these tools may be, a critical gap
remains in knowledge, experience, and time to properly maintain the services.
The traditional approach to mitigate the problem is to maintain a dedicated team
with the knowledge and experience to keep the DNS, DHCP and IPAM (DDI) services
running. The trade off is that, while maintaining these critical services your staff is
not developing and maintaining features and components of your core business.
- 4. White Paper | Neustar Ultra DDI
© 2010 NeuStar, Inc. | pg. 4
The Neustar Solution: Ultra Managed DNS, DHCP, IPAM Services
(Ultra DDI)
Neustar has the experience and expertise necessary to support critical core network services
as a managed service for your network. We bring the technical expertise from UltraDNS in
supporting a world-class DNS service as a managed service. With our partnership with Infoblox,
we offer premier DNS, DHCP and IPAM service appliances as a hardware base for our solution.
Ultra DDI brings all of the advantages you’ve come to expect from industry-leading
DNS, DHCP and IPAM services. We include a full DNS, DHCP and IPAM feature set, and
hardened, purpose-built appliances for turn-key operation. In addition, we offer the
critical elements necessary for a tight partnership between our technical support team
and yours, including active monitoring of the health and availability of the DDI services.
We offer proactive maintenance by experienced staff. These features and services allow
us to operate in partnership with your operations team and provide quick responses to
technical issues as they arise. All of this is available as a simple, predictable, recurring
operational expense from a single vendor for the complete lifecycle of the service.
Management Capabilities of the Ultra DDI Service
Neustar partners with Infoblox to deliver the best solution for DNS, DHCP and IPAM. Ultra
DDI uses the Infoblox appliances because they are the best solution. (Gartner agrees:
see their recent Marketscope report .) Overall, the service enables your organization to
automate the delivery and management of these private network functions: DNS, DHCP and
IP Address Management. Here are the critical features that Ultra DDI will provide to you:
• Highly available, robust and secure DNS, DHCP and IPAM
• Any appliance can serve any role(s) (DNS, DHCP, IPAM, Grid Master, etc.)
• Multi-layer resiliency (Protocol watchdogs, HA, DHCP Failover, Anycast, etc.)
• IP addressing error prevention – eliminates conflicts and errors
• Centralized administration, management
• Delegate with role-based administration and workflow
• Comprehensive administrative audit
• Automate daily tasks such as moving printers, adding
DNS records, changing IP addresses, etc.
• Organize networks for simple viewing and management,
associate IP addressing with hardware
• Granular IP addressing history and tracking
- 5. White Paper | Neustar Ultra DDI
© 2010 NeuStar, Inc. | pg. 5
How Ultra DDI works
The approach is simple: Neustar provides a complete service where we provision industry-
leading Infoblox appliances to provide DNS, DHCP and IPAM (DDI) services for your network.
You retain control of the Infoblox management, so that you can make changes when required.
Next, Neustar provisions dedicated Neustar Gateway Appliances to monitor the health of the
Infoblox appliances and services. The Neustar Gateway Appliances notify Neustar of critical
events that may degrade
the performance of the
services. When problems
are detected, Neustar
contacts you and begins
working on a resolution.
If the problem is the
result of failed hardware,
Neustar replaces it
for you. Additionally,
Neustar watches the
resources and system
health of the equipment,
looking for trends to
anticipate problems.
Ultra DDI Service Components
Infoblox Appliances for DNS, DHCP and IPAM (DDI)
Neustar partners with Infoblox to provide you with the industry-leading DNS, DHCP and
IPAM services. Infoblox appliances provide the most reliable service with the widest
feature set available. Infoblox appliances handle all DNS and DHCP transactions
Neustar deploys Infoblox appliances on your private network. These appliances
are Neustar-owned and maintained. Because these devices are owned by Neustar,
we have a vested interest in assuring that they are optimally maintained.
This does not mean that you give up control of the service. You retain local access to the
Infoblox administration portal so that you can make the necessary additions, moves and
changes necessary for your environment on your schedule, according to your needs, not ours.
Ultra DDI Service Diagram
- 6. White Paper | Neustar Ultra DDI
© 2010 NeuStar, Inc. | pg. 6
Neustar Gateway Appliance – On-site Service Proxy
Neustar deploys one or more Neustar Gateway
Appliances within your network to act as a
broker between the Infoblox appliances devices
and the Neustar network. There are three major
functions of the gateway: service monitoring,
trend reporting, and maintenance access.
Neustar Service Monitoring
For service monitoring, the gateway participates in the SNMP community of the Infoblox
devices, listening for alert conditions and polling for many different state conditions. Alert
events are delivered immediately from
the gateway via secure https (TCP:443)
to the Neustar Network Monitoring
System (NMS), NOC, and Neustar
Customer Support teams so that they can
evaluate and respond to the event.
