1 14 15 16 17 18 Previous Next

Product Blog

500 posts
fcaron

Orion multi-tenant deployments

Posted by fcaron Apr 17, 2012

This blog complements the information available here, related to what SolarWinds has to offer to the Managed Service Providers (read also the FAQs) and focuses on the multi-tenancy capabilities of SolarWinds NPM network monitor (even if some of this document is actually applicable to other products relying on the SolarWinds Platform, aka Orion Core.

First, what is multi-tenancy?

Wikipedia defines it as a software architecture where a single instance of the software runs on a server, serving multiple client organizations (tenants). Multi-tenancy is contrasted with a multi-instance architecture where separate software instances (or hardware systems) are set up for different client organizations.

With a multi-tenant architecture, a software application is designed to virtually partition its data and configuration, and each client organization works with a customized virtual application instance.

The drivers behind multi-tenancy are mainly (but not only) cost savings (only one platform – HW and SW – is needed to support multiple customers) and easier release management (tasks like upgrade, high availability, database backup are performed only once and benefit all supported customers in a single operation).

Can SolarWinds products be deployed in a multi-tenant way?

Yes, and here is how.

For more clarity, let’s break down this discussion into 2 separate topics:

·         Visualization
How do I configure SolarWinds
products so a particular customer can safely login into the SolarWinds product portal and get a view restricted/limited to THEIR IT resources, even though they are being supported by a multi-tenant platform that also supports other customers like them?

·         Deployment and Data Collection
What should be my deployment strategy, so I can collect management information from my customer’s IT environment and feed it back in to a single shared (i.e multi-tenant) SolarWinds
instance? How do I deal with duplicate IP addresses that my customers have?

This discussion could be extended to other levels, such as storage, and this might be explored in further editions of this blog, but for now, let’s stick to this two main topics: visualization and data collection.

Configuration of the visualization in multi-tenant environments

How to create for my customers, the perception that they are on their own private IT management platform, while they are actually being hosted on a single instance, shared with other customers?

The SolarWinds platform provides two types of “Limitations” that will allow you to isolate the view and the data that each customer has access to:

  • Account limitations.
    This type of limitation is the most commonly used by MSPs and allows for the restriction of the Nodes that a given login will be able to view (or not). Simply put, the Account Limitation controls visibility that Accounts/Login have of Nodes. We will use this notation in the rest of this blog: Account => Nodes
  • View Limitations.

This type of limitation allows the MSP to restrict the Nodes that a given View will be able to display. This will be noted View=>Nodes. Of course, if all your accounts have access to the same Views (e.g. a TOP 10 view), this is not very helpful in the context of isolation, because then all your accounts will have access to all the nodes that this view has visibility on. This is useless for multi-tenancy, unless you can control visibility of Accounts on Views (Accounts => Views); then by combining this with Account Limitations above, you can configure this type of visualization model: Accounts => Views => Nodes.

What is a View?: A view is an HTML page displaying multiple resources (single graph, table, display widget), that have a common theme. A product usually comes with multiple out of the box views. Customers can create new or customize views. Views are selected by clicking on their names right below the product tabs.

Capture.PNG

Now that we understand the theory behind these 2 features, let’s look at concrete examples and how to configure them.

 

Account limitations: As said above, MSPs typically use this to control the Nodes visible by their Accounts (i.e. login) across all generic views (or regardless of the view).

To configure Account => Nodes, go to Settings>Manage Accounts>Select an Account>Edit>Account Limitations>Add Limitation:

 

Capture1.PNG

As you can see, there are many different ways to express the list of nodes that will be visible by the account/login that you have selected. Let’s explore a few:

  • Single Network Node does what you would expect (you can select a single node). Easy for testing but fairly limited.
  • Group of Nodes (understand “list” of nodes), is more interesting: it proposes the list of Nodes so you can check one node or multiple nodes that your Account/Login will have visibility on. This is the most commonly utilized.
  • Single Group allows you to define a group and use its content to limit what a user shoud be able to view. This is an easy way for an MSP to define the views of each of their customers.
    Just create a group (Settings>Nodes & Group Management>Manage Groups) and use this group to configure your Single Group limitation.
    Any user associated to this group, will see his/her views restricted to the content of this group.

    Note that this was fixed in NPM v10.4, and used to be more tricky in previous versions , because it does not do what most people expect. Here is the behavior experienced pre-v10.4 abd how to workaround it. This section below is NOT required in NPM v10.4.

You would expect it to give visibility to all Nodes that have previously been put in a group, which would be very easy for MSP’s: put your nodes assigned to each customer in a group representing the customer and you are done, then just assign each Customer groups to the Account/Login allocated to this customer.
Unfortunately it does not work this way. Doing this restricts access to the Group itself but the visibility limitation does not extend to the content of the group. So this does not help you.
Here is how to make it work: make sure you have a Custom property for each Node in NPM network monitoring software, populated with the Customer name (you would probably do this to create the group anyway), but instead of creating your Account Limitation based on the group (which does not work), you create it based on a Custom Account Limitation based on a property. Creating a Custom Account Limitation based on a property is easy: Start Menu>App Programs>SolarWinds Orion>Grouping and Access Control>Custom Property Editor>Orion>Account Limitation Builder> Add>name your custom limitation, select your Custom property (e.g. CustomerTag in example below):
Capture2.PNG
Once done, go back to your Account Limitation screen and notice your Custom Account Limitation method:
Capture3.PNG
This is functionally equivalent to what you think it would do if you created your Account Limitation to a Group that was based on the Custom property “CustomerTag”. Just don’t use the group.

