SolarWinds acquired Web Help Desk on Wednesday July 25.  We started selling it on Thursday the 26th.  That meant that we handed a brand new product to our sales team with very little time to train them.  For the short term, we chose to reduce the variety of OS's we support for the 30-day free evaluation period.  We did that to make it easier for the sales engineers to support the new product.  Variety is great, but we thought it more important that we be able to provide downloaders a great experience.  We chose Windows to start with because it was the most popular eval download for Web Help Desk.  We expect that we'll add back OS's to the evaluation as the internal team comes up to speed on the new product.


To be clear, we have not dropped MacOS support for existing customers.  And if an evaluator or new customer wants the Mac version, we immediately provide it for them. We had a couple of Sales reps who were confused and miscommunicated that we had ended support of Mac and Linux. NOT TRUE.  Seriously.  No such decision has been made. 


We are looking at OS and DB support going forward.  If there are some combinations that are really rare, we may discontinue in favor of moving faster on more popular platforms.  We take our relationship with our customers very seriously, so we'll be listening to feedback.  We can't always make everyone happy, but we try our best.  And you'll see that the product management team for Web Help Desk will remain engaged with customers via forums, email, and phone.  We'll also send out surveys from time to time.


We ask only that existing customers don't assume that things will be worse.  So far, we've lowered the price of the Pro edition.  And we're increasing the size of the engineering team.  We plan to deliver more features than ever before without changing the fundamental nature of the product.  It's a great product.  That's why we bought it.  We look forward to working with all of the Web Help Desk customers.

VoIP & Network Quality Manager 4.0 RC is out for a while and based on your RC feedback we would like to give you more details about adding Call Manager or troubleshooting possible issues during setup.


First of all, your Cisco Call Manager needs to be ready for monitoring calls.


You can set it up via CCM web console. To do that, please follow Cisco tutorial here:

It is usually your billing server producing CDRs and you can configure using Cisco help page:

You also need to enable AXL credentials on CUCUM. That could be done easily using this tutorial:


In case that your AXL credential test failing in VNQM add call manager wizard, you need to be sure that you can use AXL via SOAP from the VNQM web console.

To do that type following into the browser:  https://<ip address>:8443/axl/


If AXL API is working, Call Manager should see following output:

Cisco CallManager: AXL Web Service

The AXL Web Service is working and accepting requests. Use HTTP POST to send a request.


If this is not your case, please check the VNQM to CCM connectivity (firewals, etc.) and reffer to step two – how to enable AXL credentials on CUCUM.


If your Call Manager is prepared then it’s time for Adding Call Managers to VNQM:

Navigate to VoIP & Quality Settings and click on “Add New CallManager nodes” link.



Add Call Manager wizard appears with the list of nodes to select. Select the corresponding Call Manager node and click “Next”.


After clicking “Next”, a new screen appears asking what needs to be monitored for the Call Manager node. The Call Manager node can be added with or without CDR/CMR polling.


If you can’t add a node that is supposed to be a call manager then you have probably SNMP service turned off on Call Manager. Take a look on the following screen which shows you how to find if SNMP is turned ON.


Note:  If added with CDR/CMR polling, the wizard gives an option to enter AXL credentials (to poll region specific data) and FTP server credentials (where the CDR/CMR files are stored).



Click “Next” after selecting the monitor type.


Note: If without CDR/CMR monitoring is selected, the wizard adds the call manager without providing an option to enter AXL credentials and FTP credentials. It can be added later by editing the call manager node




  1. Click on the “What are AXL Credentials” link to know more about AXL. Enter the AXL credentials.
  2. Click “Test” button to test the AXL credentials.


Click “Next” button to continue.

Add FTP Server (where CDR files will be placed):


  1. If the FTP server IP entered is a SFTP server, secure connection check box should be enabled to continue.
  2. The FTP folder name where the CDR/CMR files are stored.
  3. Click on the Test FTP server connection to check if the entered credentials are valid.
  4. The polling frequency is defaulted to 1 minute and can be changed to any value from 1 to 60.
  5. Enabling the Delete check box will delete all the CDR/CMR files from the FTP server once the polling is complete.  To know more about this feature, click on the “Why would I do this?” link.


After clicking on “Next” button from the Add FTP server page, the final summary page appears. Users can review the entered data and clicking on “Add Call Manager” adds the call manager to the VNQM.


Now you are eligible to do a search for CDRs via VNQM web console and system will periodically poll for new CDR files.



At SolarWinds, we believe one of our differentiators vs. other companies out there is the fact we have such a strong user community, and we listen to that community.  With that being said, I am excited to talk about an acquisition we just announced, Web Help Desk.


Personally, I am very excited about this acquisition.  A Help Desk offering has been requested by our customers for a while now and we finally found the right product that represents what we expect in a SolarWinds product.  There are tons of help desks out there that we could have acquired, but what makes me excited about this one is how it started and why it was built in the first place.