Neustar monitors nearly 50 different
data points (and growing) about the health and service performance of the Infoblox
appliances. The monitors run poll every 1-5 minutes depending on the parameter. Alerts
are delivered to Neustar immediately, in real-time, so that we are aware of events as they
happen—typically before you or your users are aware of a problem with a service.
Alert Communication
1. Infoblox appliances deliver alerts to the gateway.
2. The gateway delivers alerts via a secure channel
to Neustar-hosted alert proxy servers.
3. Proxy servers deliver alerts to the Neustar Network
Operations Center, where they are classified into
informational, warning and critical event types.
4. Network Operations automatically informs
Neustar Customer Support of the event, so
we may take appropriate steps to remedy.
- 7. White Paper | Neustar Ultra DDI
© 2010 NeuStar, Inc. | pg. 7
Neustar Trend Data and Analysis
In addition to the alerts, over 70 data points are polled. This data is collected on the gateway
and delivered to Neustar, where Customer Support will analyze for performance and
health trends. This information is used to evaluate the health of the DNS, DHCP and IPAM
services over time—for the life of the service—so that Customer Support can anticipate
problems related to hardware degradation, client load trends and network growth.
Statistical information is analyzed by our experienced Customer Support
team so that they can anticipate problems before they occur and recommend
remediation before your users experience service degradation.
Data Monitoring
1. The gateway polls Infoblox appliances
for health and performance data.
2. The gateway consolidates monitoring
data, then delivers the data via
a secure channel to Neustar-
hosted alert proxy servers.
3. Proxy servers deliver data to the
Neustar data warehouse, where it
is stored for the life of the service.
4. Neustar Customer Support
analyses collected information
for trends and performance.
Areas of Trend Analysis
• DNS & DHCP transaction load
• DNS zone statistics
• Dynamic DNS message statistics
• DNS service latency
• DHCP per-subnet statistics
• DHCP message traffic
• Infoblox GRID statistics
• Infoblox server statistics
• Neustar Gateway Appliance
Ultra DDI Trend Analysis
- 8. White Paper | Neustar Ultra DDI
© 2010 NeuStar, Inc. | pg. 8
Customer Support Maintenance Channel
The Neustar Gateway appliance provides a secure maintenance connection that Customer
Support may request for troubleshooting and fixing issues with the Infoblox appliances. This
connection is established on-demand and only used when necessary. The connections are
made outbound from the Neustar Gateway Appliance to the Neustar hosted environment, so
there is no requirement for risky inbound firewall policies, DMZ equipment or complicated
VPN connections. The communication channel
creates a temporary SSH (secure shell)
connection (an encrypted and authenticated
“reverse tunnel”) between the Gateway itself
and the Neustar network. From there, the
support team uses this connection to reach the
Infoblox Management Console and the individual
appliances so that they can enact changes
to prevent an outage or restore services.
Neustar Network Operations Center & Customer Support
Neustar runs a dedicated Network Operations
Center (NOC) for monitoring Neustar operations
and all customer facing products and services.
Our NOC is staffed 24x7x365. As alerts arrive
for Ultra DDI, they are routed to our 24x7x365
customer support center in Louisville, Kentucky
for the on-duty Customer Support staff.
After quick analysis, Customer Support will
determine if action is necessary. Typically, the
first action is to follow the designated contact
procedure to begin working on a solution.
Neustar Ultra DDI: Service Level Agreement
All of these services are designed for one goal: to keep critical DNS and DHCP
services functioning reliably on your network. We back up our proactive support,
monitoring and maintenance with a Service Level Agreement—with remedies—
covering service availability and Customer Support response time.
Further, we cover the equipment completely with a solid hardware
replacement policy, so that when failures do occur, the equipment is
replaced and service is restored in the shortest time possible.
- 9. White Paper | Neustar Ultra DDI
© 2010 NeuStar, Inc. | pg. 9
Benefits: Reliable, Worry-free service
Ultra DDI Feature Benefit
Neustar Managed Service
• Complete service package includes hardware, software, warranty,
monitoring and maintenance in a simple recurring operational expense
• Predictable costs: Pricing based on quantity and type of equipment
deployed, not on query or IP-address based licensing.
Premier Solution
• Neustar brings years of experience with managed services of Public
DNS, as well as expertise in private network DNS and DHCP
• Infoblox provides the most reliable DNS, DHCP
and IPAM platform for private networks
Neustar Service
Monitoring
• Services are monitored by Neustar redundant Network
Operations Center and Customer Support teams
• Monitor critical alerts and trends which may indicate a potential problem
is arising, to take steps to mitigate issues or avoid them altogether
• We watch nearly 50 different health checks of the
system, from hardware to applications:
• Hardware: CPU Utilization, Drive Utilization, System temperature, etc.