 

View Limitations: As seen above, MSPs typically use View limitation in this context: Accounts => Views => Nodes, and the most common use case is when Views are actually Home>Summary Views that need to be different per customer, because they have maps that are specific to customers. In other words, for the map to be specific to a customer, you need to create a view that has the correct map and assign it to the Account / Login attached to this customer.

 

Capture4.PNG

 

Here is how to assign a Summary View to a account: go to Settings>Manage Accounts>[select an account]>Edit>Account Limitations>Default Menu Bar and Views:

Capture5.PNG

 

Then, once you have assigned a view to your account, you can now restrict what Nodes will be visible from this view by using a View Limitation: Settings>Manage Views>[your custom view]>Edit>View Limitation> Edit:

Capture6.PNG

From there, the same discussion as above applies.

 

Let’s take a concrete example and make sure you understand how the system behaves. Let’s say you have used this model Accounts => Views => Nodes to deploy your 2 customers ACME and EuroCust, respectively based in US and Europe, as follows:

  • Account ACME => US_View – use the home page view configuration
  • Account EuroCust => Europe_View – use the home page view configuration
  • US_View=>Chicago_Router, Austin_Router – use the View Limitation feature
  • Europe_View=>Frankfurt_Router, London_Router – use the View Limitation feature

 

This will provide the expected view, but you will want to know about the following behavior of the system: If the Account ACME user can modify the URL of his US_View page and figure-out what URL corresponds to the Europe_View page, he will not only be able to see the map of Europe (not big deal) but more importantly, see the Frankfurt_Router, London_Router, because these are attached to the Europe_View, as per the View Limitation.

 

If you are afraid of this behavior (some MSP consider this a back door), then you should NOT use the View Limitation and rather model your system like this:

  • Account ACME => US_View – use the home page view configuration
  • Account EuroCust => Europe_View – use the home page view configuration
  • Account ACME => Chicago_Router, Austin_Router – use the Account Limitation feature
  • Account EuroCust => Frankfurt_Router, London_Router - use the Account Limitation feature

The conclusion of this part is that you will want to think about how you will model your environment and customers, do some preliminary testing of SolarWinds products, based on the ones that you have deployed. Remember that different products may honor the Account and View limitations differently.

Ultimately, you will want to make your own opinion about the pros and cons that the various options offer. Hopefully the section above will help you understand the most important points, so you can figure out the details related to your particular environment.

 

 

Deployment and Data Collection in multi-tenant environments

The main issue at this level is dealing with duplicated IP addresses, which the MSP customers will usually have. Today, there are two recommended ways to deal with this: NAT and EOC-based deployments

NAT-based deployment: Network Address Translators translate the customer domain addresses, so that they are all unique from a SolarWinds product perspective. Basically, NAT eliminates the overlapping IP addresses.

Capture7.PNG
Note that this makes the identification of managed devices more complex because the translated IP’s don’t necessarily make sense to report readers. This can be addressed by populating custom properties with IP’s or Names that will not be affected by any translation.


 

 

EOC-based deployment: a full instance of SolarWinds product is deployed per Customer (usually large ones) and they are consolidated at the MSP level, by EOC (Enterprise Operations Console)

Capture8.PNG

Other deployment considerations

SolarWinds does not recommend the deployment of a central (NOC) instance of our network management product with one Polling Engine deployed on each customer’s network, because the WAN that would then connect the remote Polling Engines and the central database, would likely be the cause of lower reliability and higher latency which is not a certified environment.

Other solutions such as managing an entire customer environment via a unique IP address and differentiate their different managed devices (e.g. servers) using different SNMP ports (port forwarding) does not work.

 

 

You can find more on Orion architecture (non MSP-specific) here.

In case you missed it in our Log & Event Manager Release Roundup: Latest News post, the next release of LEM is now in Release Candidate status. You can join up by filling out the survey over on SurveyMonkey, I'll provision it to your Customer Portal and you can get crackin' on the new features.

 

LEM 5.4 RC Features: Flexibility!

The "theme" of this release is flexibility - extending the flexibility of your LEM deployment within your organization. We've added several features that make LEM more flexible to deploy, implement, and integrate into your environment.

 

Virtual Appliance Improvements: Deploy to Microsoft Hyper-V, Export/Import/Migrate Appliances

We've added the ability to deploy our virtual appliance on Hyper-V (instead of just VMware). It's got the same disk/CPU/RAM requirements (250GB disk, at least one 2GHz core preferably 2+, 8GB RAM dedicated) and the same ease of installation.

 

On all appliances, we've added the ability to export/import/migrate your appliance settings. This is useful in several different ways:

  • Migrating from a legacy TriGeo hardware appliance to the LEM virtual appliance
  • Migrating from one virtual appliance to another virtual appliance (standing up a new appliance and importing your configuration)
  • Disaster recovery scenarios where configuration settings have been lost, a mistake was made, or other unfortunate scenarios occur that make you wish you could go back to yesterday's config

 

For customers interested in either Hyper-V deployments or the appliance migration functionality, we've got new documentation we can provide that includes extra details if you need them.

