What's New in Address Manager v9.4.0 - BlueCat Integrity - 9.4.0

Address Manager Administration Guide

Product name
BlueCat Integrity

The following features and functionalities are new in Address Manager v9.4.0:

Integrity communication for IPv6-only/Dual-stack transport

Address Manager v9.4.0 introduces top to bottom IPv6-only and dual-stack transport support for Address Manager to Address Manager, Address Manager to DNS/DHCP Server, and DNS/DHCP Server to DNS/DHCP Server communication. Includes support for replication and trust relationships, xHA, DHCP failover, TSIG, and services such as NTP, SNMP, Anycast/Multicast, and Syslog.

Warning: Transitioning from a single-stack IPv4 environment to IPv6 is a complex project with critical significance for network health. Customers are advised to extensively plan their IPv6 rollout beforehand, and perform necessary testing and validation in UAT environments before incorporating IPv6 features in production.

Encrypted notifications channel between BlueCat Address Manager and BlueCat DNS/DHCP Servers

Starting in Address Manager v9.4.0, users have the ability to turn on encryption for communication between Address Manager servers and DNS/DHCP Server appliances. Encryption can be turned on from the Address Manager user interface, or through the API (encryption is disabled by default). This feature secures the transmission of in-flight data entirely for both Address Manager to DNS/DHCP Server communication (command channel), and DNS/DHCP Server to Address Manager communication (notification channel).
Note: Encrypted notification requires certain ports to be opened on the firewall, see Address Manager service ports for more information.
Note: The ability to toggle the notifications channel between encrypted/unencrypted will be removed in a future release of Address Manager; all communications related to notifications between Address Manager and BlueCat DNS/DHCP Servers will be encrypted by default with no option to disable encryption.

User-defined links (phase 2)

Address Manager v9.4.0 introduces the ability to use the GUI to create user-defined link (UDL) types and link objects with UDLs, where previously they could only be set up with the API. Originally created to assist with cloud adoption by providing visibility into network architecture, UDLs can be used with a variety of object types to assist with navigation and centralized documentation of network relationships. For a full list of supported object types and example use-cases, refer to User-defined links.

Support for Entrust HSM with DNSSEC signing functionality

Address Manager v9.4.0 supports Entrust nShield HSM configuration to maintain support for external network-connected HSM solutions. Address Manager now offers the same functionality provided with the legacy Thales nShield HSM after replacing it with the Entrust nShield HSM.

Dynamic deployment of resource record changes

Address Manager v9.4.0 introduces the ability to dynamically deploy resource record changes within a zone. When configuring the Dynamic Update flag on a zone, resource record changes made within the zone are automatically deployed to the associated DNS/DHCP Server with the primary role for that zone, providing faster provisioning of DNS data to help meet demanding service level agreements related to DNS.

Enhancements to health telemetry

Address Manager v9.4.0 introduces the two new health telemetry services that can be configured on DNS/DHCP Servers. You can now configure the DHCP Statistics and DNS Statistics health telemetry services to gather DHCP packet statistics and BIND statistics, respectively. You can use these new health telemetry services to gather statistics into your DHCP and DNS environments, helping you identify anomalies or misconfiguration in your infrastructure.

GraphQL API Lab

Address Manager v9.4.0 includes a new experimental GraphQL API Lab as part of the user interface. Harness the power and flexibility of GraphQL to fetch Address Manager data simply and efficiently. Address Manager GraphQL functionality is not intended or planned for large data set retrieval. It is meant to improve efficiency in the retrieval of small but relevant data when needed. This feature is in incubation and may change or disappear in the future without further notice. Feedback is welcome! For more information refer to Address Manager GraphQL API in the API guide.