WSV307: Windows Server 2012 IP Address Management

This was a great session on the all new IPAM (IP address Management) feature that comes free with Windows Server 2012. Gone are the days of managing your IP address space with Excel spreadsheets. Say hello to automatic DNS, DHCP, AD server discovery so you can centrally track and manage your IP addresses, DHCP scopes, DHCP options, DHCP reservations, static IPs, and tag entries with your own metadata. Tag your CEO’s iPAD (err.. Windows 8 RT tablet) in IPAM, for example, then sync that data into MS Service Manager. Or track the history of a IP address through DHCP renewals and user logons.

For a version 1.0 product this has a lot of features that will immediately make it useful for organizations. I hope in a future service pack or R2 release that they will automate the integration with SCOM, VMM, Service Manager, and AD site/services for a truly comprehensive IP address management solution. The service is super easy to install and does not require a SQL server. The PowerShell interface lets you easly import/export data so you can script integration with the forementioned products (SCOM, VMM, SM, ADDS).

Session highlights include:

    • What IPAM? IP Address Management (IPAM) complements MS DHCP and DNS offerings.
    • Comes as a feature in the box with Server 2012, with no additional cost
    • Understanding IPAM
      • Example of problems IPAM helps: Track organizations IP addresses, find free IP addresses, DHCP scope is full, etc.
      • IPAM Options – 1) Spreadsheets 2) In-House tools 3) Commercial appliances 4) WS 2012 IPAM
    • WS 2012 IPAM Overview
      • Address space management (ASW)
      • Network Discovery (DNS, DHCP, DCs)
      • Multi-server management – Centralized console
      • Visibility and audit – Track and audit changes for compliance
      • Components and Interactions
        • IPAM Server – Uses SQL-like database (WID) (built-in)
        • IPAM client – Win8 w/ RSAT or WS 2012
        • Agentless for DHCP, DNS, DC, NPS server
        • 5 roles for access control (IPAM Administrators, IPAM Address manager administrators, MSM Administrators, users, audit administrators)
        • Supports distributed deployment and windows backup/restore
        • Can import data from an external source/system
        • IPAM external data integration
          • Import CSV via GUI with any number of fields
          • PowerShell to pull data and export data
        • Configurable utilization warning thresholds
          • Find and Allocate and IP address – Tries to ping IP address, then looks at DNS to see if the address is in use.
        • Address Space Management (ASM) Features
          • Can set an expiration date for an IP address if you wish
          • Can create and delete DNS host records from the console
          • Correlates DHCP renewals, user logons
          • Can create DHCP reservations directly from the console
          • Plan, allocate, monitor, track IP addresses
          • Multi-server management (MSM) Features
            • Launch MMC directly from the IPAM console to manage features not in the IPAM GUI
            • Monitor server availability and health
            • Multi-select scopes and reconfigure an item (say DNS server) across multiple servers
            • DNZ zone monitoring through IPAM
            • Find and replace feature for DHCP scopes (e.g. find a DNS server IP and replace it with a new IP across all scopes)
            • Monitor DHCP scope utilization
            • Track DHCP configuration changes
            • External Data Integration from AD Directory Services
              • Import/export from GUI
              • Import/Export from PowerShell
            • IPAM SC VMM Integration
              • SCM 2012 SP1 VMM can send data to IPAM (one-way)
            • Supports IPv4 and IPv6
            • Audit who, what and when
            • Audit IP address/user/machine activity
            • Real-time allocation and usage trends
            • Agentless architecture
            • Custom meta-data
            • Powerful filter/search
            • PowerShell support is somewhat limited (mostly import/export)
            • Scales up to several 100,000 addresses
            • Export IPAM information into Service Center so you know what devices or what (e.g. tag device in IPAM as CEO’s IPAD)

        Related Posts

        Subscribe
        Notify of
        0 Comments
        Oldest
        Newest Most Voted
        Inline Feedbacks
        View all comments