2 Replies Latest reply on Feb 11, 2014 2:03 PM by rstoney00

    Implementing IPAM: Where to start from and why

    sgenius

      Hi All,

      Please I like to find out how IPAM works. In my work environment, we just want to start IPAM implementation. Currently, we have IPAM 4.0, and our license details show that the allowed number of used IP Addresses is 1024.

      My questions are as follows:

      i. What exactly do we need to monitor using IPAM?

      ii. How does the license work? Is it one license per IP Address?

      iii. In my work environment, a class A subnetwork is used; and it is more than 1024 addresses.  With this, I believe  that some kind of prioritization has to be taken into consideration in terms of the IP Addresses to manage and why. This is actually my biggest question. What range of  IP Addresses do I manage and why? We have DHCP servers, DNS servers, and IP addresses that are used by our server farms, management devices, and a number of branch offices that would continue to increase; these offices make use of IP addresses of a certain range too, all under the class A subnetwork address.

       

       

      Please, I need detailed advice. Many thanks as you respond.

       

      Regards.

        • Re: Implementing IPAM: Where to start from and why
          michal.hrncirik

          Hi sgenius,

           

          glad to hear you would like to use IPAM. I'm product manger of this product. I'd like to help you with your questions:

           

          1) IPAM is able to monitor utilization of your subnets (end-IP like PCs or servers via ICMP and SNMP protocol). You need to know IP address range you want to monitor (like 192.168.1.0 - 192.168.1.254) and add this as new subnet in IPAM. IPAM then automatically scan the subnet and tell you what's IP address utilization.

           

          2) IPAM licenses is related to "used" IP addresses. That means, you have defined 3 subnets in IPAM and IPAM is activelly scanning for IP address utilization. If you have license for 1000 IP addresses and you have more than 1000 active IP addresses (marked as used in IPAM) then some of those will be acting as "available" because you don't have enough licensed elements (IPAM will popup with warning message).

           

          3) I would recommend to create class A supernet and then multiple subnets with ranges you need to monitor. obviously, if you have more than 1024 IP addresses you need to prioritize. I'd actually avoid polling of DHCP servers or DNS and focused more on subnets that are used for dynamic changes (client's PCs, engineering, etc.) because there is a chance that these subnets may become fully utilized comparing to your DHCP server subnet. (BTW IPAM can monitor DHCP scopes as well and atomatically pull down it into IPAM)

           

          you may also find this video as useful: IP Address Manager Overview - Videos | SolarWinds

          • Re: Implementing IPAM: Where to start from and why
            rstoney00

            sgenius

             

               Michal answered the license issue.   Implementation wise, the first step for you?  Step away from the IPAM console!

             

            Okay, seriously, don't just start throwing things in there.  From what you describe, there are some potential political / network administrative boundaries that exist.   So before you start the mass import of data, be sure to know where those are FIRST.   This directly affects how and at what boundaries you will permit users/groups for either RO acccess, Full admin access, etc.

             

            Now, once you know where to lay out your boundaries, based upon your IP address structure - NOW you start laying out things in IPAM.   If you start with the blank template provided, everyone gets access starting at the top.  Small areas, this is okay.  Larger areas, it can get cumbersome really quickly.

             

            It can be somewhat tedious to manage the alignment of your logical IP address structure with the sometimes illogical manner of how the network is taken care of, but a few minutes planning now will save you headaches later.