For those of you who have been around SolarWinds long enough, you know that we started with Engineer’s Toolset, which was written by our founder when he was a network consultant to help make his own job easier.  He shared it with other engineers where he worked, and they loved it too.  They told him he should sell his tools and SolarWinds was born.


The story with Web Help Desk is very similar.  The founder worked for a K-12 school district and was looking for a IT Help Desk product, but all of the products available were too hard to use, set up or manage, or were way too expensive, or were offered as software-as-a-service, for which he would have to pay recurring annual costs, basically re-buying the product each year, which was a problem for a school with a limited IT budget.  So what did he do?  He decided to build one himself and then decided to start selling it as well, creating Web Help Desk.


Web Help Desk fits perfectly into the SolarWinds family of products.  I highly encourage you to go and check it out.  The two pages I recommend are:

  1. Feature Page - This page walks through all the features that are available in the product.  This is not only a ticketing system, but also has features for IT Asset Management, Knowledge Base, Change Approval/Change Management and much, much more.
  2. Online Demo & Download Page - where you can check out an online demo and if you wish, download a fully-featured 30 day evaluation, which you can get to from here.


Here is a screenshot from the online demo of the dashboard, which is fully customizable.  Tell us what you think, we would love to hear your feedback.

which you can get to from here.


For all Patch Manager customers with active maintenance, we have posted an update to your customer portal and to the product download page. This update, v1.73, is designed to ensure continued functionality of all Patch Manager installations, which will be adversely affected by the installation of the Microsoft update KB2661254. KB2661254 is scheduled for release on Patch Tuesday - August 14, 2012.


KB2661254 will invalidate all RSA-based certificates with key lengths of less than 1024 bits and has been discussed in several Microsoft postings of late, most notably the following:


How does Microsoft KB2661254 affect my Patch Manager installation?

This affects all existing Patch Manager installations, as all versions are currently based on 512-bit key lengths. Certificates are used in Patch Manager to authenticate console-to-server connections, as well as to authenticate server-to-server connections when additional Patch Manager servers have been deployed in the environment. Patch Manager v1.73 replaces the existing 512-bit certificate with 2048-bit certificates.


What do I need to do to address this issue?

You should defer deploying KB2661254 to your Patch Manager servers and console systems until they have been successfully updated to Patch Manager v1.73.


The Patch Manager v1.73 update must be applied to your Primary Application Server (PAS) first, and then to any additional servers or console installations. Once the v1.73 update is applied to the PAS, and until the v1.73 update is applied to the additional servers, the entire Patch Manager environment will be offline, as the additional servers will be unable to communicate with the updated PAS.


Furthermore, until the Patch Manager v1.73 update is applied to the remote consoles, those consoles will be unable to connect to any Patch Manager v1.73 Application Server.


To be specific -- any Patch Manager server or console prior to v1.73 cannot communicate with a Patch Manager server upgraded to v1.73.


We are providing this update as soon as we were able to complete testing so that you will have sufficient time to plan and implement this update prior to deploying KB2661254.


In addition to this certificate subsystem update, Patch Manager v1.73 also includes a roll-up of a fix we released in May that changes how we authenticate with remote systems using credentials. This will provide more reliable authentication with Patch Manager clients, and eliminate many issues that were previously encountered as a result of User Account Control (UAC) interference.

The following table provides an overview of the SolarWinds products that are certified and under evaluation.  Our current certifications are listed here on the NIAP website.  More information on products under evaluation can be found here.


ProductCertifiedIn Eval
Network Performance Monitor (NPM)10.1.310.6
Network Traffic Analyzer (NTA)3.73.11
Network Configuration Manager (NCM)6.17.2
IP Address Manager (IPAM)1.74.0
VoIP and Network Quality Manager (formerly IPSLA)3.54.1
User Device Tracker (UDT)3.0.1
Enterprise Operations Console (EOC)
SAM (formerly APM)4.06.0
Web Performance Monitor (formerly SEUM)2.0.1
Fail Over Engine (FoE)6.7
Log and Event Manager (LEM)5.7

So it is still very early in the development cycle but we thought you all would be excited about the new work we have done and want to get started testing the latest version of NPM. We have just completed the first development iteration so we still have a lot more planned to work on in the release, but we want to get your feedback on several new big features:

  • Custom Property Enhancements
  • De-duplication of nodes
  • Subviews
  • F5 BIG-IP Support
  • Universal Device Poller (UnDP) Improvements
    • Multiple UnDP in a single chart
    • UnDP Parse Transform function
    • UnDP Polling and Retention settings


If you are interested in participating in the beta and are a current NPM customer on active maintenance, simply fill out this survey and we will include you.

SolarWinds NPM 10.4 Beta Survey


Custom Property Enhancements

The big change you will notice here is that custom properties have been moved to the web. You can now create, update, and delete custom properties directly from the web interface. We will be removing the Win32 app now that all functionality has been ported to the web. Because of this we want to get more of your feedback. You can access Custom Properties by going to Settings, Manage Custom Properties.




