ManageEngine DDI Central | Read me

5600 - November 20, 2025

1. AI-Powered Anomaly Detection: DNS & DHCP activity screening now includes built-in anomaly detection rules and ZIA AI’s ML-based DGA pattern detection for early threat identification.
2. Cisco integrated DHCP: Centralized management for DHCP services on IOS-XE & IOS-XR devices with real-time DNS and IPAM sync.
3. ML-based forecasting: Predict DNS query loads cluster-wide or by zone, and forecast DHCP lease trends per subnet for smarter capacity planning.
4. DNS records monitoring: New monitoring system uses TCP and PING to track zone record health and query continuity.
5. Zone versioning and backup: DNS zone backups can now be created and restored across Windows and Linux clusters.
6. Per-server DNS Analytics: View DNS query analytics at individual server or for all the servers in a cluster level for deeper insights.
7. Record Enable/Disable (Linux): Toggle to activate or deactivate individual DNS records directly from the UI on Linux clusters.
8. Management UI Console Failover Cleanup (Windows): Resolved issue with leftover replica passwords during failover removal.
9. Static Lease + Endpoint Central Integration: Delegated/static scopes now sync with Endpoint Central for comprehensive asset mapping.
10. Rogue DHCP server detection in Alerts: DDI Central Alerts now include in-app as well as emails to notify admins about rogue DHCP server detection for fast remediation.
11. Duplicate IP detection: Scans A/AAAA/CNAME records for duplicate IPs and exports dedicated reports.
12. Editable Server IPs (Linux): Admins can update Linux server IPs with backend sync and system-wide propagation.
13. Enhanced subdomain view: Now shows record values and last modified times for better DNS troubleshooting.

5500 - August 6, 2025

1. DDI Central now integrates live threat feeds from top cybersecurity vendors to block malicious domains in real time—using vendor-assigned reputation scores for stronger DNS-layer protection.
2. DNS Detection and Response (DDR) is now available in DDI Central that automatically quarantines suspicious IPs querying threat-intelligence-flagged domains.
3. DDI Central now supports Failover HA and Database Failover support to the Main App Console (Management UI Console), ensuring continuity of core management operations in the event of main console or database failures.
4. The new Enterprise edition of DDI Central is now available with built-in threat intelligence and main console failover. Existing Professional users can access these features as add-ons; the Essential edition has been retired.
5. DDI Central now integrates with OpManager to provide unified visibility across core network services and infrastructure monitoring—streamlining troubleshooting and performance analysis.
6. You can now configure and manage Network Time Protocol (NTP) servers directly from DDI Central, ensuring synchronized time across DNS and DHCP infrastructure for accurate logging and policy enforcement.
7. DDI Central now allows adding and configuring Active Directory (AD) domains, giving administrators more granular control over directory-integrated DNS environments and also capture entries into audit logs.
8. To bolster DNS privacy and integrity, DDI Central now supports DoT and DoH—suitable for both structured enterprise deployments and user-facing, privacy-centric scenarios.
9. When importing A and AAAA records into zones via UI or API, DDI Central now prompts the admin for permission to auto-generate corresponding PTR records—saving time and reducing manual errors in reverse DNS configuration.
10. Prebuilt templates for standard QPS on Linux and Windows to defend against DDoS and query‑flood attacks, ensuring resilient DNS performance.
11. New DHCP templates for Vendor Class Identifier and Client Class Identifier enables quick grouping of devices by certain criteria and directly imports them into a client class.
12. Email alerts for newly detected MAC addresses and abandoned leases, based on your configured time‑threshold settings in the App System Settings.
13. Deletion of DHCP reservations or Hosts in bulk is now enabled.
14. Previously known as Reserved Addresses (the ones excluded from general DHCP provisioning), DDI Central now refers to them as Designated Addresses and also refers Fixed address as DHCP reservations in Windows.
15. DDI Central now notifies admins via email when Endpoint Central device tokens are about to expire.
16. Admins can now manage and unmanage DNS domains and DHCP subnets.
17. Any available IP addresses can now be associated with a specific host through the "Associate Host" icon in the Lease section.
18. DDI Central now displays lease history statistics for DHCPv6-assigned IP addresses.
19. New Server Suspend Mode lets admins temporarily halt updates to the main console during sync issues or downtime.

