1 2 3 4 Previous Next

Geek Speak

48 Posts authored by: jkuvlesk

dThe latest patch update for Firefox 13.0.1 , which was updated in the SolarWinds Patch Manager Catalog today, contains 3 bug fixes and also includes all of the security updates made in version 13.  Below are the bug fixes-see the release notesfor more info. Patch Management & WSUS patch management simplified!

 

• Windows Messenger did not load in Hotmail, and the Hotmail inbox did not auto-update (764546, fixed in 13.0.1)

• Hebrew text sometimes rendered incorrectly (756850, fixed in 13.0.1)

• Flash 11.3 sometimes caused a crash on quit (747683, fixed in 13.0.1)

 

In addition, Mozilla Thunderbird also released a minor update – 13.0.1 - which contains a few bug fixes.

• YouSendIt no longer expires Filelinks after 1 week

• The prompt given when a password had changed sometimes referred to a network error rather than a change of password

• Some Linux users may have been unable to start Thunderbird from outside the installation directory

• Miscellaneous other stability and display updates

 

For the complete patch management solution, view the list of the latest 3rd party application updates, check out this table.

In this recent blog post post by Earl Perkins of Gartner, he describes some of the factors behind the increased challenge of supporting mobile workers for security and access to mobile applications.  Some of those trends include:

  • The improved capabilities (ease of use) of different multiple devices is causing pressure on IT shops to provide identity & access management (IAM)  support for these devices.
  • The evolution of how applications are delivered as mobile apps is causing demand for IAM for these mobile apps.
  • The increased need for mobile device management to merge with existing IAM processes.

Providing access to enterprise applications through mobile devices should be as simple as deploying existing policies & procedures to this new domain.  In many cases, however, the breadth of technology in place for management has not yet caught up with the demands of users.  What many vendors offer today are point solutions.  For example, they may provide application access to one type of device (a point product solution) or a vendor may offer a secure platform that works with many device types (MEAPs).  SolarWinds Mobile Admin software blends the best of both worlds by providing a secure platform for multiple devices, and provides out of the box mobile access to over 40 IT management software products.  Mobile Admin did not re-invent the wheel to provide secure mobile access but leverages existing security infrastructure.

 

Mobile Admin’s client-server architecture features a fully-integrated security model that provides both data encryption and user authentication to insure a very high security level across the 40+ IT management features it supports. 

 

Below are examples of how companies can leverage the existing security infrastructure to provide secure mobile access to enterprise applications.

 

Active Directory integration for Mobile Access

Mobile Admin integrates with Active directory which can be configured so only wanted users can access Mobile Admin and even only specific applications within Mobile Admin. This is a great security feature since the network rights are already determined and the accepted authority is still Active directory. 

Encryption with BlackBerry and a BlackBerry Enterprise Server

  • If you use a BlackBerry Enterprise Server, all your data is sent over the Mobile Data Service (MDS), and is, by default, automatically encrypted using Triple Data Encryption Standard (TDES or 3DES). While TDES provides the highest industry standard encryption, you can also choose additional layers of encryption.
  • All versions of the BlackBerry Enterprise Server use TDES as the default encryption for all data. The BlackBerry Enterprise Server 4.1, however, allows you to choose between using TDES and Advanced Encryption Standard (AES), or both.
  • While TDES and AES are generally recognized as the most robust encryption methods available today, the US Government has also certified TDES and AES as compliant with Federal Information Processing Standards (FIPS).

  Encryption options for Mobile Admin on Apple iOS and Android devices 

  • You can Encrypt Apple iOS and Android devices with a Virtual Private Network (VPN). If you use a VPN, all your data is sent over the VPN, and is, by default, automatically encrypted.

Encryption with Hypertext Transfer Protocol – Secured (HTTPS)

  • Whether or not you are using the Encryption with the BlackBerry Enterprise Server on BlackBerry devices, or the Encryption with the VPN on iOS and Android devices, you can also add a layer of encryption with Hypertext Transfer Protocol – Secured (HTTPS).
  • HTTPS is HTTP encrypted with Transport Layer Security (TLS). When you use HTTPS, all data transmitted between the application server and the wireless handheld is encrypted.