While we were porting this feature, we also expanded it and addressed a long standing request - predefined values for custom properties! Now you can avoid fat fingering those values and simply select from a drop down list.


CPE NEW 2.png

CPE 4.png


De-duplication of nodes

Now when you run discovery we look at the SysName, MAC Addresses, and DNS Names to see if we are already monitoring this node. This helps prevent the situation where you do a discovery and a node gets added multiple times because it has interfaces in multiple networks. This feature has been added to discovery and add node (although slightly different process is used for each).



Many of the people reading this blog will be familiar with this feature because we have reached out to a lot of you to get feedback on this new feature. It is a fairly large change to how the the views are presented and should help organize how the views are presented and decrease page load times (since less resources need to be loaded). Essentially we introduced a left navigation menu (similair to the Flow Navigator in NetFlow) that allows you to quickly go to different views for a node. Subviews allow you to create several views for different purposes and quickly switch between as needed.


You can enable subviews by clicking Customize Page then the "Enable left navigation" button.

Subview 1.PNG


Subview 2.PNG


Once the left navigation is enabled you can create tabs and add the desired resources to those tabs.


Subview 3.png


F5 BIG-IP Support

In addition to the standard CPU and Memory support we are also polling connections and other critical information for these devices.


F5 Status.PNG

F5 Connections.PNG





Universal Device Poller (UnDP) Improvements


Multiple UnDP in a single chart

You can now have up to 10 different UnDPs that are assigned to the same node to be graphed on a chart. Below you can see a chart that is graphing in and out octets. The second screenshot shows how this can be configured.

UNDP Multiple.PNG


UnDP Multiple 2.PNG


UnDP Parse Transform function

This is a more technical feature to use. Sometimes you have custom pollers that return a text string and you need to parse the text string to remove the number and use it in a transform. To use this, go to the UnDP application on the server, click Transform Results and create the necessary transform.

For the formula, use the following syntax parse((REGEX), {POLLER}). The exact regular expression you need will depend on the string you are trying to parse.


For example if you have a poller called TempPoller that returns the string "Current temperature is 55", you would put parse((?<result>\d+),{TempPoller}) in to the Formula line. In the below screenshot, the poller name is ciscoEnvMonTemperatureStatusValue.

UnDP Transform Parse.PNG


UnDP Polling and Retention settings

Just what the name says. You can now specify how often the custom poller runs and how long to store UnDP data. The polling interval is for each poller type. For example if you have a temperature poller and apply it to 5 devices, all devices will be polled with the same interval (although probably not at the same time). The retention setting is a global setting for all custom pollers. If you have a temperate poller polling every 5 minutes and a fan status poller polling every 1 minute the data they return will be stored for the same amount of time. By default detailed statistics are stored for 7 days, hourly summaries for 30 days, and daily summaries for 365 days. Of course the whole point of this new feature is you can change them! Some people will want to decrease these settings to lower the impact of custom pollers on their database, while other customers may have the resources and need to store the data for longer.


UnDP Retention Settings.PNG

Several SolarWinds products can help with various areas of the Payment Card Industry (PCI) Data Security Standards (DSS) requirements. The purpose of the PCI DSS is to set a baseline of minimum security for any vendor that takes credit cards. This is good for the consumer as it (theoretically) institutes best practices that reduce the risk of a security breach that could expose their data, making vendors that are PCI compliant less likely to put you and I at risk for identity theft that way. This is good for IT shops because it's been historically difficult to get IT budget money for security and privacy initiatives, even if you know they are really the right way to do it. PCI is also an ongoing cost for IT, though, because many of the controls are not one-time checkboxes, they are continuous mandates to help you stay out of the headlines.


What Does SolarWinds Do for PCI DSS Compliance?

The PCI DSS is broken down into several sections. These sections cover everything from physical security requirements to secure IT implementation to scanning and monitoring.


SolarWinds Network Configuration Manager (NCM)

NCM is a network configuration management system that provides auditing of network device policies and changes, and allows you to institute change management procedures (including approvals) around device changes. More info about NCM's features as they apply to PCI compliance can be found here, but here's the specific items it can help with:

  • Addressing PCI Requirement 1.1: Establish Firewall and Router Configuration Standards (especially 1.1.1, approval of changes, and 1.1.6, reviewing policies)
  • Auditing your compliance with PCI Requirement 1.2: Building Restrictive Firewall Configurations, 1.3: Prohibit Direct Public Access, 2.1: Change Default Device Passwords & SNMP Communities/Remove Extra Accounts, 2.3: Allowing Only Encrypted Admin Access to Devices


NCM provides specific reports for PCI compliance to make it easy to audit configuration settings and changes.


