Many service providers view their IPAM software as network provisioning tools – when they really aren’t. Networks are managed with a variety of tools and processes ranging from home grown databases to proprietary hardware appliances, to spreadsheets and flat files. The goal of these tools (of which IPAM is one) is to make life easier to for the operational team trying to keep the lights on.
So what’s the actual result of this menagerie of tools? Lots of wasted time and an inflexible platform that stopped saving you money years ago. This is not uncommon. IPAM software was a reaction to a very real problem of tracking IP addresses and grew out of frustrations with spreadsheets and text files. Here’s the problem though: just looking at IP addresses only solves part of the problem. To truly increase business value and provide efficiency to your network operations team, you need to look at the entire provisioning process.
Here are six big things missing from typical IPAM software and why new automated network provisioning tools make a lot of sense:
1. Integrated provisioning workflows
An automated provisioning and control platform integrates the entire provisioning process, including IP address assignment, Regional Internet Registry (RIR) integration, DHCP, DNS and even device level configuration. Each step in the process is carried out automatically, in a dynamic fashion, as new services are deployed and new devices come online. This maximizes network administrator productivity and enables service providers to keep pace with the burgeoning rate of IP address adds, changes, and deletes. This is a bit more than your typical IPAM solution was ever meant for.
2. Complete system integration
A provisioning solution should be tied into a service provider’s order ticketing and CRM systems via RESTful APIs to provide true end-to-end provisioning. This lets an operational team provision customers more quickly, or allows customers to order and self-provision new services, expediting service delivery and reducing service provider overhead in the process. Legacy IPAM solutions were built to be silos – sharing is a new thing, so if your existing IPAM solution is a challenge to integrate with, it might be time to consider something else.
3. Policy-based network configuration
For network provisioning to be most efficient, policies need to be applied and enforced. Network architects can design policies to optimize overall network performance, minimize demands on infrastructure, prioritize service levels according to business and customer requirements, but if they aren’t enforced or made easy to use, they are ineffective. Legacy IPAM solutions have attempted to add some of these capabilities, but there is only so much you can do without re-architecting an application. Since these policies are automatically applied to routine tasks such as subnet configuration, IP address block assignments, DNS zone configurations and device level configurations, they need to be consistent and accessible to downstream users throughout every level of the provisioning process.
4. Customizable workflow
Instead of forcing the service provider’s workflow to adapt to the provisioning system, provisioning platforms should adapt to the service provider’s workflow. Tasks can be laid out and ordered based on business priorities, and the workflow will always conform to the way the network is actually managed. Ideally, the provisioning platform can accommodate this through the GUI and a RESTful API. If you have to start looking at source code to see where to start, it’s time to look for an alternative.
5. Comprehensive auditing and logging
Because it can be configured for network-wide management, an automated provisioning system provides a complete view into the history of IP blocks, RIR actions, DNS zones and even relevant device level data. In case of error or performance degradation, this makes backtracking relatively simple by giving administrators complete visibility into who changed what and when. This audit trail also makes it much simpler to demonstrate compliance with regulatory and corporate governance requirements. This approach to audits and logging should also integrate with your existing logging/audit systems (syslog, JSON, etc.).
6. Flexible Deployment
Provisioning systems are deployed in a variety of ways – everything from a multi-tenant solution hosted on a VM behind the firewall to hosted models deployed across production datacenters around the world. In either case, service providers derive all the benefits without having to invest in extensive new hardware or dipping into their CAPEX budgets. The system can be scaled up or down on demand, but service providers never have to pay for more capacity than they require at any given point in time. Ideally, the software should minimize proprietary software requirements by using industry standard Linux, Apache, MySQL and php (LAMP) technologies for ease of management and integration into existing monitoring and management systems.
As you are looking at your provisioning processes and evaluating how your current IPAM tools could be more effective, it’s important to remember how the role of “IPAM” is changing. With IPv4 networks evolving to accommodate more dynamic networks, and additional protocols like IPv6 and tighter DNS and DHCP integrations, more holistic provisioning platforms have become an imperative. Compared with legacy IPAM solutions, an automated provisioning platform is much more flexible, saving service providers considerable time and money through greater productivity and enhanced levels of service.
What type of provisioning system does your company use or plan to use?