 

Console in your Browser! Awesome!

We've had a lot of requests to not run the LEM Console in AIR, and instead run it in the browser. Good news - we did just that! For the most part, this Console is identical to the AIR console, and you can import/export your settings from your existing AIR install into the web and vice-versa. The browser-based Console does require Flash 11.

 

To access the LEM console after upgrading, just head to https://<your manager's IP or name>/ and it'll redirect you to the right port and URL. The full URL is actually https://<your manager's IP or name>:8443/lem/ but we put in a couple handy redirects to make it Just Work(tm).

 

Your settings will now be stored on the manager you're accessing in the URL, so wherever you log in, you'll see the same filters, widgets, saved searches, and customized configuration settings.

 

Tips & Notes:

  • I'd recommend verifying you're on Flash 11 before you access the Console, just in case. We've had situations where someone upgraded from Flash 9 to Flash 11 and the browser was most unhappy! You can manually download and install the latest flash player here.
  • If you're having issues with Firefox, try IE (seriously) or Chrome. We support Firefox 11, Chrome 16+, and IE9 and have done a cursory pass on Safari, but we found a few browser inconsistencies that generally apply more to Firefox than the other browsers.
  • There shouldn't be cases where you have to close/reopen your browser or tab to fix an issue - if this happens to you (especially consistently), please let us know so we can track down issues where the Console seems to get "stuck" and stops functioning. The same is true of a browser or flash plugin crash, if you see this consistently, let us know.
  • If you've been using the AIR console and want to import your settings to the web, first upgrade your AIR Console to 5.4, then go to Manage > Appliances, then click the rightmost gear (underneath the Help icon) and choose "Export User Settings".  In the web console, do the same thing, but select "Import User Settings". Your settings will be pushed up to the appliance and applied, and viola! Instant customized Console.
  • When reporting issues with the browser Console, be sure to let us know what browser & version you're using, and make sure you're up to date on Flash (Adobe's trying to make it even easier to update Flash, but you never know, you might have hit "stop yelling at me" and not manually upgraded in a while).
  • When building rules & filters, you might notice that the item you're dragging appears away from your mouse cursor; there are some timing issues that we're working on here and may not be able to resolve before release. Follow your mouse cursor arrow, not the item text, to determine where it'll be dropped.

 

Authenticate to LEM via Active Directory Services

As a bonus management feature, we've added the ability for you to authenticate to LEM via Active Directory (not just a LEM built-in user). You can add AD Groups or individual AD Users and assign them to a LEM Role, then the authentication works like magic.

 

To Configure:

First, configure the "Directory Service Query" inside of LEM to authenticate to the directory:

  1. Go to Manage > Appliances: 
  2. Click the Gear icon next to your appliance, and click Tools:
  3. Under "System Tools", click the Gear next to "Directory Service Query" and click "New":
  4. Specify the (fully qualified) domain name (e.g. corp.local), the IP of your domain controller (preferably IP, DNS name may work if your appliance is configured with reliable DNS), the service account username & password to use, and whether your DCs require SSL or not. If you don't use a custom port, you can ignore that field (the defaults are 389 for non-SSL and 636 with SSL).
    1. NOTE: If you want to test your connection, you can type in your FQDN in the "Test Domain Connection" box, but don't be alarmed if the button doesn't do anything - it can't actually test until we entirely finish.
  5. Click Save when you're done.
  6. IMPORTANT: To actually start/enable the connection, you need to start the tool/connector. Click on the gear again, and click "Start":
  7. At this point, everything should be configured and running.
    1. NOTE: If you entered your FQDN in the "Test Domain Name" box, you can click the "Test Domain Connection" button now. Success or failure won't be reflected here, you'll find alerts over in the Monitor area that will indicate success or failure. The alert is an "InternalInfo" alert that says "Connection to Directory Service succeeded", or an "InternalWarning" alert that will let you know it failed and give you some idea of why (password failed, timed out, etc).
  8. When you're done, click "Close".

 

Next, add users in LEM that you want to authenticate with the directory:

  1. Head over to Build > Users:
  2. Click the + icon on the far right hand side and choose the option corresponding to what you'd like to add:
    1. LEM User: adds a new built-in LEM user, using built-in LEM authentication. After adding the user, fill out all the information, including the e-mail address(es).
    2. Directory Service User: lets you specify a new SINGLE user from the directory to add to LEM, using directory authentication.
      1. In the leftmost panel, select the OU you wish to add the user from.
      2. In the center panel, select the Group you want to use to narrow down the user. The group in brackets at the top that mirrors the name of the OU will show ALL members of that OU, which might take a while if you've got a big organization (which is why we let you search using groups, too!).
      3. In the rightmost panel, select the User you want to add to LEM and click "Select User". All of that looks a bit like this (adding the user "npauls" from the "Engineering" OU, using the entire OU to search) - names hidden to protect the innocent:
      4. After you add the user, specify their LEM Role (Administrator/Auditor/Monitor/Contact), click the "Save" button on the bottom right to officially add them to the list.
    3. Directory Service Group: lets you specify a new GROUP (and all members therein) from the directory to add to LEM, using directory authentication.
      1. In the leftmost panel, select the OU you want to view the group in. You might find that your OU contains sub-folders that contain hidden group containers for things like distribution/global groups.
      2. In the rightmost panel, select the Group you want to add (that is, all members in this group should be able to log in to LEM, and be assigned the same LEM role). All of that looks a bit like this (adding the group "Domain Admins" from the parent domain's built-in "Security Groups" area, which would normally appear in the parent domain itself):
      3. After you add the group, specify their LEM Role (Administrator/Auditor/Monitor/Contact), click the "Save" button on the bottom right to officially add them to the list.
  3. Don't forget to hit the "Save" button after you add a group, it's easy to miss!