  Locking down the firewall with a Proxy Service 

  • If you have a common server for mobile platform integration, a proxy service can be used and helps to lock down your firewall to have fewer openings for users’ without permission to access servers.
  • If a common proxy service is not used, then all SSH/Telnet and RDP/VNC servers must have the appropriate firewall configuration.
  • The proxy service proxies SSH/Telnet and RDP/VNC traffic. The mobile app clients authenticate transparently to the proxy if the appropriate rights and permissions have been configured. The proxy service can enable access to SSH/Telnet and RDP/VNC servers through a central port, rather than having to configure access to each individual server.

Mobile Devices: Additional Levels of Authentication

  • Primary login authentication (required), from a choice of: Windows user name & password, application-specific user name and password
  • Device level password or RSA SecurID/RADIUS (optional)

So you are out to dinner with the family and you get a call from a high priority user complaining of a system outage.  Your’re confident his issue is related to a virtual machine in your vSphere deployment.  There is not much you can do since you are away from your desk or laptop, but in the meantime you would like to be able to triage this situation and get notified if this issue escalates.

Here is how you would do that with Mobile Admin and your trusty iPhone (Android, or other mobile device).  First, connect to the Mobile Admin server from your Mobile Admin client and open Mobile Admin’s VMware interface.
vmware 1.png

View a list of ESX servers, virtual machines, data centers and resource pools – similar to how you would view them at your desk. Keep in mind that Mobile Admin can connect to vSphere servers or directly to ESX servers.


Suppose the virtual machine that you think is the source of the problem is ‘Rove-c45.’  You can clearly see that this vm is in a
suspended state...


VMware 2.png

First thing you need to do is get the virtual machine running again for your high priority user.   Select the ‘Rove-c45’ vm...
VMware 3.png

Hit the menu button...
vmware 4.png

And power on the vm....

vmware 6.png
Once you confirm the power on command completed successfully you can leave a note in
the vm’s settings page to let others know of the issue...


vmware 7.png
Now you need to find out why this machine went into a suspended state. First you check the event log for this machine.  To do this, select Events from the menu. Viewing the event log entries you see the machine powered on a few weeks ago, a reminder to install VMware tools and then the machine entering a suspended state.  There’s not much to go on here so you will need to find the root cause when you get back to your desk.
vmware 8.png

In the meantime you need to keep this vm up and running for your user so you would like to be informed immediately if this machine goes into a suspended state. This is done via Mobile Admin’s Notifications feature.  To set up a notification that will inform you of a new event for vm ‘Rove-c45’, you just select ‘Subscribe to this feed...’,  then give the feed a name and optional contact info...  In two clicks you are now set up to be notified on your phone  that a new event has occurred for this vm.
vmware 9.png

Unfortunately,  you do get a notification a few minutes later....
vmware 10.png

From the iOS notification center youcan open the Mobile Admin client directly to the list of events from vSphere for the vm you are watching.

vmware 11.png
Selecting the most recent event gives you some bad news.  The vm is entering a suspended state again...Mobile Admin’s Notification system has informed you that the fix didn’t take. 

vmware 12.png

 

At this point you are already in Mobile Admin’s VMware interface so you can quickly power on the vm again, add more ram and CPU power or even change the vm’s resource pool settings.  Or you could also leverage the power of other Mobile Admin interfaces: manage the Windows OS, Telnet, RDP, VNC, or SSH to the VM, or open a support ticket in BMC Remedy.

Using this scenario, you can see how to triage a VMware issue and set up notifications for status without too much interference on your personal life.
In addition to VMware, Mobile Admin works for a ton of other applications like Active Directory, Windows, and SolarWinds Orion.

Filter Blog

By date: By tag:

SolarWinds uses cookies on its websites to make your online experience easier and better. By using our website, you consent to our use of cookies. For more information on cookies, see our cookie policy.