Skip navigation
1 2 Previous Next

Product Blog

22 Posts authored by: chris.lapoint

SolarWinds takes security seriously, and in addition to performing exhaustive internal security testing, we do our best to respond swiftly to any reported issue.  On the heels of the Heartbleed comes another new OpenSSL "man-in-the-middle" vulnerability called ChangeCipherSpec.  In the spirit of transparency, the matrix below represents the results of our internal analysis of products affected.

 

Product

Status

Product Versions Affected

Disposition

LEMOKN/ALEM uses OpenSSL as a server. As a server, OpenSSL is only vulnerable in versions 1.0.1 and 1.0.2-beta1. Regardless we are updating to patched 0.9.8 to rule out any misconceptions.
WHDOKN/A
Alert CentralOKN/A
Patch ManagerOKN/A
DameWareOKN/A
Virtualization ManagerOKN/A
N-centralOKN/A
FSMOKN/A
STMOKN/A
Serv-UOKN/A
FTP VoyagerISSUEN/AVulnerable client. Will be updated to 0.9.8za in FB345434.
NCMOK

N/A

Orion Core >2012.2 does contain OpenSSL 1.0.1e library, but is only used for outbound SNMPv3 AES communication. It is not able to be referenced by outside process or communication, therefore not vulnerable. Core 2012.2 and earlier do not contain affected OpenSSL library.  Regardless, hotfix shipped and is available for download: http://downloads.solarwinds.com/solarwinds/Release/HotFix/OpenSSL-Security-HotFix.zip

Kiwi CatToolsOKN/A
Kiwi SyslogOKN/A
EOCOKN/A
WPMOKN/AOrion Core >2012.2 does contain OpenSSL 1.0.1e library, but is only used for outbound SNMPv3 AES communication. It is not able to be referenced by outside process or communication, therefore not vulnerable. Core 2012.2 and earlier do not contain affected OpenSSL library.  Regardless, hotfix shipped and is available for download: http://downloads.solarwinds.com/solarwinds/Release/HotFix/OpenSSL-Security-HotFix.zip
SAMOKN/AOrion Core >2012.2 does contain OpenSSL 1.0.1e library, but is only used for outbound SNMPv3 AES communication. It is not able to be referenced by outside process or communication, therefore not vulnerable. Core 2012.2 and earlier do not contain affected OpenSSL library.  Regardless, hotfix shipped and is available for download: http://downloads.solarwinds.com/solarwinds/Release/HotFix/OpenSSL-Security-HotFix.zip
NPMOKN/AOrion Core >2012.2 does contain OpenSSL 1.0.1e library, but is only used for outbound SNMPv3 AES communication. It is not able to be referenced by outside process or communication, therefore not vulnerable. Core 2012.2 and earlier do not contain affected OpenSSL library.  Regardless, hotfix shipped and is available for download: http://downloads.solarwinds.com/solarwinds/Release/HotFix/OpenSSL-Security-HotFix.zip
UDTOKN/AOrion Core >2012.2 does contain OpenSSL 1.0.1e library, but is only used for outbound SNMPv3 AES communication. It is not able to be referenced by outside process or communication, therefore not vulnerable. Core 2012.2 and earlier do not contain affected OpenSSL library.  Regardless, hotfix shipped and is available for download: http://downloads.solarwinds.com/solarwinds/Release/HotFix/OpenSSL-Security-HotFix.zip
NTMOK

N/A

NTAOKN/AOrion Core >2012.2 does contain OpenSSL 1.0.1e library, but is only used for outbound SNMPv3 AES communication. It is not able to be referenced by outside process or communication, therefore not vulnerable. Core 2012.2 and earlier do not contain affected OpenSSL library.  Regardless, hotfix shipped and is available for download: http://downloads.solarwinds.com/solarwinds/Release/HotFix/OpenSSL-Security-HotFix.zip
FoEOKN/A
ipMonitorOKN/A
IPAMOKN/A
Mobile AdminOKN/AMA clients do use OpenSSL libs for RDP client connection (OpenSSL v1.0.1e), but since this would only be used to connect to a Microsoft RDP server (which does not use OpenSSL), there is no vulnerable connection. The next MA client release will update to OpenSSL 1.0.1h anyway. FB345311 (iOS), FB345325 (Android)
VNQMOKN/A
TFTP Server Free ToolOKN/A
SFTP/SCP Server Free ToolOK1.0.3.20 - 1.0.4.31SFTP/SCP Server 1.0.3.20-1.0.4.32 does contain OpenSSL 1.0.1e library, however only for internal encryption. No external SSL service is referenced, therefore not vulnerable.
ToolsetOK10.9.1 - 11.0.0SFTP/SCP Server in Toolset 10.9.1 - 11.0.0 does contain OpenSSL 1.0.1e library, however only for internal encryption. No external SSL service is referenced, therefore not vulnerable.
SSH ClientOKN/A
Clariion MonitorOKN/A
All other Free ToolsOKN/A

 

As always, please let us know if you have any questions or concerns, and we will address them straight away.