 

A few important notes:

  • When using Directory Service users, the email address is imported from the directory and not editable inside of LEM.
  • The same connector/tool that interfaces for Directory Service Groups in LEM (for use with filters, rules, and searches) is used for authentication, so you only have to configure it once.
  • You'll want to set aside a service account that can be used to do this, and you might want to set it to never expire, or suddenly you'll find all your Directory Service users unable to log in.
  • Don't forget your LEM built-in admin user password! You can always get in using this account, even if directory services are down. If you've forgotten it, there's a command at the appliance to reset it back to the default of "password".
  • When logging in, use DOMAIN\user to indicate you're logging in as a Directory Service user.
  • I found it a little confusing at first to have to look in the "Security Groups" folder for my Windows 2003 domain controllers, so don't forget to check there if you don't see the groups you'd expect.

 

SNMP Notification Support & Integration with NPM/SAM

In LEM 5.4, we've added new connectors to receive data from NPM/SAM and Virtualization Manager. Set up your alerts in the Alert Manager (or via Virtualization Manager's Console) to send to LEM, and use LEM to correlate those events with other events across your enterprise, perform root-cause analysis of problems across systems, and use LEM's active responses to triage or respond to issues.

 

Receiving SNMP Alerts from NPM/SAM/Virtualization Manager in LEM

Some examples of awesome ways you can use the systems together:

  • NPM detects a device outage or performance issue; use LEM to trace back the issue to its FIRST occurrence and determine the problem may be a DoS attack, virus, or other security issue - possibly even detected on an endpoint.
  • SAM detects an issue with a service, use LEM to determine if there are errors being generated from that service, when the issue started, and respond by restarting the service, and building a rule to detect & notify you future outages before the service actually goes completely down.
  • Build rules inside of LEM that combine data from NPM or SAM with your event log, device log, and application log data, to combine the power of what's happening in the log with the knowledge that something's gone bad.
  • Respond to an event detected from SAM or NPM in the LEM Console to isolate an issue, quarantine a user or system, restart a service, or kill a process, among others.

 

To send data from NPM/SAM/Virtualization Manager to LEM, first on the LEM side:

  1. Enable SNMP on the appliance, if you don't already have it enabled. From the virtual/hardware appliance "Advanced Configuration" console, type "service" (at the "cmc" prompt) then "enablesnmp" (at the "cmc::scm#" prompt).
  2. Configure the SolarWinds tool on your LEM appliance via Manage > Appliances, then Gear>Tools:
  3. In the "Network Management" category, create a new "SolarWinds Orion" tool/connector by clicking Gear>New (this connector does cover all of NPM, SAM, and Virtualization Manager):
  4. Click "Save" to save the configuration (you can change the default name/alias that appears in all of the messages from these tools, if you'd like).
  5. Click Gear>Start to enable the tool/connector to monitor for incoming data:

 

On the NPM/SAM side, use Alert Manager to enable SNMP alerts for different settings. For more information on setting up alerts with SAM, check out the "Creating Alerts" section in the SAM User Guide. For more information on setting up alerts with NPM, check out the "Creating & Managing Alerts" section in the NPM User Guide. For more information on setting up alerts with Virtualization Manager, check out the "Alerts" section in the Virtualization Manager User Guide.

 

Sending SNMP Notifications from LEM to NPM/SAM and Other Systems

We've also added the ability to send SNMP traps to other systems, including NPM/SAM, so that you can correlate data in LEM and notify other departments, systems, and people, via the infrastructure you've already got set up.

 

Some examples of how this is useful:

  • If LEM correlates an issue, you can send the notification to SAM/NPM, where it'll appear in the SNMP Traps section of the system, and you can perform root cause analysis from the SAM/NPM side to determine if there was a security or other event found in the log data around the time your issue started.
  • Rather than using SAM/NPM to receive ALL your event log, syslog, and other data, use LEM and forward only the critical/useful events on to the teams that need them.
  • Notify and forward events to third party systems (outside of NPM/SAM) to share data across your organization.

 

To use the SNMP notifications in LEM, first you'll need to enable the SNMP response tool/connector, then you'll need to add the SNMP notification to any rules you want to pass on to another system.