5100- May 16, 2025

1. DDI Central now integrates with ManageEngine Endpoint Central, enabling endpoint identification, profiling, and security monitoring through DHCP lease and repository matching for enhanced network visibility and control.
2. DDI Central now integrates with AWS Cloud, providing unified IP visibility and monitoring across VPCs, ECS, Subnets, RDS, and EC2 for seamless hybrid network management.
3. DDI Central's High Availability (HA) minimizes network downtime by automatically redirecting DNS and DHCP traffic to a secondary server during service failures, ensuring uninterrupted connectivity.
4. DDI Central Linux ISC BIND now allows adding address pool ranges in the Client class at the Global or Subnet level.
5. Refresh the status of single or multiple servers in the cluster using the Check Status option for quick and updated insights.
6. Configure recognized languages within the DDI Central UI through system settings for improved user comprehension.
7. Customize email and in-app notifications through the Notifications option.
8. Previously, the subnet calculator displayed the first 10 IPs in a subnet range as examples. Now, it displays the first 5 IPs and the last 5 IPs for better clarity.
9. Add descriptions for hosts when adding them in the Add Host section in DDI Central Linux ISC BIND.
10. View the version of the node agent installed on servers in the Server page of DDI Central Linux ISC BIND.
11. DDI Central Linux ISC BIND now supports pool range exclusion for subnets.
12. DDI Central enables searching for A, AAAA, CNAME, and PTR records in a DNS zone using IP addresses and hostnames.
13. DDI Central now allows associating PTR records when creating A or AAAA records within a DNS zone.
14. DDI Central now displays the DUID value for IPv6 clients on the DHCP Leases page.
15. When onboarding Microsoft servers to manage an Active Directory (AD) setup in DDI Central, users can now specify the Primary Domain Controller (PDC).

5001- February 04, 2025

1. Integrate with third-party tools via APIs supporting full CRUD operations for zones, records, and DHCP scopes. Automate lease management, audits, and real-time data analysis on a grand scale.
2. New complimentary user roles like Auditor and Guest are available to enable restricted monitoring without modifying any configurations, maintaining system integrity.
3. Simplify the design and planning of IPv4/ IPv6 subnets with a built-in calculator to allocate and design IP address spaces accurately. Quickly identify available IPs, reducing errors and streamlining network management.
4. Configure stub zones and forwarders for Windows clusters to optimize DNS resolution and improve query efficiency.
5. Centralize logging with rsyslog integration to consolidate ISC DNS and DHCP server logs. Use these logs with third-party tools like ELK or Splunk for advanced monitoring and insights.
6. Prevent configuration clashes with live updates and instant notifications for concurrent users working on the same resource. Enhance transparency and productivity in multi-user environments.
7. Analyze DNS response codes, error trends, and traffic patterns for hosted and non-hosted domains. Export query analytics data for streamlined reporting and troubleshooting.
8. Access a dedicated alerts page within the UI for immediate updates on blocked site access, IP lease issuance, service failures, DNS query thresholds, and more events. Customizable thresholds and visual UI cues enable proactive attention.
9. Simplify onboarding by bulk importing subnets, multicast subnets, DHCP reservations, DHCP filter allow/block lists, and MAC addresses for DHCP policy criteria via CSV files. Enhance efficiency in large-scale deployments while reducing errors.
10. Automatically verify the status of static IPs with real-time pings for accurate accountability. Ensure efficient management of statically provisioned IP addresses.
11. Create and manage hierarchical supernets for better segmentation and IP allocation. Visualize nested structures for scalable and organized network planning.
12. Tailor polling intervals and data retention for DNS, DHCP, and audit logs to optimize storage and performance. Ensure compliance and efficient resource management.
13. Monitor trends in operations with intuitive visualizations for DNS, DHCP, and user access logs. Export audit data in PDF or CSV formats for easier sharing and reporting.

4300- December 10, 2024

1. Windows zone discovery for 50K+ records is now reduced from 3 minutes to 40 seconds, ensuring consistent performance regardless of machine specs.
2. DNS zone discovery for servers with 100 zones (1K—50K records each) now completes in 2—3 minutes, down from 25—30 minutes.
3. The Management Console UI now loads high-volume DNS record sets within 2 seconds, down from 5 minutes.
4. Updates to AD zones via DDI Central UI now preserve and retain live timestamps, preventing disruptions to Windows AD scavenging processes.
5. Previously, NTLM authentication for LDAP on Windows servers faced issues due to a missing package. This has been resolved by including the pycryptodome library.
6. Windows DHCP MAC filtering Allow and Block lists now support partial MAC addresses, enabling enhanced pattern matching and simplified device targeting.
7. Bulk DNS record deletions are now processed in batches, ensuring smooth performance and preventing crashes caused by forced massive deletions.
8. The main dashboard now shows the exact number of servers where DNS or DHCP services are down, with hover-over details for server names and IPs, improving accuracy and troubleshooting.