In case you missed it, the Log & Event Manager team recently released our 5.6 version which was packed with great features. And as always, there’s more exciting stuff coming, here's a sneak peek:

 

Disclaimer: this is not a commitment to a timeframe or delivery of any of the features discussed below. This is also not a commitment to deliver all of these features in our next release. This post is intended to give you a rough idea of what we're doing.

 

  • Scheduled nDepth searches
  • Support for Windows 8 with Workstation Edition
  • Support for auto-recycling licenses when using LEM in VDI-based desktop environment
  • Scalability enhancements to rules engine and appliance-side processing
  • Simplified agent update
  • NetApp connector
  • FIPS self-certification statement
  • And many other smaller customer enhancement requests and bug fixes - stay tuned for more details.

Before I dig into this post, I want to give a big shout out to all the customers who’ve participated in the NPM 10.1 Beta and RC programs.  In short, you guys rock!  Thank you!!! Your feedback has been invaluable and has greatly contributed to the quality of this feature-packed release.   We’re wrapping up the RC now, so it will be generally available very soon.

So that said, to the meat of this post.   While it’s impossible to get every feature every customer wants in every release, we believe NPM 10.1 is huge step forward in addressing many of your outstanding requests.   

Here are 5 key examples:

1. Complete Active Directory (AD) Authentication Support

You asked:

We listened:

  • With NPM 10.1, you can now authenticate to the Orion Web Console using native AD Users and Groups.  Prior to 10.1, NPM only supported authentication via an Orion account or Windows pass-through.  Yes, it’s been a long time coming, but we wanted to make we got it right.   After all, if we didn’t offer AD Group support, what’s the point, right?
  • Now, you can add an AD Group to Orion and then easily control Orion web access by add/removing group members through AD Users and Computers.  No more “can you give Orion access to Bob and Sue” requests in your inbox.  If/when users leave your organization, their Orion access is disabled with their Windows account.   See this this post for more details.

2. Dynamic Service Groups and Dependencies

You asked:

We listened:

  • With the introduction of Dynamic Service Groups in NPM 10.1, you can group multiple Orion objects (e.g., nodes, interfaces, applications, etc.) into a container that can be used to visualize status.   For example, you can create a “WAN Links” Group, add several interfaces, and then set Group rollup status mode to “best” to account for link redundancy.  See this post for a detailed walk-through with screen shots.
  • Once you’ve grouped your objects, you can configure a dependency for the group to suppress alerts based on a particular interface, node, or group being down.  The best part is you don’t need to change any of your existing alert configurations!  See this post for more details.

3. Multiple Interfaces or UnDPs on a single chart

You asked a lot! ;-)

We listened:

  • With NPM 10.1, you can now graph multiple interfaces or UnDPs on a single chart as well as graph the sum
  • More importantly for some, you can also place the new resource on a summary view and graph multiple interfaces from different nodes on the same chart.

4. PDF Views and Reports

You asked:

We listened:

  • With NPM 10.1, you can now schedule the export of any page or report in Orion as a PDF.  This eliminates the problems with sending HTML pages and the images getting gobbled by your email servers.   You’ll also notice an Export to PDF button in the upper right hand corner of NPM 10.1 web pages.  Click it and you can create ad hoc PDF exports of whatever you see on your screen.
  • See this post for details on how to leverage PDF exports along with several other new in 10.1 features to get charts in your reports.

5. Mobile Device and Alert Management Enhancements

You asked:

We listened:

  • With NPM 10.1, you can access a dedicated Orion alert view for mobile web browsers that allows you to view and acknowledge alerts from your mobile device.
  • What about email?  You can also receive an email notification and acknowledge alerts by clicking a link from your PC or mobile device.
  • What if you need to remotely disable an alert?  With NPM 10.1, you can view, enable, disable, and delete alerts directly from the website.
  • Finally, as an added bonus, just like in Report Writer, you can use custom SQL to create advanced alerts you cannot create through the built-in trigger creation interface

Please note that we’re using your thwack posts as examples because they’re publicly available for us to point to, but they’re not the sole determiner of release content prioritization.  We know you can’t access our minds or our internal feature tracking systems, but if you could, you’d see we also take into account all the great feedback you’ve given us in 1:1 interviews, feature requests submissions, beta posts, through our support organization, etc. to help us decide what goes into each release.

So, regardless of which method you prefer to provide us your feedback, please keep it coming!  We’re absolutely listening.