  1. Configure the SNMP Active Response tool/connector via Manage > Nodes, then Gear > Tools:
  2. In the "System Tools" category, click Gear > New next to "SNMP Active Response":
  3. Click "Save" after creating a new item (all of the configuration regarding which host, ports, etc to use is in the action itself, not in the configuration). You can customize the name/alias if you want it to appear differently.
  4. Be sure to click Gear > Start to enable the new connector/tool (or no SNMP notifications will be sent!):
  5. Click "Close" to exit configuration.
  6. Identify or build a rule you wish to add the SNMP notification to over in Build > Rules. I'll use the NATO5 "Critical Server Suspicious Network Traffic" rule as my example (Clone it to Custom Rules first!), since this might be important information about a node that I want to forward over to SAM or NPM so that if that machine begins behaving unexpectedly (consuming excessive bandwidth, performing poorly), that information is present. This rule also has a default Block IP action that you could choose to keep (and would want to let other systems know the action was taken) or remove in favor of only sending a notification.
  7. In "Actions", select and drag over the "Send SNMP Trap Alert" notification to the "Actions" box.
  8. Specify the destination SNMP Trap Host (where you want to send the trap) and port (if you do not specify one, the default of 162 will be used). You'll need to go to "Constants" and drag over a "Text" constant into the "Destination Host" box in order to edit it first.
  9. Specify the category of alert you'd like to escalate. For now, you can pick from the default "Incident" type of alerts. The type of alert will dictate the kinds of fields you can send over - for example, "HostIncident" will contain fields like Source/Destination Account, where "NetworkIncident" will contain fields like Source/DestinationMachine (and "HybridIncident" tries to be the best of both worlds). Pick the one that best suits this type of rule - in my case, I'm going to go with Network Incident (since the events were detected on the network and I'll find the most useful fields there), but if I'm more server minded, I could also go with Host or Hybrid Incident (indicating there's a problem with a host, but it was detected on the network).
  10. Fill out the fields from the alerts that contributed to your rule, just like you would other LEM actions. In this case, I'm going to use the "Network Audit Alerts" Alert Group, since that's what my rule uses, and that's where I want the data to come from in the original event. Here's what it'll look like in the end (it goes on, but you get the idea):
  11. If you want to notify more than one SNMP host, add another "Send SNMP Trap Alert" action and fill it out similarly.
  12. Save the rule, and don't forget to Activate Rules when you're done! It's at the top right, this tells the appliance/manager you're ready to use the new rule you've built:

At this point, when your rule fires, the SNMP Trap will be sent on to the server you specified. In SAM/NPM, you can view this in the SNMP Traps area of the console.

 

We Want Your Feedback!


If you join the RC, be sure to check out the Log & Event Manager RC group here on thwack. We'll put up any known issues there and are happy to answer questions about the RC or features in the RC.


We're also interested in any RC customers willing to do a quick screen sharing session/phone call with us to talk about the new features and your experience with them. Let me know via comment, e-mail, or Thwack post and I'll get it set up.


Lastly, for those of you already on the RC, we'll be updating to RC2 early next week, with a couple of quick fixes.

For those of you who haven’t heard, Solarwinds now has a powerful set of remote control and Windows administration tools called Dameware. The Dameware Mini Remote Control (MRC) lets you remotely connect to Windows machines for remote support and administration. Dameware NT Utilities provides you with a rich set of Windows administration tools (like AD and Exchange), as well as easy access to native Windows systems tools. NT Utilities also includes MRC. Let’s say you are responsible for supporting desktops or servers and you frequently require the need to remote into those machines to perform certain support-related or administrative tasks. RDP has worked in the past, but has some serious limitations in terms of interactivity, and doesn’t provide any functionality around screen sharing, chat, screenshots, or file transfer. NT Utilities and MRC are your answer. NT Utilities gives you a wealth of real-time system information on the machine you’re connecting to, as well as direct access to native Windows and AD administration tools all from the same console. MRC gives you the ability to quickly and easily connect to a desktop or server to initiate an interactive screen sharing session, almost as if you were standing over the shoulder of the user on that machine.

 

If you’d like to learn more, we are hosting a webinar on Tuesday (details below). Please join us to learn more about the Dameware products and how they can make your life easier.


When Native Windows Admin Tools are Not Enough - A Look at the Options

 

Windows comes with its own management utilities. But what if you need more? Are there options available that will save you time, hassle, and effort? In this webinar, we take a look at some of the most common tasks sys admins face on a daily basis, and look how you can save time with some tips, tricks, and tools.

We will overview:

  • Included Windows Tools
  • Time-saving tips for managing systems, AD, Exchange, and more
  • Other tools available - DameWare, free tools, and more

 

Register to attend this live event:

WHEN: Tuesday, April 10, 2012

TIME: 11:00am (US Central Time)

https://www1.gotomeeting.com/register/533017553

I have a great news for all existing customers (under active maintenance) who are awaiting new features announced in What we are working on: "IPAM 3.0 RC is behind the door"!

 

It is also good news for those who participated in our IPAM Beta program and would like to install new IPAM 3.0 on their production servers.

We would appreciate if you took a few minutes to fill this survey. It contains a few questions related to your current IPAM experience and it also gives you possibility to ask for future features.

