IP
address management is a difficult task in large networks, because tracking IP
address usage is largely a manual operation. Windows Server 2012 introduces
IPAM, which is a framework for discovering, auditing, monitoring utilization,
and managing the IP address space in a network. IPAM enables the administration
and monitoring of DHCP and DNS, and provides a comprehensive view of where IP
addresses are used. IPAM collects information from domain controllers and
Network Policy Servers (NPSs), and then stores that information in the Windows
Internal Database. IPAM assists in the areas of IP administration, as shown in
the following table
|
. IP administration area
|
IPAM capabilities
|
|
Planning
|
Provides a tool set that can reduce the time and expense
of the planning process when changes occur in the network.
|
|
Managing
|
Provides a single point of management, and assists in
optimizing utilization and capacity planning for DHCP and DNS.
|
|
Tracking
|
Enables tracking and forecasting of IP address
utilization.
|
|
Auditing
|
Assists with compliance requirements, such as Health
Insurance Portability and Accountability Act (HIPAA) and Sarbanes-Oxley Act
of 2002, and provides reporting for forensics and change management
|
Characteristics of IPAM
Characteristics of IPAM include:
• A
single IPAM server can support up to 150 DHCP servers and 500 DNS servers.
• A
single IPAM server can support up to 6,000 DHCP scopes and 150 DNS zones.
•
IPAM stores three years of forensics data (IP address leases, host MAC
addresses, user logon and logoff information) for 100,000 users in a Windows
Internal Database when using Windows Server 2012, Windows Server 2012 R2 added
the option to select a Windows Internal Database or SQL Server. There is no
database purge policy provided, and the administrator must purge the data
manually as needed.
•
IPAM on Windows Server 2012 supports only Windows Internal Database. An
external database is only supported when IPAM is implemented on Windows Server
2012 R2.
• IP
address utilization trends are provided only for IPv4.
• IP
address reclamation support is provided only for IPv4.
• IPAM does not check for IP
address consistency with routers and switches.
Benefits of IPAM
IPAM benefits include:
•
IPv4 and IPv6 address space planning and allocation
•
IP address space utilization statistics and trend monitoring
•
Static IP inventory management, lifetime management, and DHCP and DNS record
creation and deletion
•
Service and zone monitoring of DNS services
•
IP address lease and logon event tracking
•
Role-based access control (RBAC)
•
Remote administration support through RSAT
• Reporting in the IPAM
management console
Note: IPAM has limited support for management and
configuration of non-Microsoft network elements.
Windows Server 2012 R2
Enhancements to IPAM
Windows Server 2012 R2 improves
and adds functionality for IPAM. The IPAM framework is expanded with the
following:
•
RBAC. RBAC for IPAM allows you to customize roles, access scopes, and access
policies for IPAM administrators.
•
Virtual address space management. You can use IPAM provide to manage IP
addresses in a Microsoft-based network. You can manage both physical and
virtual addresses. Integration between IPAM and System Center 2012 R2 Virtual
Machine Managers (VMMs) allows end-to-end address space management. You can
view virtual address space in the new VIRTUALIZED ADDRESS SPACE node of the
IPAM console.
• Enhanced DHCP server
management. DHCP management is improved in Windows Server 2012 R2 to include
new DHCP scope and DHCP server operations. Additionally, views were added for
DHCP failover, DHCP policies, DHCP superscopes, DHCP filters, and DHCP
reservations.
External
database support. You can configure IPAM to use a Windows Internal Database
(WID). Support for using Microsoft SQL Server was added in Windows Server 2012
R2.
•
Upgrade and migration support. You can upgrade the IPAM database from Windows
Server 2012 to Windows Server 2012 R2.
• Enhanced Windows PowerShell
support. IPAM includes more than 50 different Windows PowerShell commands.
0 التعليقات:
إرسال تعليق