I’ve gotten a lot of requests for part 2 of my Hey Chart, get in my Report! (Part 1), so this follow-up is certainly long past due.  Just as a recap for new readers, we were discussing two highly-requested use-cases:

  1. Getting the pretty charts in the Orion website into a report that you can send to your boss on a regular basis
  2. Getting the pretty charts in the Orion website + the detailed data (which Report Writer provides) and send that to your boss on a regular basis

For those who have been following along, you’ll remember that the first use-case was covered in my original post back in September.  

So, was there a method to my madness in waiting so long to do part 2?  I certainly think so.  In case you haven’t heard, Orion NPM v10.1 is currently in Why Should I Care About Release Candidates? phase and provides a number of cool new features that will make creating specialized reporting views much simpler and faster (and not coincidentally, a much easier blog post ;-)

  • Custom Object Resource  - this resource allows you to select any object in Orion (e.g. node, interface, volume) and choose an associated resource to display.  This means you can add resources for different nodes and interfaces to the same page.  For example, you may want a page that shows bandwidth utilization charts for all of your WAN interfaces.   Now you can do this with a just a few clicks.   This should eliminate the need to use the custom HTML resource for this purpose (hopefully, some of you are smiling already).   
  • Multi-Interface and Multi-UnDP Chart Resources - these highly requested resources give you the ability to chart multiple interfaces or multiple UnDPs respectively in a single chart resource, including the option to display the sum/aggregate.  
  • Scheduled PDF Reports – this new capability allows you to schedule the export of any page or report in Orion as a PDF.  This eliminates the problems with sending HTML pages and the images getting gobbled by your email servers.

So, in this final post in the series, I’ll walk through how you use these new 10.1 features to address the final graphical reporting use-case (#2 above).

1. First, you’ll need to create a new “report” view:

Go to Admin > Manage Views and create a new view.  Let’s call this one “Critical Network Links Management View”.

image 

2. Next, you’ll want to add and configure resources on the view to represent the required charts and data:

For this Critical Network Link Management View, I’m going to add several individual interface charts, a multiple interface chart, and a data table report.    This will require the resources shown checked below.   

image

As you can see below, I’ve added enough Custom Object Resources to cover my 4 critical WAN links in addition to the Multiple Interfaces Chart and Report from Report Writer resources.  

image

Now, you’ll want to click Preview so you can see what the view will look like and edit the resources.   If you don’t like the layout, you can always click Customize Page again and change the column width.  

image

Next, you’ll want to edit each resource to select the appropriate interface or interfaces.    I’m not going to walk-through the step-by-step on this because the resources are very straight forward to configure.   If you’re interested in seeing what this looks like for the Multiple Interfaces Chart, check out Request for feedback – multiple interfaces and UnDP on charts.   As you can see below, I’ve configured all the chart resources.   Now, all that’s left is the report resource.

image

For the Report resource, I’ll select the Top 25 Interfaces by Utilization report.   This way, in addition to my 4 critical WAN links, I can see details regarding the health of other interfaces with high bandwidth utilization in my environment.   You can always use Report Writer to easily filter this report to specific interfaces, show other columnar data, or create a custom report specific to your environment.

image 

3. Finally, you’ll want to schedule this page to be sent as a PDF report via email to your boss.  

To do this, you’ll need to copy the URL from the browser.

 

 

 

 

 

 

 

 

image

Then, open the Report Scheduler app on your Orion Server (Start > All Programs > SolarWinds Orion > Alerting, Reporting, and Mapping > Orion Report Scheduler).   Click on the Add+ button to create a new report job.   Fill out the job details and paste this URL into the required field when prompted as shown below.   

image

Finally, you’ll want to enter the SMTP server info, your boss’s email address of course, and the appropriate scheduling details.  At the end, you’ll see the new option in 10.1 to schedule the page to be emailed as a PDF.    Select that, and you’re done!!

image

Example PDF report below:

image

We hope you find the new 10.1 features helpful not only for this use-case, but also for creating custom NOC and troubleshooting dashboards to share with all your networking friends.   As always, we welcome any feedback you have around the post or the new features, so please comment away!

P.S. While this is the last post in this series, this is only the first step towards our long-term vision for graphical reporting and we’re already exploring ways to make this process even more wizard-like and streamlined post 10.1.  We’re going to need your feedback soon, so please stay tuned!  

 

We’re seeing a lot of customers lately running Dell PowerConnect switches who want analyze their traffic using Orion NTA.  As most of you know, Orion NTA can already handle sFlow, J-Flow, NetFlow, and IPFIX, so it’s not a problem of product support, but rather device configuration.  Fortunately, one of our rock star testers (Andrew Court) was able to run through the sFlow configuration instructions in our lab (thanks Jason!) and our friend in Dell Solutions Support Team EMEA (Lam Vuong) hooked us up with troubleshooting steps and final engineering verification.   Finally, Doug from our doc team worked his KB magic.  I wanted to call these folks out since this was truly a team effort. If this works for you, please thank the folks that actually made it all happen! 