 

Just to remind all folks about the main features of IPAM 3.0, here is a quick summary:

 

  • Microsoft DHCP server management
  • Microsoft DNS server monitoring
  • Improved User Delegations
  • Improved IP Address importing - brand new wizard
  • Enhancements and fixes to the user interface

 

DNS Monitoring:

 

DNSZones.png

Improved user delegations rules:

IPAMUsrDelegation.png

 

 

This is obviously just a small piece of what we have prepared for you. We would be glad for any kind of feedback you can provide regarding IPAM RC builds when they become available - as you know, we always listen to you so your feedback is very important.

 

thanks,

Michal

We are currently working on STM version 5.7 and beyond (in parallel).  Some of the items we hope to deliver:

  • Storage Manager Server and Agent health and status overview
  • Product stability improvements
  • Preservation of Agent and Server settings on upgrade
  • Improved graphs
  • User-defined LUN Grouping
  • EMC PowerPath Support
  • Better "Storage Group" Dashboards


Disclaimer:  Comments given in this forum should not be interpreted as a commitment that SolarWinds will deliver any specific feature in any particular time frame. All discussions of future plans or product roadmaps are based on the product teams intentions, but those plans can change at any time.

 

Dan

SolarWinds Server & Application Monitor 5.0 is just a few weeks old but we're already busily working on some great new features and enhancements to the product, such as...

 

  • Native support for Microsoft Hyper-V
  • Improvements to Application Template Editing, Including Multi-Edit Functionality
  • Hardware Health Summary Resource
  • Charting Improvements as Demonstrated Here
  • Windows Event Log Monitor Enhancements to Display Event Message Details
  • Additional Hardware Monitoring Support, including IBM MegaRAID Controllers and other Miscellaneous items.
  • Enhancements to the Real-Time Process Explorer, Including Ability to End Task on a Process

 

PLEASE NOTE:  We are working on these items based on this priority order, but this is NOT a commitment that all of these enhancements will make the next release.  We are working on a number of other smaller features in parallel.   If you have comments or questions on any of these items (e.g. how would it work?) or would like to be included in a preview demo, please let us know!

During this customer training session, we will discuss and demonstrate how to get the most out of SolarWinds Engineer’s Toolset. Here’s your chance to see how it works, get some pointers and to ask questions from the best! Join hosts Josh Stephens, Head Geek at SolarWinds and Matthew Harvey, Technical Support Representative as they demonstrate the power of Engineer’s Toolset.

http://www.slideshare.net/SolarWinds/engineers-toolset-a-deep-dive-for-intermediate-and-advanced-users

We hope you like it.

As always, let us know of your feedback

We’re interested to hear what you think of CatTools. Tell us how you use CatTools on a daily basis. How has it saved you time? Effort? Your job?

Tell us your compelling stories and daily deeds, and you’ll be registered to win one of three great prizes!

  1. iPad 3
  2. Kindle Fire
  3. iPod Nano

The survey will only take about 10 minutes of your time. We’re looking forward to your feedback!

The Log & Event Manager team has been busy lately with both maintenance to our current version and, of course, an upcoming release. In this Release Roundup, I'll bring you up to speed on what's been going on lately in the Land of LEM.

Maintenance Release: 5.3.1

We received a lot of good feedback after our 5.3 release and rolled  up those changes into a 5.3.1 maintenance release, available on the  SolarWinds Customer Portal to all customers under active maintenance.  This includes:

  • Resolved reported difficulty configuring USB-Defender Local Policy and several database-reading connectors
  • Updated Console filter functionality to allow toggling of the outer  grouping and resolved reported issues with unexpected filter conversion
  • Improved USB-Defender Report to capture all expected USB-Defender data based on customer feedback
  • Added a herd of new connectors (43 in total), including support for  SmoothWall, Cisco IronPort, Sophos Email/Web Security, Websense 7.0+,  and McAfee IntruShield, among others

You'll notice when you go to download the 5.3.1 update that the  Customer Portal looks a little different. We've made it easier for us to  get releases to you faster by streamlining some of the behind the  scenes work. To download the appliance update for all virtual/hardware  appliances, first click on the  button next to your SIM/LEM product listing, then click "Download" next to the  "Appliance Upgrade" download. It's not always easy to find, so here's a  picture that might help:

 

We've also released a hotfix to 5.3.1 that resolves difficulty  customers were having configuring our Check Point integration. Only  customers affected by that issue will need to download and apply it.  It's located in the "Hotfixes" section on the portal, and included in  the hotfix are instructions on how to apply.

New: Download Connector Updates from the Portal

We've improved the distribution of connector updates to regularly  update the SolarWinds Customer Portal as we support new connectors and  maintain our existing connectors. Anyone who's under maintenance can go  download the connector update package and apply it to their SIM or LEM  appliance. Back on the multiple downloads page, you can find the  Connector Package listed separately, and instructions for applying it  are in this (always awesome) SolarWinds Knowledge Base article.

Upcoming Releases

You can check out the full detail of this in our What We're Working On in the Land of Log & Event Manager post, but for those of you that prefer "Executive Summaries" here's what we're up to (disclaimer: this is not a commitment to these features on any timeline, it's just an idea of what's in our priority queue):

  • Hyper-V Appliance Deployment
  • Active Directory Authentication
  • Outbound SNMP Trap alerts - send notifications from LEM to Orion and other SolarWinds products
  • Inbound SNMP Trap integration - support for receiving data from SolarWinds products in LEM
  • Browser-based Console - access LEM from your browser!