• Applications: DHCP Transactions/Second, DNS queries per second, etc.
• Forms a tight partnership between you and Neustar Customer
Support - when problems do occur less time is lost to
discovery and more time is spent on repair/resolution
Expert, Proactive Support
& Maintenance
• Product experts: Neustar- and Infoblox- Certified Support
Staff experienced with DNS, DHCP and IPAM solutions
• Experienced: Managed DDI service leveraging experience from UltraDNS,
Neustar Managed Internal DNS (MIDS) and MetaInfo service teams
• Round the clock support (24/7/365) because
problems rarely occur at convenient times
• USA-based Customer Support: Louisville KY, Sterling VA and Seattle, WA.
Hardware Lifecycle Sup-
port
• Neustar-owned and maintained equipment. Break/
fix is included in service, no additional fee
• Service model incents Neustar to keep systems running optimally
Expert Professional
Services
• Architecture design services
• Customization assistance (IPAM Extensible
Attribute planning and assistance)
• Custom application development (i.e. Billing, Master Search, Trending)
- 10. White Paper | Neustar Ultra DDI
© 2010 NeuStar, Inc. | pg. 10
Ready to get Started? Call today for more information! +1 888-367-4812
Or, come check us out at www.neustar.biz/whitepaper2010ach
About NeuStar and NeuStar UltraDNS Services
Neustar, Inc. (NYSE: NSR) provides market-leading and innovative solutions and directory services
that enable trusted communication across networks, applications and enterprises around the world.
Leveraging a unique directory platform and proprietary, patented technologies, Neustar’s UltraDNS
Services – the company’s comprehensive suite of managed DNS offerings – provides a range of
infrastructure solutions to organizations that rely on the Internet critical business processes,
applications and services. Today, UltraDNS Services are used by more than 3,000 enterprises and TLD
infrastructure customers worldwide, and currently power the resolution of nearly 20 million global
Internet domains. Visit www.neustar.biz and www.ultradns.com for more information.
About Infoblox
Infoblox is an industry leading developer of network infrastructure control solutions. Infoblox’s
unique technologies, including the Infoblox Grid™ – a real-time, data distribution technology
– increase network availability and control, while automating time-consuming manual tasks
associated with network infrastructure services like domain name resolution (DNS), IP address
management (IPAM), network change and configuration management (NCCM) and network discovery,
among others. Infoblox solutions are used by over 4,500 organizations worldwide, including more
than one third of the Fortune 500. The company is headquartered in Santa Clara, Calif., and operates
in more than 30 countries.
NeuStar Corporate Headquarters
NeuStar, Inc.
46000 Center Oak Plaza
Sterling, VA 20166
UltraDNS
East Coast Office
1775 Pennsylvania Ave NW 4th Floor
Washington, D.C. 20006
West Coast Office
1000 Marina Blvd. Suite 400
Brisbane, CA 94005
Customer Support
Email: UltraSupport@neustar.biz
Phone: (888) 367-4820
Sales & Information
Call (888) 367-4812 or email
sales@ultradns.com to send a sales or infor-
mation request.
- 11. White Paper | Neustar Ultra DDI - Appendix A: Alert Monitoring
© 2010 NeuStar, Inc. | pg. 11
Appendix A: Alert Monitoring
Neustar Ultra DDI Alert Monitoring
This is the list of events that are automatically delivered to
Neustar NOC and Customer Support (as of July 2010).
Monitor Type Monitor Event Alert Type
Equipment Failure
Primary drive is full
CPU fan <n> has failed
Power Supply failure
RAID battery failure
RAID system degrading
RAID system rebuilding
Critical
Critical
Critical
Critical
Warning
Ok
Threshold Events
Out of Memory
Memory usage over 90%
Memory usage under 90%
Primary drive is over 90% full
Primary drive is over 95% full
Primary drive is OK
Database usage over 85%
Database usage under 85%
Critical
Critical
Ok
Warning
Critical
Ok Critical
Ok
Processing Failure Daemon failures (DNS, DHCP) Critical
Threshold Events
DHCP Range crossing threshold (Near full)
DHCP DDNS updates deferred
DNS Security alerts
Grid Replication problem
Critical
Warning
Warning
Critical
State Change Events
Network interface monitors
High availability monitors
NTP monitors
Critical/Ok
Critical/Ok
Critical/Ok
- 12. White Paper | Neustar Ultra DDI - Appendix A: Alert Monitoring
© 2010 NeuStar, Inc. | pg. 12
Neustar Ultra DDI Statistics Collection
Information that is collected for trend and statistical analysis from
the customer on-site equipment. (as of July, 2010)
DNS Zone Statistics (per zone)
timestamp Time in seconds since Jan 1, 1970 00:00:00 UTC
interval The polling interval of this table
gateway ip xxx.xxx.xxx.xxx format – address of the gateway server
server ip xxx.xxx.xxx.xxx format – address of the Inoblox server
zone name DNS Zone name. (e.g. “example.com.”)
view name BIND DNS view name. (e.g.: “internal-view”)
success Number of Successful responses since DNS process started.
referral Number of DNS referrals since DNS process started.
nxrrset Number of DNS query received for non-existent record.
nxdomain Number of DNS query received for non-existent domain.
recursion Number of Queries received using recursion since DNS process started.
failure Number of Failed queries since DNS process started.