You can download the Dell PowerConnect sFlow configuration instructions here

 

That was an old Austin Powers reference for those who missed it ;-)   So, what do I mean by this?   Well, a question we get asked all the time by customers is “How do I get the pretty charts I see on my Orion website into a report that I can send to my boss on a regular basis to make him/her happy?”.    Seems like a reasonable request, right?   But, before I dive into this topic, you’ll need to ask yourself what types of reports does your boss care about seeing?   Does she want the charts as well as the detailed data behind the charts?    Or, would she be perfectly happy with the Orion website pages she’s seen while looking over your shoulder?  

Let’s start with the latter use-case since it’s the simplest and requires only a few steps in Orion Report Scheduler.

How to send an existing Orion website page as a scheduled HTML email to your boss:

To begin, you’ll need to open the Report Scheduler app on your Orion server (Start > All Programs > SolarWinds Orion > Alerting, Reporting, and Mapping > Orion Report Scheduler).   Click the Add+ button to create a new report job.   You’ll see the following screen where you’ll want to fill in the job name and click Continue. 

 image

On the next screen, you’ll see a prompt to add a link to a Web Report or Page in Orion. 

image

Rather than try to find this URL manually, simply click on the ‘…’ button and you’ll see a browser pop up where you can navigate to the Orion website page you want.   In this example, I’d like to send the “Top 10 List” page so I’ve logged in and navigated to that page below.  

image

When you click the “Use Current URL” button, this will automatically populate the previous screen as you can see below.  Notice that I’ve also checked the “Retrieve a Printable Version of this Page” option.  This will remove the banner and the menu bar from the page.   BTW, if you’re like me and you can’t stand to wait, try adding “&printable=true” to the URL in Orion to see what the page will look like when it’s sent.

image

When I click “Continue”, you’ll see I can set up my schedule.   In this case, I’m going to send it every morning at 8am.  You can also schedule it to be sent weekly, monthly, or just this once.

image

Finally, you’ll need to enter the email address of the folks you want to send it to.   If you want the email to actually go anywhere ;-), make sure to also fill out field on the “Email From” and “SMTP Server” tabs.

image

Click “Continue” one more time, enter the Windows credentials you want this job to run under (use a service account whose password doesn’t change often), and then you’re done!   You should see your new job listed in the Report Scheduler window.    If you want to run it now to test, simply right-click and select “Run Selected Job Now”.   Just be aware that if it works, your boss will be getting the email each time you run the job!

image

NOTE:  Some of you may have issues with your email server gobbling graphics in HTML pages.  If you can’t work around this, fear not because we’ve got a solution in the works.  As noted on So what’s on tap next for Orion NPM, we’re working on enhancing Report Scheduler to allow you to send Orion pages and reports as PDF email attachments in addition to HTML.  

Ok, but what about first use-case?  That is, the management team that wants their charts and their detailed table-based data too?    Well, you have a couple of options in Orion to address that need.   It’s a little more involved so I’ll talk you through that in part 2 of this series.  

In the meantime, have a great weekend and please let me know in your comments if there’s anything else you’d like covered in part 2!

Thanks to everyone who participated in the Orion NTA 3.7 RC!!  We’ve gotten a lot of great feedback in the RC forum and we’ll be going GA very (very) shortly, so stay tuned!  

So, with 3.7 virtually out the door, it’s time to turn our attention to what’s next, and as you might expect, there’s already a lot of research and planning activity underway.   I’ve included a list of features/enhancements below that we’re currently considering for the next release.   Please remember to check back on this post over the next few months as there will likely be changes as we complete our planning cycle and move into development.   If there are things you expected to see that aren’t on the list, please let us know!

  • Scalability and performance
    • We’ve made significant improvements in this area over the past couple of releases and our goal is to continue on this path
  • Expansion of traffic analysis capabilities
    • Provide endpoint-centric (non-NetFlow source) versions of Top XX Conversations, Top XX Applications, and Top XX Protocols resources for placement on node details views. E.g. Place Top XX Conversations on APM server view to see conversations to/from that server.
    • Huawei NetStream support 
    • BGP AS support
    • More out-of-the-box reports
  • Visualization and usability
    • Allow users to create a filtered network-wide summary view versus having to choose a particular source device and interface(s)
    • Allow users to leverage filtered network-wide summary view as results from search (versus having to choose specific endpoints/hosts and then adjust timeframes to see data)
    • Allow Traffic View Builder views to be easily saved for quick access at a later time
    • Enable grouping and filtering of nodes and interfaces in the NetFlow Sources resource similar to the All Nodes resource
  • Start backend work on IPv6 

PLEASE NOTE:  We are working on these items based on this priority order, but this is NOT a commitment that all of these enhancements will make the next release.  We are also working on a number of other smaller features in parallel.   If you have comments or questions on any of these items (e.g., how would it work?) or would like to be included in a preview demo, please let us know!

