January 12th, 2016
Men & Mice Announces the release of version 7.3.2 of the Men & Mice Suite.
This is a maintenance release containing a bug fix in a 3rd party software on the Men & Mice appliances.
- BIND on the appliances has been patched to address the issues in the following vulnerabilities
- CVE-2016-9131: A malformed response to an ANY query can cause an
assertion failure during recursion. See https://kb.isc.org/article/AA-01439 for more details.
- CVE-2016-9147: An error handling a query response containing inconsistent
DNSSEC information could cause an assertion failure. See https://kb.isc.org/article/AA-01440 for more details.
- CVE-2016-9444: An unusually-formed DS record response could cause
an assertion failure. See https://kb.isc.org/article/AA-01441 for more details.
- CVE-2016-9778: An error handling certain queries using the nxdomain-redirect
feature could cause a REQUIRE assertion failure in db.c. See https://kb.isc.org/article/AA-01442 for more details.
- CVE-2016-9131: A malformed response to an ANY query can cause an
December 2nd, 2016
Men & Mice Announces the release of Version 7.3.1 of the Men & Mice Suite. This release contains several updates and fixes.
An issue was fixed where a crash could occur when syncing zone that contained records that were identical except for character case
An issue was fixed where Men & Mice Central could crash in the case that it got an empty zone transfer
An issue was fixed where the connection to Azure DNS could be unexpectedly closed during login
An issue was fixed where a DS record could not be added or deleted on dynamic zones on BIND
An issue was fixed where IgnoreZones preference was ignored when a server was synchronized for the first time
November 10th, 2016
Men & Mice announces the release of Version 7.3 of the Men & Mice Suite.
Please note: Version 7.3 is not a long term support (LTS) release, but a feature release. More information on the Men & Mice Release Policy can be obtained here.
Windows Server 2016 Support
As of September 2016, the Windows Server 2016 achieved General Availability. Men & Mice Suite support for primary Windows Server 2016 DNS and DHCP features was already included in Version 7.2, released in May 2016. A stand-out feature was support for Response Rate Limiting, which significantly reduces the impact of a denial-of-service (DoS) attack on servers.
The following additional Windows Server 2016 features are supported from Men & Mice Suite Version 7.3 onwards:
DNS policies grant a user control over how queries are handled, based on specific criteria. These criteria can, for example, be used in the following scenarios:
- High availability of DNS services
- Traffic management
- Split-brain DNS
- Redirection based on date/time
Specific types of policies are:
- Zone transfer policies
Essentially used to define how zone transfers take place, zone transfer policies control zone transfer permission on the server level or the zone level.
- Recursion policies
Control how the DNS server performs recursion for a query.
- DNS query resolution policies
Used to specify how incoming DNS queries are handled by the DNS server.
IPv6 root hints
The IPv6 root servers can now be used for performing name resolution.
DANE TLSA records
DANE, or DNS-based Authentication of Named Entities, allows a domain owner to specify in a specific DNS record, which certificate authorities are allowed to issue certificates for the domain.
Men & Mice Suite users have enjoyed the benefits of a particularly robust set of application programming interfaces (APIs) in the form of the Men & Mice SOAP and JSON-RPC APIs, introduced in 2008 and 2014 respectively. Starting with Version 7.3, Men & Mice is making the integration of various tools with the Men & Mice Suite even smoother by adding a REST API to the Men & Mice Suite.
Used by browsers, REST (Representational State Transfer) is often considered to be the language of the internet. By using HTTP requests to GET, POST, PUT and DELETE data, REST paves the way for two computers to communicate over the internet by one acting as a web server and the other as a web browser. This resource-based architectural style of REST is well-suited to the greater scalability and flexibility required by the constantly increasing utilization of cloud services.
The Men & Mice REST API includes all the functionality of the existing SOAP and JSON-RPC APIs, but delivers the added advantage of ease of use, combined with a rich set of tools and support libraries. Amongst other things, the REST API provides Men & Mice Suite users with the tools to create workflows and write handy scripts to import and export data.
The Men & Mice Suite REST API is discussed in greater detail in the Men & Mice REST API article.
VMware Integration Plug-In
Men & Mice takes a further step towards simplifying virtualization by introducing the VMware vRealize Orchestrator plug-in. Designed to integrate seamlessly with workflows inside the VMware Orchestrator framework, the Men & Mice Suite VMware plug-in allows for fast and efficient provisioning of virtual machines.