If you're an active customer interested in testing any of these features when they become available, you can sign up by filling out this survey and you'll get an email when something is available.

And, Finally... Videos!

If you're new to LEM and still trying to find your way around, be sure to check out our AWESOME new LEM Intro video series! This series was prepared as a part of our upcoming release and should hit the sweet spot of trying to find your way around. There's 5 videos and they are all around 5 minutes long.

For a taste, here's our video on filters and real-time data:

 

Watch the rest here on the LEM Resource Center. There's a bunch of more advanced videos on the LEM videos area in the Resource Center as well, you can see a quick list here on Thwack.

This week Storage Manager, powered by Profiler 5.2 was released.   For Storage Manager and Storage Profiler customers, this release includes many  of the features you have clamored for, and we think you will be pleased.  The release focused on supporting Dell Compellent, improving support for other arrays, improving the target view and charting, and more integration with Virtualization Manager 5.0.

 

Support for Dell Compellent

With the addition of the Compellent arrays, Storage Manager is the only storage product that supports all of Dell's arrays - Compellent, EqualLogic and the PowerVault MD30/32/36 series.  Features of the Compellent support include:

  • Array discovery and configuration
  • Storage capacity, usage and allocation (including thin provisioning)
  • Asset information
  • Performance data (Array, Disk, LUN, Port)
  • Top Ten LUNs
  • Alerting
  • End-to-End Correlation and Mapping
  • Target View

Here is a fully populated Target View for a Compellent Array:

Improved Support of Arrays

In every release, we generally include improvements to arrays that users have been asking for, and Storage Manager 5.2 is no exception.  Here are the changes in this release

  • HP EVA - RAID group performance reports
  • IBM SVC/V7000 - Performance metrics are now per object, rather than split across nodes.
  • IBM DS 6/8K - Array level metrics

 

Better Charting

The layout of the charts has been improved in several ways to improve visibility and interpretation of the data.  These changes affect the charts generated throughout the product - from the tab menu, the report chart icon, and for charts emailed or published by the report schedules.  Improvements include:

  • Charts are a uniform width, which is especially handy when they are stacked in emails.
  • The number of items charted is defaulted to 5 instead of 10 (user definable)
  • Changed the orientation of the x-axis to be horizontal
  • Moved the legend to the bottom, the filters to the top, and the create report to the top right.

Here is a sample of the new chart, with the changes highlighted:

Improvements to the Target View

The target view provides the single view that shows contention for both array and virtualization.  In Storage Manager 5.2, we made a couple of improvements:

  • Support for NetApp NFS targets, giving you the same great end-to-end view for NFS that we have for iSCSI and Fibre Channel.
  • Populated performance charts for all arrays.

 

Integration with Virtualization Manager

Storage is an integral part of your virtual infrastructure, and SolarWinds award winning Virtualization Manager covers virtualization, but what happens when you  need to look beyond the virtual layer and take a deep dive into  storage?  In STM 5.1, we added the ability to do this with a single click, drilling from  a VMware object in Virtualization Manager to the associated storage target  (LUN) in Storage Manager.  In STM 5.2, this capability is extended for new links in Virtualization Manager 5.0 (not yet released).  Stay tuned for more information once VMan 5.0 is out.

 

Odds and Ends

Additional features and capabilities that made it into this release:

  • Extended alerting to more performance metrics
  • Links from Virtualization Manager 4.1.3/5.0 also work with Storage Profiler 5.2
  • Storage Profiler 5.2 and Backup Profiler 5.2 were also released

 

All in all, this is a great step forward for Storage Manager that improves not only the data available, but also how it is displayed and used. Let us know what you think.

DESCRIPTION:                

Please join us for a free webinar with Scott Lowe, Founder and Managing Consultant at The 1610 Group, and SolarWinds virtualization expert Jonathan Reeve. We’ll be discussing “Hyper-V vs. vSphere: Understanding the differences.”

 

The virtualization market is abuzz with talk of different hypervisors – most prominently VMware ESX® versus Microsoft Hyper-V®, who together own over 90% of the market. Small and medium businesses are already moving quickly toward Hyper-V, and a growing number of larger organizations are beginning to put plans in place to transition some portion of their environment from ESX to Hyper-V.

 

In this webcast we’ll explore the reasons for these changes and the ecosystems for these two platforms both now and in the future. We’ll also take a look ahead to what is known about Hyper-V 3.0 and why it warrants an even deeper look when evaluating hypervisors for your future virtualization deployments.

 

Register now for this special event!

 

The webcast can be found via this link:    https://www1.gotomeeting.com/register/845459393 

 

WEBCAST DETAILS:

DATE OF WEBCAST:        Wednesday, March 21, 2012, 11:00 US CST

TITLE:                             Hyper-V vs. vSphere: Understanding the differences

LENGTH:                        60 minutes

FORMAT:                       Webcast – slides

PRESENTER(s):              Scott Lowe and Jonathan Reeve


 

First, we learn how Application and systems are changing at a break-neck pace. While the legacy management technologies are still valuable, there are entirely new ways to manage apps and systems as well. Brandon Shopp, Director of Product Management discusses The Evolution of Application and Systems Management.

He begins by covering:

Top-to-Bottom Monitoring

 

  • Understanding Application Components
  • Machine Level Systems Monitoring
  • Process and Service Monitoring

 

 

And continues with:

 

  • End-to-End Monitoring
  • Transaction Monitoring
  • Leveraging new technologies to monitor global application monitoring

 

After watching this webcast you could truly walk away with the guidance and know-how to keep up with the systems and application management revolution!

The on-demand webcast is now available here.

http://www.solarwinds.com/Resources/Webcasts/The-Evolution-of-Systems-and-Application-Management.html

 

Have you read about What we are working on post IPAM 2.0 and are you interested to try the new features before the official IPAM 3.0 release become available?  If yes, I have great news for you. We are going to serve you a brand new IPAM 3.0 beta build with juicy features to try!

Let's take a quick tour through them:

As you know, we always listen to you and we want to resolve your pain points and problems. Here is something you've asked for (Suggestion for Scanning subnets) and we listened - the new "Enhanced User Restrictions" for IPAM!

Now you will be able to set user's restrictions per supernet, subnet and groups like this:

So now you should not run into any problems where you need to grant access to multiple network administrators simultanously and be scared that they would change something that is not in their administrative scope (for instance when every group represents a site then local network admins will be able to make a change only to their own site).

So that was the first thing you asked for and here comes another one: DHCP Management

We know that centralizing management is very important based on all of the thwack Deleting a DHCP Scope and we prepared an integration of IPAM and Microsoft DHCP servers. Now you don't have to go to a DHCP server, create your new scopes there, and wait for a sync in IPAM. Instead of that, you may do it directly via IPAM and all your DHCP changes will be propagated onto your physical DHCP servers. Or you can mark an IP address as reserved in IPAM and if this IP is managed by some DHCP server then the reservation will be propagated there automatically.

 

But that's not all! We've also listened to your requests about DNS servers and DNS zone monitoring and the beta has support to poll your DNS servers like this: 

Obviously this is still beta functionality so you may expect more in the final version. Now is a good chance to try out DHCP management and the other new features in your environment and give us feedback if something is not working as expected.

To participate in the IPAM beta program you need to fill out this beta agreement. After that, I can send you link to beta bits.

I'd also like to thank all who participated in the previous beta and I hope that the new build will give you what you are asking for.

 

Thanks for helping us to make better products!

After the release of NCM v7 (and 2 service releases 7.0.1 and 7.0.2), here is what the NCM team is working on now, for the future of the product.

The main theme is performance and scalability:

  • WEB UI performance improvements. We are hearing the feedback coming from many of you, that the NCM WEB interface is not as fast as the Win32 application is.
    We are also conscious that many cannot allow their users to RDP into the server in order access the NCM UI, for security reasons.
    So the general move to the WEB continues but with a lot of attention being put on improving the performance of the already existing WEB UI as well as making sure that every new WEB UI developed, approaches the performance of the Win32 application.
  • Performance Improvement related to Inventory
  • Improve the Database purge and cleanup activities to avoid performance degradation over time, due to clogging of the database and disk directories with downloaded configurations
  • Support for Additional polling engines to increase the number of manageable nodes or distribute the load across multiple polling engines.

Other improvements include (but are not limited to):

  • More native device support (e.g. Alaxala, Apresia)
  • The “Settings” page is moved to the WEB
  • The Real Time Change detection (RTCD) feature is easier to configure
  • Inventory-related improvements (incorporation of inventory reports from thwack, better Juniper Inventory reports, …)
  • Config Change Template scripting language improvements (e.g. string parsing and manipulation) to reduce the need for external scripting

PLEASE NOTE:  Comments given in this forum should not be interpreted as a commitment that SolarWinds will deliver any specific feature in any particular time frame. All discussions of future plans or product roadmaps are base on the product teams intentions, but those plans can change at any time.

With the official release of WPM 2.0 the WPM team is working hard to generate several new and exciting features including:

  • Windows Server 2012 support
  • Allow Amazon Micro Instances to be Created from within SeUM
  • Improve WPM Player Job Scheduling to spread jobs out more evenly
  • Improve Client Certificate Authentication Handling by Distributing the Certificate as part of the Recording
  • Leverage the FQDN or IP address entered by the user to connect to the WPM Server for all activities required for communicating with the server such as assigning recordings to players.
  • Improve the WPM Recorder Upgrade Experience to be a hands off, mandatory process that preserves settings
  • WPM Supports Custom Properties for assigned transactions
  • WPM will support user auditing
  • The WPM Recorder will respect account limitations defined by the Orion Administrator
  • Include recording description in the Transaction Details resource
  • WPM will inherit the Availability Statistics used by NPM/SAM/etc for WPM Transactions
  • WPM Supports Credentials Management for transactions with a Credentials Library similar to SAM.

 

PLEASE NOTE:  We are working on these items based on this priority order, but this is NOT a commitment that all of these enhancements will make the next release.  We are working on a number of other smaller features in parallel. If you have comments or questions on any of these items (e.g. how would it work?) or would like to be included in a preview demo, please let us know!

Filter Blog

By date:
By tag: