A beta network appliance called Proteus aims to combine the benefits of high-end software with the advantages of low-cost, inherently secure hardware in one integrated Internet Protocol (IP) address management device.
Proteus is essentially a smart box that’s able to assign IP addresses, translate the addresses into names and track them in a built-in database. The enterprise appliance, released late last year by BlueCat Networks Inc., ties together Dynamic Host Control Protocol (DHCP), Domain Name System (DNS) and the administration of IP addresses.
The Richmond Hill, Ont.-based company has loaded a rich feature set into its IP address management product to effectively evolve its Adonis hardware into a more functional enterprise-size Proteus device.
Proteus is BlueCat’s plan to match the more capable software platforms like Lucent’s QIP and Nortel’s NetID, says Daniel Golding, a senior analyst for Midvale, Utah-based Burton Group.
BlueCat has launched an early adopter program for Proteus and from what he’s seen Golding believes the product is on target to match Lucent and Nortel, at a fraction of the cost and with higher security and less administration.
Golding says the advanced BlueCat device ties DHCP, DNS and IP address management together with a full relational back-end database. “Proteus pulls it all onto a secure hardware appliance, so you no longer have to do a lot of system administration on the underlying operating system that the software is running on,” he says.
The security advantages of a hardware-based IP address management product are significant, says Golding, because DNS servers in particular are frequently attacked. “They’re a point of vulnerability for many networks.”
The appliance houses dual-core architecture and operates off a hardened firewall-grade version of Linux.
Tools that specialize in troubleshooting DNS and DHCP can help simplify the deployment and administration of core IP networks, according to David Berg, director of product management for BlueCat.
The Web-based interface uses multi-core architecture that enables users to relate to data in terms of business policies, says Berg.
BlueCat uses a technology it calls lateral tagging to group information together to allow relational views of the network. The architecture is similar to a relational database that uses multiple identifiers, or qIDs, says Berg.
“You can assign the same type of metadata to your resource records to drill down into your network, and you can then assign tags to each of the devices or IP addresses on your network,” he says.
Golding says the management layer that BlueCat has placed onto Proteus is one of its stronger points. The Java-based graphical user interface offers centralized server management and DNS based on the latest version of BIND, with support for disaster recovery views and BIND views. “The reporting tools allow you to cut down on the time it takes to perform these processes,” says Golding.
Added features include automatic updates, error-checking of all DNS and DHCP configurations prior to deployment, built-in tools to import DNS configurations from Microsoft and older versions of BIND, configuration templates and wizards, support for DHCP failover, and transaction logging with configuration rollback.
Golding says enterprise businesses have been using a variety of pieces of software and tools for DNS and DHCP, but that inventories of IP addresses have been generally handled by an Excel spreadsheet. “And that isn’t a very efficient way of doing it.
“If you lose track or the data drifts between one source and another, you’re going to have a network outage,” he says.
A popular choice for lower-cost IP address management has been DNS for Microsoft, included in Windows Server, says Golding. “But this isn’t a wonderful DNS implementation, and the open-source versions of DNS can be very complex and difficult to operate.”
In Golding’s research for Burton Group, he notes that appliances are generally more capable of handling higher DNS query loads and resisting denial of service attacks.
“BlueCat’s first effort is very good, but the beta version is still a little rough around the edges,” says Golding.
“IP address management products are very new still, and there’ll be some ongoing development work in the administrative area.”