Dynamic DNS Statistics
timestamp Time in seconds since Jan 1, 1970 00:00:00 UTC
interval The polling interval of this table
gateway ip xxx.xxx.xxx.xxx format – address of the gateway server
server ip xxx.xxx.xxx.xxx format – address of the IB server
success Number of successful dynamic DNS updates.
failure Number of failed dynamic DNS updates.
rejects Number of dynamic DNS update rejects maybe due to permission failure.
prerequisite rejects Number of dynamic DNS update rejects due to prerequisite failure.
- 13. White Paper | Neustar Ultra DDI - Appendix A: Alert Monitoring
© 2010 NeuStar, Inc. | pg. 13
DNS Service Latency
timestamp Time in seconds since Jan 1, 1970 00:00:00 UTC
interval The polling interval of this table
gateway ip xxx.xxx.xxx.xxx format – address of the gateway server
server ip xxx.xxx.xxx.xxx format – address of the Infoblox server
non aa count
Number of queries used to calculate the average latencies for non-authorita-
tive queries
non aa latency
Average Latencies (in microseconds) for incoming DNS queries where the
reply was non authoritative
aa count
Number of queries used to calculate the average latencies for authoritative
queries
aa latency
Average Latencies (in microseconds) for incoming DNS queries where the
reply was authoritative
DHCP Network Statistics
timestamp Time in seconds since Jan 1, 1970 00:00:00 UTC
interval The polling interval of this table
gateway ip xxx.xxx.xxx.xxx format – address of the gateway server
server ip xxx.xxx.xxx.xxx format – address of the Infoblox server
network address
DHCP Subnet in IP address format. A sub-network may have many ranges for
lease.
network mask DHCP Subnet mask in IpAddress format.
percent used
Percentage of dynamic DHCP address for subnet leased out at this time. Fixed
addresses are always counted as leased for this calculation if the fixed ad-
dresses are within ranges of leases.
- 14. White Paper | Neustar Ultra DDI - Appendix A: Alert Monitoring
© 2010 NeuStar, Inc. | pg. 14
DHCP Server Statistics
timestamp Time in seconds since Jan 1, 1970 00:00:00 UTC
interval The polling interval of this table
gateway ip xxx.xxx.xxx.xxx format – address of the gateway server
server ip xxx.xxx.xxx.xxx format – address of the Infoblox server
discovers the number of discovery messages received
requests the number of request messages received
releases the number of release messages received
offers the number of offer messages sent
acks the number of ack messages sent
nacks the number of nack messages sent
declines the number of decline messages received
informs the number of inform messages received
others the number of other messages received
Infoblox GRID Statistics
timestamp Time in seconds since Jan 1, 1970 00:00:00 UTC
interval The polling interval of this table
gateway ip xxx.xxx.xxx.xxx format – address of the gateway server
server ip xxx.xxx.xxx.xxx format – address of the Infoblox server
node ip xxx.xxx.xxx.xxx format
replication status Replication queue status for this node.
queue from Sent queue size from master.
last contact from Last sent time from master. ( 2010/05/14 16:08:23 )
- 15. White Paper | Neustar Ultra DDI - Appendix A: Alert Monitoring
© 2010 NeuStar, Inc. | pg. 15
Infoblox GRID Statistics
queue to Receive queue size to master.
last contact to Last receive time to master. ( 2010/05/14 16:08:23 )
Infoblox Appliance Statistics
timestamp Time in seconds since Jan 1, 1970 00:00:00 UTC
interval The polling interval of this table
gateway ip xxx.xxx.xxx.xxx format – address of the gateway server
server ip xxx.xxx.xxx.xxx format – address of the Infoblox server
cpu temp Temperature of the cpu as a string ( +27.8 C )
cpu usage Current average CPU usage since system booted
mem usage Current Memory usage
NSR-GWA Statistics (self-monitoring)
timestamp Time in seconds since Jan 1, 1970 00:00:00 UTC
interval The polling interval of this table
gateway ip xxx.xxx.xxx.xxx format
server ip xxx.xxx.xxx.xxx format
cpu temp Degrees in C
available memory Current available physical memory