There are several limitations for IPAM under Windows Server 2012 R2. From a system configuration and deployment...
perspective, IP address management (IPAM) only handles a single Active Directory forest, and a single server can support up to 150 DHCP servers and 500 DNS servers. Although this should allow ample DHCP scopes and DNS zones for most enterprise situations, it's important for IPAM adopters to understand potential limits.
But perhaps the broader limitation of IPAM is its dependence on Microsoft products. For example, IPAM only handles domain controllers, DHCP servers and DNS servers using Windows Server 2008 or later. IPAM does not configure or manage other non-Microsoft network devices (such as appliances) -- though the IP address data from other network devices can be imported through PowerShell. IPAM also does not support non-Microsoft databases, so IPAM depends on a Windows database.
In terms of forensic data, IPAM is reported to support up to three years of tracking data for 100,000 users. This includes activity information such as IP address leases and renewals, MAC addresses, user logon details and so on. It's important for IPAM adopters to consider the composition of this forensic data and ensure that retention is adequate and protected. If logging does not capture the details or provide the retention necessary to address the company's regulatory compliance or auditing needs, it may be necessary to reconsider the adoption of IPAM.
IPAM tools, such as the features included with Windows Server 2012 R2, allow automatic device discovery, monitoring, management and reporting. But like most management-type tools, it's important for organizations to approach this new or enhanced functionality with a careful proof-of-principle project. Lab testing and evaluation can allow IT professionals to develop comfort and confidence with IPAM techniques, and better inform business decision makers about the business value of IPAM technology before it is rolled out to a production environment.
Dig Deeper on Microsoft Systems and Network Troubleshooting
Related Q&A from Stephen J. Bigelow
Microsoft offers a free antimalware tool for client and server systems, but administrators need to tune the layers of protection to avoid problems. Continue Reading
Testing Exchange information rights management functionality can be tedious, but Microsoft offers a dedicated cmdlet for Exchange 2016 administrators... Continue Reading
Not every tool is right for the job of backing up data. Find out what limits System Center DPM 2016 protection and which alternatives cover what it ... Continue Reading
Have a question for an expert?
Please add a title for your question
Get answers from a TechTarget expert on whatever's puzzling you.