When a Men & Mice Suite user puts in a request for a new virtual machine, the vRealize Orchestrator receives the next available IP address from the requested subnet, together with other essential configuration information. vCenter creates the VM and communicates the changes back to the Men & Mice Suite, which then updates DNS infrastructure accordingly. Additionally:
The Men & Mice Suite’s custom properties allow further customization of the VM’s visibility and status.
VM information retained in the Men & Mice Suite enables VM tracking, synchronization and updates, including the release of IP addresses after a virtual server is taken down.
- The Men & Mice Suite talks to DNS servers and registers DNS entries and other changes, such as updates to DNS policies, thereby consolidating DNS data required by the vRealize Orchestrator.
Integrated functionality not only saves time, but also strengthens security, eliminates errors of configuration and ensures improved and continuously synchronised network manageability.
Further information on theVMware plug-in can be obtained from Men & Mice Suite Documentation.
- Software on the DDI appliances was upgraded to a newer version due to vulnerabilities CVE-2016-2776 and CVE-2016-8864.
Other Improvements and Changes
- It is now possible to request the next free address inside a container.
- Dynamic records on Microsoft DNS Servers can now be created with the AddDNSRecord(s) SOAP API command.
- It is now possible to synchronize with the server before fetching DNS records in a DNS Zone with the SOAP API.
- The discovery schedule can now be managed with the SOAP API.
- The indicator for trailing gaps in the range list is no longer indented when the tree is in flat mode.
- Users can now edit scope properties for scopes with instances on both ISC and Kea DHCP servers.
- ISC DHCP scopes with failover peers can now be migrated to Kea DHCP servers or ISC servers without failover peers.
- Disabling of the address utilization history collection is now possible.
- General performance improvements for large environments.
- Support has been added for GeoIP in the BIND DNS server support in the Men & Mice Suite.
- Health bar notifications now contain hyperlinks to relevant Knowledgebase articles.
- It is now possible to edit Kea DHCP server configuration directly via advanced options.
- Men & Mice Central will now try to load newer Microsoft ODBC drivers with fallback to older drivers.
Bugs and Issues Fixed
- An issue was fixed where Men & Mice Central would crash in certain situations when accessing non-existing IP addresses from the database.
- An issue was fixed where the DNS Server Controller dropped newly created zones under certain circumstances.
- An issue was fixed with retrieving Kea DHCP server properties with the SOAP API.
- An issue was fixed where cancelling of the First Use Wizard would crash the Management Console.
- A display issue in the login dialog progress bar in the Management Console was fixed.
- The handling of empty and missing access control lists (ACL) in BIND server options was fixed.
- An issue was fixed where DHCP synchronization would fail if a scope in a failover relationship was removed outside of the Men & Mice Suite.
- The AddDHCPScope API function now handles correctly if the scope is not within the IPv4 range.
- An issue was fixed where a user with limited access privileges might get an error when right-clicking a folder created by another user.
- The Management Console no longer clears quick filter when data in lists is modified.
- An issue was fixed where zones of type static-stub were not being handled properly.
- An issue was fixed regarding the use of long command prompts when configuring Cisco DHPC servers.
- Adding the root zone no longer causes a longer startup time on the next restart of Men & Mice Central.
- An issue was fixed where an installation of the Web Interface on Windows Server 2016 would fail.
- An issue was fixed where the GetNextFreeAddress SOAP command would occasionally return the wrong address.
- Health notifications for Kea DHCP servers have been added.
- Connection tracking for Port 53 on Men & Mice appliances has been disabled.
- An issue was fixed with an impatient updater service.
- The Windows 2016 DNS Server status check has been improved.
- An issue was fixed where the BIND option ‘also-notify’ was not being parsed correctly.
- An issue was fixed where a BIND server with views would not initialize correctly.
- An issue was fixed where Men & Mice Central would not exit properly while updating.
- An issue was fixed where editing reservations on Cisco DHCP servers could result in an exception.
- An issue was fixed where the SOAP API command SetDNSRecordAging would not correctly toggle the ageing value on CNAME records.
- Support was removed for Men & Mice Central and Men & Mice Remote agents on 32-bit Windows 2008 (non-R2).