SolarWinds Patch Manager

Patch Manager provides integration with native Windows patching technology (WSUS/SCCM) AND provides built-in third-party application patching. More info on Patch Manager's features can be found here, but here's the specific items it can help with:

  • Addressing PCI Requirement 6.1: Ensure Software has Latest Patches within 1 Month of Release
  • Assisting with PCI Requirement 6.4: Ensure Patches are Tested/Reviewed (by way of distributing patches to a test environment, providing back-out/uninstallation of patches)

SolarWinds Serv-U Managed File Transfer

Serv-U MFT provides the ability to ensure security of transferred files, supporting configurations that keep your sensitive data from hanging out in the wild. If you use file transfer when it comes to cardholder data, Serv-U is for you. More detail is available here on the Serv-U site: Serv-U FTP Server PCI Compliance, but here's the specific items it can help with:

  • Assisting with PCI Requirement 1.2 and 1.3: Restricting access from the Internet/Untrusted Networks
  • Assisting with PCI Requirement 3: Protect Stored Cardholder Data
  • Assisting with PCI Requirement 4: Encrypt Transmission of Cardholder Data
  • Assisting with PCI Requirement 7: Limit Access to Cardholder Data
  • Assisting with PCI Requirement 8: Use unique access credentials


SolarWinds Log & Event Manager (LEM)

SolarWinds LEM is a Security Information & Event Management (SIEM) and Log Management system that provides capabilities around log collection, real-time correlation/notification/response, flexible and extensive historical search, compliance reporting, and some endpoint security. More info about LEM's features as they apply to PCI compliance can be found here, but here's the specific items it can help with:

  • Addressing PCI Requirement 10.5: Secure Audit Trails, 10.6: Review Logs for All System Components, 10.7: Retain Logs
  • Addressing PCI Requirement 11.5: Use File Integrity Utilities
  • Detecting potential violations to compliance with PCI Requirement 2.1: Usage of Default Accounts, 4.1: Usage of IM/E-Mail with Sensitive Data (by way of IM monitoring and DLP solutions that can log this activity OR usage of IM in general), 5.2: Ensure AV is Generating Log Data, 7.1: Least Privilege Access to Sensitive Data, 8.5: Usage of Inactive/Default/Generic/Shared Accounts and Other Account Policies, 10.2: Logging various audit trails, 10.3: Include Timestamps with Logs, 10.4: Changes to Clock, 11.1: Detect Wireless APs (depending on your detection method), 11.5: Review of File Integrity Monitoring data


LEM provides extensive audit log reporting capabilities for all of the collected log data, whether it's for auditing compliance with any of the standards mentioned above, or the specific items mentioned in 10.6.


Do my SolarWinds Products Need to be "PCI Compliant" Themselves?

No. SolarWinds products do not capture credit card data directly, provide access to card data directly, or authenticate card data directly. Products that are "in scope" for PCI compliance themselves would include things like databases, file servers, firewalls and routers used for networks that store or access cardholder data, user accounts used to directly access cardholder data. Our management products are used to meet specific PCI requirements at what you could think of as a meta level - they aren't providing the cardholder data, they are providing information about access to the cardholder data, networks, and systems.


For LEM, when we collect audit trail data, this data does not include cardholder data, again, only information about access to cardholder data. With NCM, you can approve/modify firewall configurations, but we are not collecting or reviewing network traffic. With other products that monitor or live on the network (like NPM and NTA), we are, again, not collecting or storing actual network traffic that may contain cardholder data, only information ABOUT network traffic. With SAM, we are similarly monitoring system activity, but not directly related to cardholder data itself. With SEUM, your recorded transactions contain the data you choose to submit, which would not be customer cardholder data that they may be submitting to the same site (if you're testing performance on a form related to card number submission). Patch Manager can inform you of missing patches or the state of patching of a system that stores or accesses cardholder data, but never accesses the system for any purpose other than patching.


Even Though my SolarWinds Installs Don't Fall Under PCI, I Want to Implement Some Best Practices. Can I?

Requirements such as default user accounts, SNMP communities, and audit trails are often general security best practices. Some of them can be applied to SolarWinds products, others can't. The answer is a solid "it depends."


Specific configuration changes we've been asked about:

  • SNMP community strings. The big issue with SNMP community strings is where they are used for making configuration changes. Exposing default SNMP read-write communities puts your devices at risk for unexpected changes. The next big issue is SNMP communities for monitoring, which can lead to information exposure. Even with SNMP read-only, you can view device statistics, log data, and configuration settings. The last capability of SNMP is trap sending and receiving, which is generally informational activity, often used for alerting or in place of syslog. In this case, setting default communities is less critical, because it's generally a one-way communication mechanism outbound from your devices to ours.
    • Active SNMP monitoring (not traps) using non-standard communities: all SolarWinds products that collect data via SNMP monitoring (connecting to devices and polling via SNMP) do allow you to specify a non-standard community. You can also set the systems you run on that provide SNMP monitoring themselves to non-standard communities. Some products, such as LEM, do not have SNMP monitoring capabilities and this doesn't apply. The Orion family products live on Windows systems, if you're monitoring those systems with SNMP, the SNMP settings apply to the system, not our products.
    • Active SNMP configuration changes (not traps) using non-standard communities: The good news is no SolarWinds monitoring products modify system configuration settings via SNMP (LEM, NCM, NPM, etc). SNMP, in these cases, is either used for monitoring (NPM, SAM) or only with traps (LEM).
    • SNMP Trap sending: Many SolarWinds products can send alerts via SNMP traps. All products that can submit traps to other systems allow you to specify the address and community to use, if not standard.
    • SNMP Trap receipt: Many SolarWinds products can also receive alerts via SNMP traps. As of today, in some cases including SolarWinds LEM, the community string is the default ("public") and cannot be modified. As mentioned above, these SNMP traps are consumed by SolarWinds systems for storage and search, and do not make direct changes to any of your systems by their nature.
    • SNMP v3/encryption support: Several SolarWinds products do support using SNMPv3 for monitoring activity. Some systems that receive traps, including SolarWinds LEM, do not provide the ability to use SNMPv3 as it stands today (meaning, traps submitted to LEM will not be encrypted, much like syslog data).
  • Admin Credentials and Default Users. Many customers have a desire to apply best practices around default admin credentials, even though our systems do not fall directly under PCI requirements themselves.
    • Changing admin passwords: All SolarWinds products have the ability for customers to change the default administrator user's password.
    • Adding additional admin users (and not using the default): All SolarWinds products have the ability for customers to add more than one administrative user and not use the out-of-the-box administrator. This allows you to use named users for making administrative changes and avoid using a shared admin account.
    • Disabling the out-of-the-box admin user: Some SolarWinds products do not have the ability to delete or disable the default admin user. SolarWinds LEM, for example, does not allow customers to delete the default admin, to ensure that there is always an admin present that can be reset and used in event of administrative turnover. SolarWinds Virtualization Manager, on the other hand, provides the ability to delete the built-in user as long as another administrative user exists.
  • Least Privilege Access/Use
    • Active Directory Integration: Many SolarWinds products allow you to retrieve group information or authenticate against Active Directory. For basic authentication and information, you do not need to use a user with administrative access.
    • Monitoring: For SolarWinds products that do remote polling, it is generally possible to use lower privilege users (i.e. not root or administrator). Specifically, SAM polling can be done against a non-administrative user with these instructions.
    • Installation & Services: In most cases, SolarWinds products do need to have administrative or fairly broad system privileges to install and run due to technical limitations. Where installers require administrative privileges on Windows, generally they will show the UAC prompt for administrative access automatically.


A Quick Note About PCI DSS v3.0

Most of the changes in PCI DSS v3.0 don't affect your SolarWinds implementations, and product changes were not necessary though your implementation and processes might need to be tweaked. Notable changes that can apply to SolarWinds products:

  • In general, the PCI council added guidance about integrating products into ongoing PCI compliance. As a part of this, having a SIEM helps customers be more proactive in this process rather than only looking at logs when an audit comes through – focusing on security, not just compliance. We didn’t have to make product changes here, but it’s noteworthy.
  • Requirement 10 changed slightly to focus more on identifying suspicious activity and more flexibility in reviewing less critical logs. We didn’t have to make product changes here either, but requirement 10 is the one that specifically deals with logs so it’s noteworthy. (Customers may actually have to generate or review fewer reports of “normal” activity for auditors.)
  • Requirement 2 added a specific note about detecting changes to default passwords for service/backup accounts, not just user accounts, which LEM can help monitor (and NCM can help manage as well). We didn’t have to make product changes to help deal with this, but the clarification helps customers implement it properly.


Questions About Implementing or Auditing for PCI DSS?

If you've got questions about how SolarWinds products are used for PCI, what specific reports or features to look for, or how to implement any of the best practices security configurations, leave them in the comments. I'll update this page with any other common questions we get related to PCI configuration and can direct link any features if that's helpful.

Ok so the post title might be a little dramatic. The IP SLA Manager that you know and love is still alive and well, it's just the newer, better version. IP SLA Manager was primarily focused on network quality by leveraging Cisco's IP SLA operations. It also had a very small amount of voice information (number of registered phones and gateways). Many customers were able to manage their IP Telephony environments by using the VoIP operations to get more information about Jitter, Latency, Packet Loss, and MOS. However, we got many requests to expand this support to provide more insight in to the actual calls in the network. We have done that by leveraging Call Detail Records (CDR) and Call Management Records (CMR). As part of these new significant changes we are also taking the time to change the name to better indicate what the product actually does and how we plan to continue to develop and expand its functionality.


So let's get down to what this means exactly for you.


If you are an existing IP SLA Manager customer all you need to do is download the new version when it is available and update the license. This has been true for most major releases of Orion based products, major versions requires you to update your license (just like you do every year when your maintenance is renewed). Go to your customer portal, copy your new license key, go to License Manager on the server and put in this new license. The license levels for VoIP & Network Quality Manager are exactly the same as they were for IP SLA Manager. If you had an SLA5, you still can source operations from 5 devices. If you have an SLAX, then you can still run unlimited IP SLA operations. The change is we have expanded the license to cover the new voice functionality. The table below indicates how many phones each old license level entitles you to. Some customers may need to upgrade their license if they need to track more phones.


Current TierNew TierIP SLA Source DevicesIP PhonesNodes
SLA5VNQM (IP SLA 5, IP Phone 300)Up to 5Up to 300Up to 40
SLA25VNQM (IP SLA 25, IP Phone 1500)Up to 25Up to 1500Up to 200
SLA50VNQM (IP SLA 50, IP Phone 3000)Up to 50Up to 3000Up to 400
SLAXVNQM (IP SLA X, IP Phone X)UnlimitedUnlimited1000


Why are nodes tracked? In addition to the new voice features we have also made VoIP & Network Quality Manager standalone, this means you can run it without NPM. For most customers this won't make any difference, but some new customers will benefit from this. The nodes are used for adding Routers, CallManagers, etc. Existing customers will benefit from this by having an increased Node count (when multiple products are installed together, their node counts are cumulative).


There are a few more details about the phones. In the interest in providing more information rather than less, the below Question and Answers should help you to understand how this works.


Q: How exactly are “phones” accounted for in licensing?

A: VoIP & Network Quality Manager polls the CallManager servers. Licensing works based on first come first served per poll (reflecting status where registered are taking precedence of being licensed). For example: if there are 500 phones and you have a license for only 300, the first 300 phones polled will be licensed, the rest will shown as "Unlicensed". The next poll of the Call Manager could return a different order of phones and therefore a phone that was previously showing data could change to "Unlicensed".


Q: Do we randomly picks phones that are over the license count and just ignore their traffic?

A: No we collect data for all calls together with unlicensed phones, but display unlicensed text for those exceeding the license level


Q: Are the phones registered phones in Call Manager?

A: Registered phones take precedence in evaluating the phones as licensed, however the sequence in polling is the main driver. If we poll the phones from Call Manager then the first ones registered are set as licensed, then unregistered if still room, those that exceed license amount are marked as unlicensed.


Q. What happens to my existing IP SLA configuation when I upgrade?

A. Nothing, all of your existing configurations will continue to work as expected.


Do you still have questions? Post a comment and we will continue to update this thread and reach out to people who need additional assistance.


Since SolarWinds acquired Eminentware earlier this year, we have been interested in all things patch.  The product team noticed there is lack of an organized community focused on the topic of patch management, and decided we would create one.  Last week, we announced PatchZone, which is a new space in thwack where IT pros can go to get news and tips on patching Microsoft & 3rd party applications – regardless of whether you are patching with Patch Manager.  Expert guidance is provided by Microsoft MVPs, and our very own Lawrence Garvin (Patch Manager product manager).  You will also see guest blogs by subject matter experts who have implemented vulnerability management solutions in both very large and small IT shops.  Some of the topics you will see on PatchZone, now and in the future include:

  • Patching virtual machines & off line systems
  • Where do application vulnerabilities lurk and which apps should be prioritized for patching
  • Patching, testing & application compatibility
  • Best practices for scheduling your systems’ patching
  • The difference between patching 3rd party apps with SCCM & a third party patching solution
  • Table of 3rd party app updates – with critical updates noted in red with Security Bulletin


We hope you find this community educational.  If you have a topic you would like to see covered, please let us know.

I'm happy to announce that NetFlow Traffic Analyzer (NTA) 3.10 has recently reached Beta status. We have completed the bulk of the development effort and are now focused on testing the latest release of NTA. This is your chance to install the latest version and provide feedback on the new features and fixes. Providing feedback during the beta is the best way to ensure that your feedback will be incorporated in to the release. To participate, simply fill out this survey and you will be sent the download links for the Beta. Remember, Betas cannot be installed in production and you cannot upgrade the Beta to any other future versions.


If you are curious what made it in to the beta, you can see the "What we are working on" post and the Ideas and Feature Requests for NTA marked as "Working on". While you are there, go ahead and open any requests you are interested in.


Below is a quick recap of the new features.


1. Localized support in Japanese.

2. Support for sFlow v2 and v4.

3. General support for monitoring flows on "un-managenable" interfaces. NTA netflow anlayzer software currently requires an interface to be managed by NPM before it can receive flows from it. With this change, we can create an un-managable interface to be monitored by NPM network monitoring software to correlate the flows with. This was primarily done to support the vSwitch which we cannot poll via SNMP to correlate the ifIndex on the device with the ifIndex in the flows. However, this also applies to other devices that send flows but there is not a related interface to match the flows with.

4. New Charts

If you have been watching NPM, then you will be aware that we have been working on updating the charting package for the entire Orion Platform family. NPM network monitor is currently providing these charts as a customer technology preview (CTP). NTA will be the first Orion product to ship these new charts by default! The screenshots below don't do justice to these new charts. They load much faster than the current charts and are interactive, the best way to see them in action is to try out the beta!


NetFlow Top 5 Applications Chart.png

NetFlow Top 5 Applications Stacked Chart.png


NetFlow Top 5 Applications Bar Chart.png


The new charts support a nice hover that allows you to see specific values. One of the biggest improvements in NTA bandwidth monitor is the ability to click and drag to zoom on interesting areas in a chart to get more detail. Also, many users have requested better context on Top 5 or Top 10 graphs. To provide this, we have added the Remaining Traffic row at the bottom of the Top XX charts to so you can use NTA effectively for network traffic monitoring, and see how many bytes or packets the other traffic represents in aggregate.


If you haven't done so already, go ahead and fill out the survey so you can start experimenting with the new beta!

SolarWinds NTA 3.10 Beta Survey

We have officialy reached Release Candidate (RC) phase for VNQM 4.0 (formerly IPSLA Manager). Users that are under IPSLA active maintenance can install this RC.


RC builds are fully supported and made available to existing customers prior to the official release.


Here comes a list of new features:

  • Support for Cisco Call Manager 7.x and 8.x
  • Troubleshooting of real VoIP calls
  • Search and Filter Call Detail Records (CDR files)
    • Search by VoIP quality metrics (MOS, Jitter, Latency)
    • Search by same time, same termination code, same region, gateway or call manager
  • - Updated IPSLA TCP operations
    • Now successful settings in firewalled environments
  • - CDR Alerts, Reports & Events
    • Notification support for problems in VoIP infrastructure
  • Standalone Product
    • Same functionality as a SolarWinds NMS module but a flexible option for customers just looking for VoIP & WAN management software


If you are interested in participating in the RC, please fill out this survey.


Here is how to start with VoIP monitoring & troubleshooting:








Since Microsoft's formal launch of SQL 2012 the requests have been coming in about our support for it. You can see several of these requests on thwack here and in our new Feature Requests area here.


Unfortunately (or fortunately, depending on how you look at it), there have been several significant improvements to SQL 2012 which cause problems for the Orion Platform. For this reason, NPM 10.3 does not support SQL 2012 (as discussed in this KB). However, we have already been hard at work on making changes to support the newest version of SQL. NPM 10.3.1 is currently in Release Candidate and has support for MS SQL 2012. We are still working on adding support for SQL 2012 in the other Orion based products. This post will be updated as we release updated versions of the product that support 2012.



NPM -  Support added in 10.3.1

SAM - Support added in 5.2

NTA - Support added in  3.10.0

NCM - Support added in 7.1

UDT - Support added in 2.5.1

IPAM - Support added in 3.1

WPM - Support added in 2.0

VNQM - Support added in 4.0.1


Remember to follow this post or check back often as we update the status of each product.

Addendum including Windows Server 2012 and non-Orion products here

For those of you who have been following our On Call Alert Management developments, we've been soliciting your feedback on several topics, which will continue for the next few weeks. As a new product that a lot of customers are really excited about, we want to make sure it hits the mark on all fronts - from what to name the product to its featureset and deployment.


So, about that deployment. Here at SolarWinds we have a large number of products that are deployed as software that you install on a Windows OS, some of which are built on the Orion platform. We also have another set of products that are deployed as virtual appliances, deployed to a VMware ESX/ESXi or Microsoft Hyper-V virtual server. Centralized On Call/Alert Management is something that everyone can benefit from and will be provided as a standalone product, but we recognize a lot of you are coming from the Orion platform products and may have experiences and opinions that sway you for or against software or virtual deployments.


Bottom line: we want to know your thoughts. If we deployed as a virtual appliance, would that make you more or less likely to evaluate? Is there something about deploying software (or Orion products) that you'd sorely miss with a virtual appliance? Or, is a virtual appliance like a load off your back, a system you don't have to configure and maintain? If you've deployed other virtual appliances, what did you love or hate? Any concerns you feel we'll need to alleviate?


First, go vote in this poll and tell us how comfortable you are with virtual appliances - be honest, it really helps: Deploying Virtual Appliances


Then, if you've got more to add about your preference for a virtual appliance, Orion, or other style software deployment when it comes to Centralized On Call/Alert Management in particular, comment in this thread (or in the poll, we'll read them both).


More opportunities for feedback are coming soon! This truly is a software for the people, by the people kind of process.

The SAM 5.2 beta is already underway, but it's not too late to get in on the action. And If you've been biding your time waiting for Beta 2, you're in luck! As of today, beta 2 of Server & Application Monitor 5.2 is now available to all existing APM/SAM customers under active maintenance. All you need to do to get your hands on the beta is sign-up. It's just that simple.


Native support for Microsoft's Hyper-V and a radically revamped template editor may be the star attractions, but the list of new features in this release hardly ends there! Let's take a look at two more impressive new features included in SAM 5.2 beta 2.


New Charts

SAM 5.2 New Charts.png

The recent release of NPM 10.3 included some cool new charts. While not enabled by default, these new charts can be added to any view to replace the older legacy charts you already know and love.