Orion NetFlow Traffic Analyzer (NTA) 3.7 is currently in Why Should I Care About Release Candidates? phase, so consider this our first post in our sneak peak series around this release.  

Most of us are always looking for an easier way to do our jobs (or perhaps just less work in general ;-).   Well, with that spirit in mind, in NTA 3.7 we’ve answered your numerous requests to see Top Talker details in your NPM high bandwidth utilization alerts.   After all, if you could save a trip to the Orion web console to hunt down bandwidth hogs and troubleshoot directly from your iPhone 4 without having to end your game of Words with Friends, who wouldn’t want that?

Here’s how to do this in NTA 3.7:

1. Open Orion Advanced Alert Manager and edit one of the new default “Top Talker” interface utilization alerts.   You’ll see two:  One for High Transmit Percent Utilization and one for High Percent Receive utilization.  It’s important to note that for this to work the triggered interface must be a NetFlow source that NTA is already collecting data about.

image

2. You’ll want to navigate to the Trigger Condition, Reset Condition, and Alert Suppression tabs and set your percent utilization thresholds as appropriate.

image

3. Click on the Trigger Actions tab and open the Email a web page action.  Fill out your email address and SMTP info and then navigate to the URL tab.   This is where the magic happens!  

The good news is there are only two things you need to worry about changing here from the default.   If you’ve changed your Admin password from the default (blank) then you’ll need to replace the $$Password$$ and $$User$$ with a user with Admin privileges in Orion.   If you haven’t changed the Admin password from the default, it will work without any changes but it’s probably a good time to change that now ;-)

image

4. That’s it!  Here’s what you’ll see in your email.  You’ll notice that the format is optimized for viewing in mobile devices and for email servers that restrict email size.   If you want to change which Top Talker resource details are included, you can go to Admin and Manage Views and edit the NetFlow Interface Details for Alerts view.

image

Ok, so what about those of you that live in the Orion web console and don’t want to leave it?   In addition to the email notification, the default Top Talker alerts include a trigger action for creating an “interface utilization exceeded” event in your Orion Events resource.   This means that your NOC operators and others with access to the Orion Events resource can click on those events and navigate directly to the associated NTA interface details view for deeper troubleshooting.

 clip_image002 

We’d love any feedback you have on this feature!

 

Over the last several years, we’ve been watching IPv6 adoption very closely and talking to a lot of customers to find out what this means for them.   Besides seeing a lot more articles and videos about IPv4 armageddon (this one is an oldie, but goodie), we’ve noticed that there’s definitely a changing trend with customers, especially within the federal government and service provider spaces where IPv6 is no longer just a fuzzy bullet on their long-term IT infrastructure roadmap, but an important requirement that is getting some real attention.   For example, a lot of service providers are wanting to create v6-to-v4 tunnels, which will allow their customers to have IPv6 addresses while maintaining an IPv4 backbone and most government customers have already moved to dual-stack infrastructure.  In all cases, these customers are always happy to know that Orion works just fine monitoring dual-stack network devices and that seems to meet a lot of their short-term IPv6 needs. 

However, having noticed this trend is increasing and given our community-driven need to be as transparent as possible, we thought we’d use this blog post to explain our plans for expanding IPv6 support throughout the Orion product line.   If you’re wondering why we don’t just give you a roadmap slide with a quarter for delivery, please see Fear and Loathing of Roadmaps: Why your PM won’t give you a date.

So, let’s start with what we’ve done already as some of you may have missed this

1. Engineer’s Toolset

  • All of the most popular tools ported to use IPv6 in the WorkSpace Studio introduced in v10
  • All new tools added since v10 are fully IPv6 compatible  

2. Orion Network Configuration Manager (NCM)

  • Both Windows client and website supports dual-stack devices – both IPv4 and IPv6 IP addresses can be entered and displayed for every device
  • SSH, Telnet, and SCP based config transfers (backup and upload configs, execute scripts) on dual stack and “pure” IPv6 devices

3. Orion Network Performance Monitor (NPM) + modules

  • Verified Orion NPM works in a dual-stack environment, including the ability to poll IPv6-specific SNMP statistics on dual-stack devices using the Universal Device Poller
  • Introduced IPAM module with ability to track IPv6 addresses on dual-stack devices

Yeah okay, what have we done for you lately?   Here’s what we’re working on in development as we speak:

1. Orion Network Configuration Manager (NCM)

  • Remaining functionality is being ported to work with “pure” IPv6 devices in 2 phases.   The first phase will include device rediscovery and inventory.  The second phase will wrap up support with status polling and discovery.  

2. Orion Network Performance Monitor (NPM) + modules

  • The level of effort to port all of Orion is non-trivial so in parallel to last several releases, we’ve been busy at work on an enhanced poller that supports IPv6 along with planning for back-end changes to the Orion “Core” database schema and internal components.  Once the new poller work is complete (we’re about 60-70% of the way there), website user interface elements will be enhanced to allow configuration and display of IPv6 addresses 
  • IPAM module team is working on adding the ability to create IPv6 subnets to assist with pre and post IPv6 network deployment planning
  • All module teams are working on porting internal components to support IPv6 so they’re ready when the “Core” of Orion is ready

We hope this helps clarify our position on IPv6 (i.e., we take it very seriously) and ensures you have a better understanding of our strategy and roadmap for meeting your IPv6 monitoring requirements.   If your organization is planning on moving to an IPv6 network, we’d love to hear from you.   Please post to IPv6 - what you’re planning, when, and biggest challenge in making the shift and let us know what you’re planning, when, and what you see as your biggest challenge in making the shift.

PLEASE NOTE:  This is NOT a commitment that these enhancements will make any particular release.  As noted above, we are working on a lot of this in parallel to our standard feature releases.   If you have comments or questions on any of these items (e.g., how would it work?) or would like to be included in a preview demo, please let us know!

 

Orion v10 is now officially GA and we’ve got a lot of great feedback from the community about the the new network topology features.   More specifically, the new ConnectNow feature in Network Atlas, which allows you to automatically draw direct network connections between nodes in maps.   If you haven’t discovered this feature yet, it’s worth checking out a video run-through of ConnectNow by our very own Head Geek, Josh Stephens.

Ok, so we promised you something to tinker with, and if isn’t ConnectNow, what is it?  Well, based on how excited folks got about the topology features in v10, we’ve decided to provide a hands-on sneak preview of some really cool network topology resources we’ve got cooking in dev!   

Mandatory disclaimer:  These resources are NOT supported by SolarWinds and should be considered “SolarWinds Labs” prototypes.  We’re also not guaranteeing a particular release in which they’ll be included.   However, we’d love to get your feedback early so we can consider incorporating any ideas you have ;-)

Here’s how to get started…

Install the resources on your Orion server

1. Make sure your Orion server is upgraded to NPM v10.0 or greater.   The resources won’t work with earlier versions.

2. Make sure you’ve run a scheduled network discovery after your upgrade to Orion NPM 10.0.  This will ensure that network topology data is available in the Orion database for use by ConnectNow and the prototype topology resources.

3. Download the network topology resource zip file from the Orion 10 Topology Resources and save it to your Orion server

4. Unzip the folder contents to your Orion website directory.  By default this is C:\InetPub\SolarWinds\

5. Unzip folder contents to any additional Orion websites you have in your environment.   

Add the resources to your Orion views

1. Navigate to a Node Details View and select Customize Page button.  You’ll find the new resources under the Summary Reports heading.

The new resources are called:

  • Core Network Topology
  • NPM Network Topology

Each may be added to either summary or detail views. 

2. Go ahead and add the NPM Network Topology resource to your view.  Notice that the resource is filtered by that Node, so that only the discovered topology connections between that node and other nodes are displayed.   Note, similar to ConnectNow, you may not see connections listed for a node if it’s not included in your scheduled discovery or it doesn’t support the BRIDGE MIB required to retrieve topology information.

image

Start tinkering and posting feedback

We hope you find the new resources valuable and we’re really looking forward to your feedback.  As noted above, you can’t call support but we’d love it if you could post any comments, questions, etc. to Feedback on prototype network topology resources

 



In a previous post, we covered Community works! - A simpler way to manage Orion email alerts based on an idea we took from the community.   Now it’s time for us to give back with an enhancement that, once you use it, you may wonder how you ever lived without it ;-)

Imagine this scenario, or perhaps, just look at your email if you’ve got that in front you.  You’ve received an alert notification that a node is experiencing issues.  What’s your typical next step?   For most users, it’s to open their Orion website, find the node, and drill down to the node’s details view to start investigating. 

The problem is this felt like one too many steps for most of you.  Why can’t you just drill down from the alert?   To solve this problem in Orion 10.0, we’ve added several new advanced alert variables that allow you to include a drill-down URL to the object referenced in the alert.  

Here’s how to use them…

1. Open Advanced Alert Manager (Start > Program Files > SolarWinds Orion > Alerting, Reporting, Mapping).

2. Click Configure New Alert to bring up your list of alerts and edit an existing alert or create a new one.

4. Navigate to Trigger Condition tab.  Notice the Type of Property to Monitor field is set to Node.   This is important because this allows you to reference the alert variables associated with that property type.   For example, if you wanted to alert on an Orion APM application or component monitor and reference those variables in your alert notification, you’d want to change this accordingly. 

image

4. Navigate to the Trigger Actions tab and select Send an E-Mail / Page.

image

5. Select the Message tab and click Insert Variable and you’ll see a list of variables to choose from.   Notice that NodeDetailsURL is now available (Yes, I almost cried the first time I saw it too).

image

6. Select Build Selected Variable and it will be automatically inserted in your email.   Now, when this alert triggers, this alert action will parse the variables and automagically include a direct drill-down link to the node the having problems in your email notification.

image

Still not impressed?   The good news is we didn’t stop with just the node URL drill-down variable.   This same approach works for interfaces, VMware machines, applications, monitors, etc.   As you install Orion modules, more URL drill-down options will be automatically added to your list of variables!

