Articles
Lauren Malhoit

Enhancing BIND with Micetro

BIND, developed by ISC, is a fantastic open-source DNS management software that works well in many environments. Pairing it with the access control, orchestration, user experience, and reporting capabilities from Micetro, by Men&Mice, takes it to the next level.

Jan 13th, 2022

BIND, developed by ISC, is a fantastic open-source DNS management software that works well in many environments.  Pairing it with the access control, orchestration, user experience, and reporting capabilities from Micetro, by Men&Mice, takes it to the next level.

Whether you're running a Linux environment, or you're interested in migrating from Microsoft DNS and DHCP to ISC, Micetro can help simplify operations, secure your DDI environment, and actually make your network more stable. Micetro seamlessly integrates with BIND through the use of a small agent deployed on BIND servers. Once the server is added to the Micetro environment, Micetro will pull data regularly or on-demand to make sure all the data from your entire environment is up to date. This is a bidirectional relationship in that Micetro will also update the BIND servers with changes as needed.

Adding a BIND server to Micetro

Granular User Access Control

While BIND certainly has some built-in access control capabilities it doesn't allow for more granular or centralized control, especially in the case of multisite or multicloud architectures. Using the integration between Micetro and BIND can help you keep your networks secure down to the object-level.

Micetro uses a pure role-based access control methodology to secure user access for your entire DDI environment. Users and groups may be added manually or synced from an Active Directory or LDAP environment. These users and groups may then be added to roles giving users system-wide or specific object-level permissions for DNS zones, for example.

DNS Zone Role-Based Access Control

Micetro can then take this granularity a step further with a built-in capability called Workflow. Workflow gives users who don't have full permissions to make changes the ability to request a change to be made, scheduled by an approver, and then automatically executed during the appropriate change management window. This can all be done within the Micetro UI, but through APIs as well, making it simple to offer self-service to other IT teams.

Improving Operational Experience

Micetro, as a sustainable software overlay solution, uses abstraction to give admins a 360 view of their entire DDI infrastructure. It offers a GUI to easily view information, filtering and searching to easily view the data from different perspectives, and fully supported up-to-date APIs for automation, integration, and visibility.

Going beyond visibility via abstraction to the other side of the sustainable network management coin is orchestration. Even in an all BIND DNS environment, you'll need to login to dozens or even hundreds of different servers to make configuration changes. This becomes even less sustainable if you're running multivendor environments with DNS services from ISC, Microsoft, public cloud, and external DNS services. With Micetro, you'll only need to log into the Micetro UI and any changes you make will be consistent across the board, leading to a more stable and easily troubleshot network.

Making Use of Audit Trails

Configuration changes aren't the only consideration for centralizing DDI management when using ISC or a combination of ISC and some other DNS vendor(s). Audit trails are a necessity for enterprises with compliance regulations. Again, logging in to several different services is time consuming and prone to missing information. Using Micetro you get information on what changes were made, when they were made, who made them and why for any object in the Micetro environment, no matter where the changes were made.

Audit trail for a DNS zone

The Right Information at the Right Time

The last enhancement we'll discuss in this blog is reporting. Using native ISC tools will require looking through multiple logs on your Linux servers depending on the information for which you're looking. Micetro has built-in reports that will export a file to easily parse through.

Reports are great in some situations, like if an auditor or your boss wants to see information about what happened during a certain period in the past. Many times admins need to see information about what's going on now, though. Micetro has a partnership with the well-known developers of PRTG, Paessler, to offer real-time dashboards through the APIs. These types of dashboards and integrations are also easily configured with solutions like ServiceNow and vRealize Operations Manager as well.

Looking for More Info?

We're co-hosting a live session with ISC on January 20, 2022. Sign up here and come ask questions from the experts live or watch on-demand after January 20. https://menandmice.com/men-and-mice-and-isc-webinar