In SAM 5.2 beta 2, we similarly refreshed many of the out-of-the-box charts by incorporating the same charting library included in NPM 10.3. However, the SAM team put their own twist on an already cool feature by integrating the warning and critical thresholds into these new charts so you can quickly visualize how your collected statistics relate to these thresholds over time. These thresholds are represented on charts as red hued bands for critical, and yellow for warning, as seen in the image on the right.


Also new in beta 2 is the addition of a trend line on these charts. The trend line allows you to look at a large volume of statistical data and easily make capacity planning decisions based on this information. This functionality has existed in NPM for quite some time and now makes its way to SAM via these new chart resources.


Windows Event Log Monitor


The Windows Event Log Monitor first appeared in APM 3.1, and sysadmins everywhere have been relying upon it ever since. From the alerting of application problems to important security events, the Windows Event Log Monitor has been an intrinsic component of APM and SAM.


One item that's been missing from this component monitor, since its inception, has been the ability for users to know precisely which event triggered an alert. Because this component monitor type can be configured nonspecifically and alert on something as basic as any error in the application event log, it's important for IT support staff to know exactly what event was found before responding.

EventLog Message Details.pngThe SAM team sought to improve the Windows Event Log Monitor in version 5.2 by including an Event Log Message Details resource that displays all current and historic matching events for the configured component. This provides administrators with a detailed accounting of how frequently this condition is occurring, as well as when the last time a similar event occurred.  When you click on any event listed in the Event Log Message Details resource, a new window displays the full details of the corresponding event. This information can also be included as part of the email alert message using the new ${WindowsEventMessages} macro.


EventLog Message Details Opened.png

There's many more great new features in this release, so I encourage all existing SAM customers under active maintenance to signup and check them out for yourself! As always, we welcome your feedback. Feel free to respond to this post if you have any questions or comments regarding the beta. All existing beta participants are asked to post their feedback in the SAM beta forum.

Are you a new user of SolarWinds NPM? Could you use a refresher of the product basics?


If so, join SolarWinds for a level 1 NPM customer training.


This training will include:

- The basics of monitoring technologies

- Understanding monitoring for routers, switches, servers, and other infrastructure

- Alerts! Making the most of your performance and availability monitoring

- Optimizing NPM features


Register NOW for this live event on Thursday, July 12th, 2012 from 11:00 AM - 12:00 NOON CDT:







As we’ve mentioned before, we’re building a brand new product.  One of the fun exercises that comes with a new product is naming.  Every product needs a name.  And at SolarWinds, we don’t use catchy branded names because they don’t mean anything in and of themselves, which means that it takes a lot of marketing to teach people what it is.  When that works, it’s cool, and when it doesn’t it’s embarrassing:  See iPod and Zune as examples of success and failure in that kind of naming.


Instead, we want the name to be very descriptive.  For instance, it’s quite obvious what Network Performance Monitor or Server & Application Monitor do just from the name.   You might think that such obvious names are easy to come up with.  OK.  Sometimes it is:  SolarWinds Patch Manager basically named itself.  But not always.  We’re currently working on a new product that


centralizes all of the alerts that you get across multiple vendors into a common dashboard. You can access it from anywhere, you can apply rules to the alerts (to include routing alerts to individuals and teams depending on alert type and work schedules), and you can notify users and setup escalation policies if they don’t respond in a certain period of time


I’m trying not to name it in this post.  We’re interested in hearing what you’ve got to say.   If you had a product like this, what do you think it should be named?  Please submit your suggestion(s) here. Remember, the name should tell a casual reader what the product does. We’ll take all the suggestions, plus a few of our own, and we’ll take a vote from our customer base.


What’s in it for you?   If your submission becomes the name of the product, you get the irreplaceable satisfaction of being right.  You win.  We’ll thank you publically in a blog post so everyone is aware of your undeniable cleverness.   But we’ll make sure we get you a bunch of thwack points for your contribution.




Sneak Peek: SolarWinds Patch Manager - 7/18/12


In this webcast we will cover:


  • Orion Integration – Now in your Orion console, you'll be able to view important patch management data alongside other SolarWinds products in the integrated web console.  You'll be able to see information like the latest available patches, top 10 missing patches in your environment, and general health overview of your environment based on which patches have been applied.
  • Integration with System Center Configuration Manager 2012.  Today, Patch Manager is integrated with System Center Configuration Manager 2007.
  • Improved configuration – This next release will automatically install WMI providers on Patch Manager servers, automatically launch wizards to setup 3rd party updating, and provide remediation suggestions for commonly encountered WSUS errors.


Presenters: Lawrence Garvin & Brandon Shopp


WHEN:            July 18th,  2012

TIME:               10:00 am CDT



Filter Blog

By date: By tag:

SolarWinds uses cookies on its websites to make your online experience easier and better. By using our website, you consent to our use of cookies. For more information on cookies, see our cookie policy.