Well, we’re hopeful we’ve fulfilled at least part of our karmic duties with this new feature, but please try it out and let us know what you think!

 

With Orion NPM 10.0 (currently in Why Should I Care About Release Candidates? phase), we’ve extended NPM’s virtualization monitoring support to VMware ESXi and vSphere 4.0 (a.k.a., ESX 4.0).  This is in addition to NPM’s existing support for VMware ESX 3.5.   We’ve heard from a lot of customers that are excited that they’re now able to monitor their entire VMware Host stack (ESX 3.5, vSphere, ESXi) from a single pane of glass.  However, the next logical question for many of them was how do I get all of my VMware infrastructure to show up on a single dashboard view?  Well, the good news is whether you’re looking to create a dashboard to appease management, other teams (e.g., the app and server folks), or you just want to show your Mom how virtual you are, it’s possible in Orion today with just a little elbow grease.   Here’s how…

First, you’ll want to create a new Orion view for your VMware dashboard

1. Navigate to Admin > Manage Views

2. Click Add View and enter a dashboard name (e.g. My VMware Dashboard) and click Submit

image

3. Use the “+” icon to add the All Nodes Resource and several custom HTML resources.   Add as many of the custom HTML items as you think you’ll need to display graph data from different ESX servers.

image

4. Click on 'Preview' and this new view should come up in a new window. You should see your All Nodes resource and all of your Custom HTML resources.

image 

Next, customize your new VMware Dashboard view to show data from your ESX servers
1. Click Edit on your All Nodes resource and change the title to “All ESX Servers”

2. Enter MachineType='VMware ESX Server' into the Filter Nodes (SQL) field and click Submit

image

3. Using another browser window, open the Orion website and navigate to the first ESX server you want to show data for in your dashboard

4. Find a graph you’d like displayed on your dashboard and click on the graph title to open it in a new window 

image

5. In your browser, click on 'Show page source' to see the HTML code for the graph (e.g. in Firefox, use View > Page Source).

6. Do a text search for “img src” until you find something like the following:

<img src="/Orion/NetPerfMon/Chart.aspx?ChartName=VMNetworkTrafficArea&Title=&SubTitle=&SubTitle2=&Width=640&Height=0&NetObject=N:195&CustomPollerID=&Rows=&SampleSize=60M&Period=TODAY&PlotStyle=&FontSize=1&NetObjectPrefix=N&SubsetColor=&RYSubsetColor=&ResourceID=34&ShowTrend=True" />

7. Copy this line including the closing “/>”

8. Go to your other window that has the preview of your VMware dashboard and click Edit on the custom HTML resource where you want that graph to appear.

9. Paste the html code into the ‘raw HTML’ field, change the titles as appropriate, and click Submit.

image

10. Repeat this process for every ESX server graph you want to appear on your dashboard. You’ll notice in my dashboard below I’ve included several gauges from different ESX servers in addition to graphs.

image 

Finally, add your new VMware Dashboard view to your menu bar so you can easily navigate to it

1. Now that you have the items on the dashboard that you want to display, copy the URL address from your browser (e.g. /Orion/SummaryView.aspx?viewid=29).  

2. Navigate to Admin > Customize Menu Bars

3. Edit “Admin Menu Bar” and click Add New at the bottom left

image

4. Enter in a name for the menu bar item, the view URL you copied from the previous step (/Orion/SummaryView.aspx?viewid=29), and a description

5. Click OK and then drag and drop your VMware Dashboard menu item onto Selected Items list on the right

image 

6. Click Submit and you should see your new VMware Dashboard link appear on the menu bar

image

And, you’re done!!

Fear not, we’re certainly looking at streamlining the process moving forward…but, in the interim, isn’t it nice to get what you want today? And, the good news is once you’ve mastered this process, you can use this exact same approach for accomplishing many other use-cases (e.g., showing multiple data from multiple interfaces on the same page).  

If you’ve got other cool dashboard ideas, we’d love to hear them!   Please post them in comments.

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

While working on Orion NetFlow Traffic Analyzer (NTA) v3.5, our dev staff spent a lot of time analyzing your packet captures.   What they found was really interesting!   On many networks, up to 95% of all network traffic (i.e. Top Talkers) can be captured and analyzed from as little as 4% of the total amount of Flow data received from monitored Flow sources. 

So, if you are primarily using Orion NTA to determine the "top talkers" on your network, you are probably storing a lot of unnecessary data in your Orion DB. As a result, your Orion DB may be unnecessarily large and the load times for Orion NTA resources and reports may be unnecessarily long.