4250- November 13, 2024

1. OAuth authentication is now available as an alternative to basic SMTP authentication for mail server settings, providing enhanced security and flexibility.
2. The DDI Central Management UI Console has been optimized to handle high-volume query data reaching DNS servers. Improvements in query reading speeds and memory usage minimize latency and reduce freezing under heavy query loads, ensuring smoother performance and greater stability.
3. Previously, after installing the .bin installer and adding a Windows cluster, queries to the Windows DNS servers were not properly captured in the DDI Management UI Console. This issue has now been resolved, ensuring accurate query reporting in the DDI Console.
4. Within the Windows clusters, you can now search Subnets and Multicast Subnets by their respective names, making it easier to locate specific scopes quickly.
5. Resolved the pagination issue in PTR and CAA record search, where some PTR and CAA records were repeating after a few pagination jumps. Records can now be accurately located through pagination without duplication.
6. Subnet lease duration setting issue has been resolved, where setting the lease duration to "Unlimited" on the subnet page would default to "Limited." The lease duration now remains set to "Unlimited" as intended.
7. Previously, during short bursts of high query volume, DDI Central did not capture all versioned DNS query logs created via log rotation on the managed ISC BIND servers, resulting in query count mismatches. DDI Central now accurately reads and captures all the DNS query log versions, ensuring consistency even under high query loads.
8. Previously, queries to the blacklisted domains of Linux clusters via the ISC BIND servers in the cluster were missing hostname details in DDI Central's UI Console. This issue has been resolved, and all relevant query details, including hostnames, are now accurately displayed.

4200- August 26, 2024

1. Introduced .exe-based installation for simplified setup and deployment in Windows servers
2. Introduced LDAP and LDAP over SSL authentication as an additional single-sign on capability
3. On admin consent, DDI Central now discovers all necessary configuration files, zone files, and libraries within the chroot directory, and automatically converts all relative paths within the service directory to absolute paths.
4. Frequent logout issues have been fixed.
5. Issues with scheduling records while updating DNS records have been resolved.
6. Previously, DDI Central required CNAME record inputs in full FQDN format for successful discovery. Now, it accepts and discovers CNAME records using just the hostname as input.

4100- July 10, 2024

1. Windows DNS management was launched.
2. Windows DHCP management was launched.
3. Single Sign On (SSO) using SAML authentication was introduced
4. Package dependencies for PDF report generation were resolved.
5. DDI Central is now available in the following languages: Spanish, French, German, Italian, Japanese, Portuguese, Dutch and Chinese.

4002- May 06, 2024

New Features & Enhancements:

1. Users can directly configure static subnets, manually assign IP addresses, import and manage static leases from spreadsheets, ensuring consistent network addresses for essential services and devices.
2. Migrate all the zones hosted with third-party managed DNS providers to DDI Central and manage them directly from DDI Central UI without switching between different points of management.
3. Create scheduled configurations and reports for DNS resource records and DHCP scopes. Download past report versions available for comparison and analysis to bolster change management and support compliance.
4. Delete DHCP leases via the DDI Central console, preventing lease reassignment and ensuring new leases for users. This improves control over address distribution and increases management flexibility as needed.
5. PXE boot configuration can now be configured quickly through user-friendly templates and imported into the relevant client class.
6. DDI Central now mandates that users set up an A or AAAA record for nameservers matching their domain names before usage. For example, configuring 'clouddns.com' with 'ns1.clouddns.com' requires creating an authoritative record for 'ns1.clouddns.com' first.
7. Refresh the DNS cache of a selected server or a specific zone on the server to ensure your DNS information is up-to-date.
8. Automate email notifications to admins identifying the hosts attempting to access domains that have been blocked for monitoring and reacting to potential security breaches or policy violations.
9. Node Agent installed on all DNS and DHCP servers now supports admin-controlled password resets for enhanced security, replacing the previous automatic reset system. This update allows admins to intervene directly in case of suspected breaches.
10. Admins can now choose and update the network port used by the Node Agent, providing flexibility and facilitating compliance with internal networking policies and external regulations.