Call a Specialist Today! 800-886-5369

BlueCat APIs
Connecting your DDI solution with critical infrastructure ensures maximum value and uptime

BlueCat APIs

BlueCat Products
BlueCat APIs
BlueCat Connector for VMware
#Connector-for-VMware
Contact us for pricing!
BlueCat Connector for IBM QRadar
#Connector-for-QRadar
Contact us for pricing!
BlueCat Connector for HP ArcSight
#Connector-for-ArcSight
Contact us for pricing!

Click here to Jump to pricing!

Overview:

BlueCat offers a rich set of APIs, enabling dynamic interaction with your network ecosystem. All features including IPAM, DNS and DHCP elements are accessible via a unified, standards-based API, enabling proven integrations with leading commercial vendors to deliver orchestrated network creation, monitoring, security and provisioning solutions for data center and cloud environments.

Part of the fabric of IT for rich integration and interoperability

BlueCat’s API is the interface to enable custom, process-compliant changes to IP and DNS configurations while retaining complete visibility and control over IPAM data. Extend your team’s reach to adjacent network solutions leveraging this central source. BlueCat enables you to control how the enterprise deploys and consumes services across the cloud and virtualized infrastructures, reclaiming unused IP address space and delivering on-demand capacity. BlueCat’s API enables automated IP and Domain Name provisioning for new tenants, ensuring data integrity, security and speed.

Leverage a wealth of data for zero-touch administration and process automation

BlueCat brings together key network information from a broad set of sources including utilization, system events, network structure and user inputs. Combine this rich information with BlueCat’s unified, standards-based API to enable dynamic integrations with leading automation platforms such as HP Operations Orchestrator, ServiceNow, BMC Cloud Orchestrator and vRealize Orchestrator.

Connectors

BlueCat’s connectors target the common network related applications that interact with IPAM — from orchestration and provisioning to event management.

Connector for VMware
Ensure high speed and reliable provisioning of IP addresses and DNS names for virtual resources. Efficient virtualization management relies on the availability of network resources like IP addresses and DNS entries. BlueCat’s VMware Connector helps ensure the best possible utilization of the ‘IP Resource’.

Connector for IBM QRadar
Pinpoint attacks and threats by providing detailed information about every device on the network. With BlueCat DNS and DHCP data delivered in QRadar native data interchange format, security teams can identify and respond to external DNS attacks, malware outbreaks and botnet-infected devices.

Connector for HP ArcSight
Provide an authoritative source for information about the network including the connection between devices, IP addresses and their activity. These key data points are interconnected and correlated within ArcSight to provide a complete view of the security posture of all connected devices.

Connector for VMware:

Expedite VM Provisioning with IPAM Integration

BlueCat’s Connector for VMware ensures fast and reliable provisioning of IP addresses, networks, and DNS records for virtual resources. Centralized visibility and control of IPv4 and IPv6 address space capacity and utilization saves time and reduces the risk of human error. Seeing networks that are near capacity and those that are underutilized is easy, giving you the ability to avoid capacity problems before they occur. BlueCat serves as the single source of truth by recording and maintaining all IP, network, and DNS information.

Automate VM Provisioning
BlueCat’s Connector for VMware provides an automated solution for assigning IP addresses and updating DNS information. You can configure the Connector for VMware to use pre-defined VMware workflows, or build your own custom versions to perform other provisioning tasks. The Connector for VMware is designed to drop into an existing VMware environment and automate the ‘IP-ing’ of VMs, to simplify the IP and DNS naming for automated resource creation and deletions, while keeping all IP information centralized and up-to-date in the IP Address Manager.

Eliminate the Need for Reserved VMware IP Blocks
The usage of the block of IPs for virtualization is typically invisible to the network administrator. The practice also violates the basic purpose of elastic resources. VMware has the capability to reserve a pool of IP addresses for use with VM deployments which works well for the VMware administrator. However, it is not uncommon for the pool to run out before the VMware administrator requests additional space, which creates a “fire drill” moment that can stall the business. Getting this information requires the VM team to work with the network team – which often incurs delays. With the Connector for VMware, vRealize Orchestrator (vRO) is able to make direct calls against the IP Address Manager by BlueCat to secure IP addresses and DNS hosts to associate with deployed VMs or vApps.

Optimize Utilization of Scarce IP Addresses
Highly dynamic virtualized environments can very quickly use IP addresses, and are generally not as efficient at releasing unused addresses. Many organizations optimize their usage of IPv4 addresses before they move to IPv6, which can result in unexpected VM provisioning errors as IP addresses become unavailable. The Connector for VMware ensures optimal utilization of increasingly scarce IPv4 network space in highly dynamic VM environments including allocating and returning addresses quickly and efficiently.

Simplified Auditing and Powerful IP Oversight
The Connector for VMware allows the network team to understand what has happened to the IP addresses associated with virtualization. It also allows for centralized auditing of all IP related changes whether virtual or physical. This is an important consideration in organizations concerned with compliance and security related audits.

How It Works

The Connector for VMware provides integration between VMware vCenter Orchestrator to IP Address Management. It installs directly in vCenter Orchestrator and allows users to continue to work in the VMware interfaces they are accustomed to with the benefit of direct access to the IP Address Management stack.

how connector for VMware works

The Connector for VMware Highlights

The Connector for VMware is certified ‘VMware Ready’ and can easily be used with VMware’s vRealize Orchestrator, vCloud Director and vRealize Automation. The Connector for VMware is transparent to virtualization admins – they do not need to change their approach or learn a new tool. The Connector for VMware enables virtualization admins to continue to easily provision new VMs and ensure that they are connected to the network, while providing the network team with the visibility and control they need over the organization’s IP and DNS spaces.

Provisioning

Allow users to easily provision new VMs so that they are network ready and immediately usable.

  • Leverages the VMware interface that users are already using
  • Automatically assigns IP based on chosen networks
  • Provisions DNS names so that the VM is instantly usable
  • Allows simultaneous provisioning of VMs for multiple environments and tenants

Visibility

Users can track and audit provisioned addresses and hosts from a single point of control.

  • Ensure IP addresses and DNS hosts are properly allocated
  • Track all IP and DNS hosts centrally, whether virtual or physical
  • See detailed audit history on every change
  • Quickly see the relationships between IPs, VMs (MAC addresses) and DNS names

Control

Limit access to virtualization networks and ensure that admins can only modify their environment.

  • Use role-based access controls to assign change, view or block access to networks, IPs or DNS zones & records
  • Allow only virtualization networks to be modified by VMware
  • Prevent physical assets from being provisioned in virtual networks
  • Ensure new addresses and hosts do not conflict with existing VMs

Connector for IBM QRadar:

Accelerate threat detection and response with real-time network intelligence

BlueCat’s Connectors for IBM QRadar & HP ArcSight allows organizations to pinpoint attacks and threats by providing detailed information about every device on the network. With BlueCat DNS and DHCP data, delivered in native data interchange format, security teams can identify and respond to external DNS attacks, malware outbreaks and botnet-infected devices. Customers can also watch for developing patterns that could indicate a malicious agent is preparing for an attack. BlueCat network and device data oers an additional layer of network security intelligence with no blind spots or gaps in compliance or control.

Access Normalized Network Data from IBM QRadar & HP ArcSight Dashboards
BlueCat’s Connectors for IBM QRadar & HP ArcSight sends real-time network data through the native data interchange format so that it can be correlated with other security-related data points to provide more detail and faster threat response. This native format accelerates analytics and causes significantly less resource utilization than a basic syslog stream, providing customers with faster security response and lower costs.

Ensure a Risk-Free BYOD (Bring Your Own Device) Strategy
BlueCat provides customers with visibility into all device connections including the personal laptops, smartphones and tablets used by employees, contractors and guests. Customers can perform analysis and quarantine devices that are infected, non-compliant or represent a security breach.

Detect and Contain Malware
Gain greater visibility into all device activity on the network, accelerating the detection of malware threats and “rogue devices.” Time-stamped DNS query information, along with the origin of the request, is sent directly to QRadar or HP ArcSight, allowing security teams to identify requests that do not match typical flow patterns, such as an increasing number of DNS lookups to an unusual zone or machine. Infected devices can be quarantined to contain the spread of the outbreak.

Improve Forensic Analysis
Security teams can map trac or application access to a specific user/device combination, enabling security teams to quickly determine the first combination that either queried a bad zone, or became infected with malware. Analysts can also use historical DNS events to perform analysis to identify advanced threats.

Reduce Compliance Costs
Real-time DNS and DHCP data highlight oences and create reports to demonstrate compliance. This information can be retained for a corporate-defined period, allowing security teams to perform security and compliance analysis simply by running reports at regular intervals.

Blacklist “Bad” Domain Names
Block unauthorized application access at the DNS level to prevent any network connection from occurring and stop malicious agents from positively establishing “proof of existence” or target points for future attacks. Any query made to a “bad domain” is blocked directly by the DNS caching server and the user’s request can be either silently dropped or redirected to a notification web page that indicates a bad site was requested.

BlueCat Network Intelligence

In evaluating security, context is the key to decisionmaking. BlueCat IPAM provides an authoritative source for information about the network including the connection between devices, IP addresses and their activity on the network. This information is essential to monitor which applications are being accessed, by whom, and how sensitive business data is being used.

BlueCat extends network intelligence across wired and wireless networks, virtual environments and mobile end points, and encompasses DHCP scopes, IP address utilization, DNS host records, zones, subzones and devices. The Connectors for IBM QRadar & HP ArcSight enable these key data points to be interconnected and correlated to provide a complete view of the security posture of all connected devices.

BlueCat Enriches Security Intelligence and Accelerates Threat Response

connector for qradar

BlueCat Security Highlights

Security
Safeguard DNS and DHCP core services against exploits and attacks with hardened servers

  • Hardened Linux Kernel
  • DNS Blacklisting
  • Secure DNS (DNSSEC) Management
  • DHCP MAC Filtering
  • Certificate-Based Security
  • Regular Software Updates to Address CERT Vulnerabilities

Remediation
Drive the remediation of threats detected by QRadar and HP ArcSight straight through to a network level response

  • Track All Devices Associated with a User
  • Control User Access Privileges (e.g. restrict users to pre-determined subnets)
  • Remove All Devices Associated with a User
  • Blacklist Malicious Users
  • Quarantine Malware or Botnet-Infected Devices
  • Block Inappropriate Sites

Compliance
Reduce the costs of reaching network data to demonstrate compliance

  • Live and Historical Activity Monitoring
  • Tie Connected Devices Back to Specific Users and IP Addresses
  • Audit and Track Which Users are Accessing Which Resources
  • Identify Non-Compliant or “Rogue” Devices
  • Reduce False Positives and False Negatives

Connector for HP ArcSight:

Accelerate threat detection and response with real-time network intelligence

The Connector for HP ArcSight allows organizations to pinpoint attacks and threats by providing detailed information about every device on the network. With BlueCat DNS and DHCP data, delivered in ArcSight native data interchange format, security teams can identify and respond to external DNS attacks, malware outbreaks and botnet-infected devices. ArcSight customers can also watch for developing patterns that could indicate a malicious agent is preparing for an attack. BlueCat network and device data offers an additional layer of network security intelligence with no blind spots or gaps in compliance or control.

Access Normalized Network Data from HP ArcSight Dashboards
The Connector for HP ArcSight sends real-time network data through the native data interchange format in ArcSight so that it can be correlated with other security-related data points to provide more detail and faster threat response. This native format accelerates analytics and causes significantly less resource utilization than a basic syslog stream, providing customers with faster security response and lower costs.

Ensure a Risk-Free BYOD (Bring Your Own Device) Strategy
BlueCat provides ArcSight customers with visibility into all device connections including the personal laptops, smartphones and tablets used by employees, contractors and guests. ArcSight customers can perform analysis and quarantine devices that are infected, non-compliant or represent a security breach.

Detect and Contain Malware
This connector provides ArcSight users with greater visibility into all device activity on the network, accelerating the detection of malware threats and “rogue devices.” Time-stamped DNS query information, along with the origin of the request, is sent directly to ArcSight, allowing security teams to identify requests that do not match typical flow patterns, such as an increasing number of DNS lookups to an unusual zone or machine. Infected devices can be quarantined to contain the spread of the outbreak.

Improve Forensic Analysis
BlueCat and HP ArcSight allows security teams to map traffic or application access to a specific user/device combination, enabling security teams to quickly determine the first combination that either queried a bad zone, or became infected with malware. ArcSight analysts can also use historical DNS events to perform analysis to identify advanced threats.

Reduce Compliance Costs
The Connector for HP ArcSight provides real-time DNS and DHCP data to better highlight offences and create reports to demonstrate compliance. This information can be retained for a corporate-defined period, allowing security teams to perform security and compliance analysis simply by running reports at regular intervals.

Blacklist “Bad” Domain Names
Block unauthorized application access at the DNS level to prevent any network connection from occurring and stop malicious agents from positively establishing “proof of existence” or target points for future attacks. Any query made to a “bad domain” is blocked directly by the DNS caching server and the user’s request can be either silently dropped or redirected to a notification web page that indicates a bad site was requested.

BlueCat Network Intelligence

In evaluating security, context is the key to decision-making. The BlueCat IPAM platform provides an authoritative source for information about the network including the connection between devices, IP addresses and their activity on the network. This information is essential to monitor which applications are being accessed, by whom, and how sensitive business data is being used. BlueCat Network Intelligence extends across wired and wireless networks, virtual environments and mobile end points, and encompasses DHCP scopes, IP address utilization, DNS host records, zones, subzones and devices. The Connector for HP ArcSight enables these key data points to be interconnected and correlated within ArcSight to provide a complete view of the security posture of all connected devices.

BlueCat Enriches Security Intelligence and Accelerates Threat Response

connector for arcSight

BlueCat Security Highlights

Security
Safeguard DNS and DHCP core services against exploits and attacks with hardened servers

  • Hardened Linux Kernel
  • DNS Blacklisting
  • Secure DNS (DNSSEC) Management
  • Optional FIPS 140-2 Level 3 Certified HSM-based Key Security
  • DHCP MAC Filtering
  • Certificate-Based Security
  • Regular Software Updates to Address CERT Vulnerabilities

Remediation
Drive the remediation of threats detected by ArcSight straight through to a network level response

  • Track All Devices Associated with a User
  • Control User Access Privileges (e.g. restrict users to pre-determined subnets)
  • Remove All Devices Associated with a User
  • Blacklist Malicious Users
  • Quarantine Malware or Botnet-Infected Devices
  • Block Inappropriate Sites

Compliance
Reduce the costs of reaching network data to demonstrate compliance

  • Live and Historical Activity Monitoring
  • Tie Connected Devices Back to Specific Users and IP Addresses
  • Audit and Track Which Users are Accessing Which Resources
  • Identify Non-Compliant or “Rogue” Devices
  • Reduce False Positives and False Negatives

Documentation:

Download the BlueCat Connector for VMware Brochure (PDF).

Download the BlueCat Connector for IBM & HP Brochure (PDF).

 

BlueCat Products
BlueCat APIs
BlueCat Connector for VMware
#Connector-for-VMware
Contact us for pricing!
BlueCat Connector for IBM QRadar
#Connector-for-QRadar
Contact us for pricing!
BlueCat Connector for HP ArcSight
#Connector-for-ArcSight
Contact us for pricing!