Have no fear!   With Orion NTA v3.5 and v3.6, you can enable Top Talker Optimization to significantly improve the performance of your installation!

Existing v3.5

If you’re using NTA v3.5, you can still manually enable Top Talker Optimization by following the steps outlined here.

New to v3.6

If you’ve installed NTA 3.6 from scratch, Top Talker Optimization is already enabled - nothing more for you to do!  

Upgraded to v3.6

You can enable Top Talker Optimization to significantly boost the performance of your installation in just two easy steps:

1. Navigate to NTA Settings in Orion Admin area

2. Set Top Talker Optimization to 95%

image 

That’s it!  

NOTE:  If this is an existing DB, configuring Orion NTA to keep compressed data for 14 or fewer days can accelerate the effectiveness of Top Talker Optimization. You can change this by navigating to NTA Settings in Orion Admin area and change Keep compressed data for XX days to 14 or less.  Allowing Orion NTA to run in this mode for a couple of weeks, or at least longer than the number of days provided, will ensure that all the old, unnecessary compressed Flow data you collected prior to enabling the Top Talker Optimization is flushed from your Orion database. After the old compressed Flow data is deleted from your database you should see noticeable performance improvements in Orion NTA resource load times.

So, to close out this post, let’s answer the million dollar question…what does Top Talker Optimization buy you as far as max flow rate?

Well, here's a reference implementation from a customer who's been able to obtain 40,000 flows per second and 60,000 flows per second in peak.   That’s over 3 million flows per minute!! 

  • Orion Server
    • Intel Xeon Dual Quad Core @ 2.00GHz
    • 4.00 GB of RAM
    • Disks – DELL PERC 5/I
    • 6 136GB 15K – RAID 5
    • 8706 elements
    • 279 NetFlow interfaces (spread across 6 devices)
  • Additional Poller 1
    • Same HW as Main
    • 9309 elements
  • Additional Poller 2
    • Same HW as Main
    • 10893 elements
  • SQL Server
    • Server 2008/SQL Standard 2005
    • Intel Xeon Dual Quad Core @ 2.50GHZ
    • 8.00 GB of RAM
    • Disks  -DELL PERC 6/i
    • 2 300GB 15K – RAID 1 (Operating System & DB Log)
    • 4 300GB 15K – RAID 10 (DB files)

We’d love to hear about how Top Talker Optimization is working for you.   Post your story here.  

 

First of all, mad props to byrona for Using a Macro for email alerts in Advanced Alert Manager tip with the community.  I know there’s a lot of you already using this simplified email alert management trick, but I wanted to make sure to spread the word just in case.

Here’s how it works.  Instead of configuring static email addresses in the To: field of your Orion Advanced Alert notifications, use a variable (a.k.a macro).   The value of this variable can be a custom property.  

image

In byrona’s case, he wanted to have emails sent to the “Primary Contact” or owners of each of the nodes in the event of an issue, so he created a custom property called “Primary Contact” and entered this value for each of his nodes.   Then, when setting up alerts, he used the ${Node.PrimaryContact} variable to specify the To: address.

Simple, right?  But, you wonder as you lie awake at night, what happens if the Primary Contact hasn’t been filled in on some nodes?  Does alerting die slowly?  Well, as Re: Using a Macro for email alerts in Advanced Alert Manager verified, blank fields don’t break email alerts.  The emails just don’t get sent out for those nodes.  Sleep well.

If this gives you a few minutes back in your day and you want some community karma for yourself, please don’t be shy, share your tips and tricks with the community!

 

We believe that CBQoS and NetFlow go together like peanut butter and jelly, but several of you commented that it was frustrating that you had to enable NetFlow on the interface to drill down to see CBQoS data.   Who are we to dictate how you like your CBQoS?   Well, the good news is with Orion NTA 3.6 you can have it any way you like it.

If you’ve upgraded to NTA 3.6, you’ll notice there are now two LAST RECEIVED columns in the NetFlow Sources resource:

image

 

As long as one of the LAST RECEIVED columns has a date/time stamp, then drill down is enabled and you can navigate to the respective interface details views.   You’ll notice that in the screen shot, Cur-3725 is not receiving NetFlow, but it is being polled for CBQoS data.

What if you don’t want to store all that CBQoS data in your database? Also new in 3.6, you can disable CBQoS data storage on specific interfaces.  Navigate to NTA Settings and click Manually Manage NetFlow Sources. You’ll see a dialog like this where you can check the boxes for both NetFlow and CBQoS.

image    

We’re busy What we're working on... to CBQoS polling, so stay tuned and keep the great feedback coming!

 

 

Technorati Tags: SolarWinds,Orion,NetFlow,CBQoS,NTA

Filter Blog

By date: By tag: