Branch offices, IP, mobile handsets drive demand for IPAM appliances

As companies add IP phones, wireless access points and other non-computing devices to their networks, a Canadian equipment manufacturer is trying to displace Lucent Technologies as the IP address management (IPAM) vendor of choice for enterprise customers.

Bluecat Networks Inc. is shipping its Proteus Enterprise IPAM appliance, which is designed for organizations with different types of devices in different locations.

Dave Berg, director of product management for Richmond Hill, Ont.-based Bluecat, says it’s more suitable for enterprise customers than VitalQIP, a software package manufactured by Murray Hill, N.J.-based Lucent.

Spreadsheets don’t cut it
Bluecat also has the advantage of shipping a newer product, said Elisabeth Rainge, program director for next-generation operational support systems, billing and network management for Cambridge, Mass.-based IDC.

“The Lucent product is older and has been available far longer,” she said. “By and large, if an IT manager were to buy a Bluecat product as opposed to a Lucent product, they would buy something with less history and more current features.”

VitalQIP has been on the market for more than 10 years and supports both IP phones and wireless devices, said Don Smith, Lucent’s product manager for enterprise and government.

Berg claims Proteus, with a price in the $100,000 range, costs “a fraction” of what VitalQIP costs, though Smith says appliances have “limited scalability” compared to software, and the VitalQIP price depends on the number of devices supported.

Like VitalQIP, Proteus is designed to support IP phones and wireless devices, which can pose a management nightmare for IT administrators, Berg said.

“Simply deploying voice over IP handsets on everyone’s desks doubles your IP requirements overnight,” Berg said. “If you’re an organization that’s tracking your IP allocation using something as simple as a spreadsheet, it really no longer does the trick.”

Proteus uses a database with more than 100,000 records to keep track of IP addresses and administer both DNS and DHCP, Berg said. DHCP policies are important for large companies with far-flung subsidiaries that have users requiring the same level of access, regardless of location.

“Let’s say I’m the CEO and the IT department has given me a Wi-Fi enabled BlackBerry” with a session initiation protocol client, Berg said.

The CEO may visit a subsidiary whose IT rules are different from those of the corporate headquarters, he added.

Rather than creating a static IP address for each location, the IT department could create a DHCP policy that says if the CEO logs on to the network, he or she can access certain resources. One way of doing this is to use MAC authentication, so the user’s MAC address can be checked against a central database and then the IPAM device can grant access to a subnet.

“When I’m the CEO, I get off the plane and into that division, all of my calls have to automatically route to that phone.”

Administration by application
It can also help administer policies and helps organizations control with regulations, such as the Health Insurance Privacy and Portability Act (HIPPA), Berg said.

“We can track access of users and computer networks to ensure that they’re accessing appropriate resources or restricting access to resources,” he said.

The Web-based administration tool allows for multiple views, zones and domains, and up to seven levels of delegation. It can allow hundreds of administrators to access the network. Administrator privileges can be based on geographical area or applications, such as voice over IP.

“They would log in and see any voice over IP asset in the organization” regardless of location, Berg said. “They would not see things like name server records or unrelated DHCP pools.”

It also includes an error checking tool, and can check configurations for errors before going live.

“Not only are we checking configurations and monitoring, but we’re checking all administrative access, all data and route aggregation data,” Berg said. “I can track every single change that’s been made to my network, no matter how large it is, and if need be, I can undo anything on the network.”

Share on LinkedIn Share with Google+