Skip navigation
1 14 15 16 17 18 Previous Next

Product Blog

646 posts

New Engineer's Toolset 10.9.1 has just arrived. The upgrade is available for free for all Toolset customers under active maintenance and can be downloaded from the SolarWinds customer portal.

 

The 10.9.1 comes with following list of improvements:

 

•  TraceRoute tool Changes.

    • Added SNMP Support
      • Additional columns can be displayed for devices which support SNMP
      • User can enable/disable SNMP Discovery
      • SNMP credentials are provided by common Credential Managment
    • Context menus over columns were enhanced
      • Right-click over IP Address column allows user to run some tools.
      • Right-click over other columns allows user to choose displayed columns
    • 0.0.0.0 addresses are not displayed in results

• WorkSpace Studio

    • Export is now possible from IP Network Browser (WSS)

• Neighbor Map

    • Export Neighbor Map to Visio

• Proxy Ping

    • Deprecated the old version and implemented a new one.
    • New version adds support for IPv6
    • Supports Cisco, Juniper, Mikrotik and Extreme Networks

• SCP Server changes

    • Existing files of the same name are renamed during an upload
    • Is now FIPS supported
    • Support for DSA Keys

• Licensing upgraded to GEN3

 

Notable Bug Fixes in 10.9.1

 

• Issues with Neighbor Map (250173, 186932)

• Port Mapper - In correct VLAN ID displayed (156029)

• Port Scanner - Maxes out on 65,000 port scan (218038)

• Port Scanner - Crashes (222332, 218038)

• Bandwidth Gauge –Historical Statistics issue fixed (175923)

• Config Viewer –  SNMP community first character cut off (184082)

• Compare config Tool error out when logged in as a standard user (240296)

• Subnet Calculator – Resulting in wrong subnets (243226, 228460, 222771)

• Switch Port Mapper -  Does not work with Cisco Nexus 5000 (197087)

• Switch Port Mapper -  Does not show MAC Addresses  (204097)

• Switch Port Mapper -  Incorrectly displays MAC Addresses  (233180)

• Switch Port Mapper -  Fails to export to CSV format (250453)

• Workspace Studio - Crashes (236890, 236888)

• TraceRoute - Crashes when hostname is not resolved (233322)

• Cannot add nodes to Bandwidth Gauges, with Non Admin user rights (234987)

• WorkSpace Studio -  Interface Chart % Utlization Rx+Tx faulty logic (245706)

• SNMP Real Time Graph - Displaying duplicate column names (250074)

• Watch It - Gives a Run-Time error after exiting the application when log in as a standard user (241675)

• Advanced CPU Load - Not showing Call Manager 7 data  (184082)

• Netflow Real Time - Fails to launch when toolset is installed into a user defined custom folder (251815)

• After upgrade toolset takes ages to load (193803)

 


So, what are you waiting for ? go ahead and download the General Availability 10.9.1 bits from your customer portal today !

I believe Bronx summed it up perfectly when referring to this release as SAM 6.OMG; because that's precisely the kind of reaction and enthusiasm we receive anytime we have an opportunity to show it off. Those lucky few who've had an opportunity to play with some of the early betas first hand have been champing at the bit in eager anticipation for the opportunity to upgrade their production installations of SAM to version 6.0. Well that time has finally arrived.So without further ado I would like to extend a personal invitation to all Server & Application Monitor customers under active maintenance to sign-up here to download the SAM 6.0 Release Candidate.

 

Please note that Release Candidates are provided as early availability access to the latest release. They are treated no differently than GA releases, in that Release Candidates are fully supported in your production environment, and the SolarWinds technical support team is available to aid and assist with any problems you might encounter.

 

If you haven't been following the SAM beta blog postings here in the Product Blog, I'll give you a brief rundown of some of the exciting new features included in the SAM 6.0 Release Candidate.

 

Real-Time Event Log Viewer

 


The Real-Time Event Log Viewer, as the name suggests, is a web based version of Windows own Event Viewer. This tool allows you to troubleshoot and diagnose application and server related issues occurring on the remotely monitored host in real-time, without the need to remotely connect to the server, log-in, and launch the Windows Event Viewer. Once you've isolated and identified the cause of the issue, you can then easily create a Windows Event Log Monitor from within the Real-Time Event Log Viewer so you can be alerted if this issue occurs again in the future. Simply select the event(s) you'd like SAM to continuously monitor, click Start Monitoring, and the wizard begins. It's just that easy.

 


Asset Inventory

 


In this 6.0 release we extend SAMs hardware health monitoring, introduced in v5.0, to include a much broader array of additional server asset inventory information. This allows SAM to collect all relevant information necessary for asset depreciation, insurance, and support. However, this feature also provides a wealth of additional information you'll likely find useful in your everyday tasks. Some such examples include reporting on software installed for license tracking, or what operating system updates have been applied to the server; by whom, and when they were applied.

 

Information from SAMs Asset Inventory collection can even be programmatically synchronized with other CMDBs using the Orion SDK. If you don't already have a dedicated CMDB, the inverse is equally true. SAM 6.0 allows you to either manually or programmatically populate and report upon non-pollable information in the Orion database, such as the original purchase price, purchase date, rack location, etc. Need to track and report upon other asset information? No problem. Add additional fields to track whatever information you need, such as "in service date",  who the server was originally purchased from, or anything else for that matter.

Server Warranty Expiration.png

 

Custom Asset Information.png

In my previous blog post regarding server asset inventory collection, cwestwater suggested that it would be helpful if SAM was able to automatically track and maintain the servers warranty status and warranty expiration dates. And we agreed. So in addition to gathering all kinds of useful asset inventory information about the physical and virtual machines SAM 6.0 is monitoring, SAM will also monitor the warranty status of your physical servers. Provided your Orion server has access to the internet, this is all done automagically by periodically checking the status of each servers warranty against Dell, HP, and IBM's online warranty validation servers. This allows SAM to alert you when your servers warranty is due to expire. You'll also find a new Server Warranty Summary resource (pictured above) that provides at-a-glance warranty status information for servers where the warranty has expired, is due to expire soon, and those next closest to expire.

AppInsight forSQL


Much of the buzz surrounding the SAM 6.0 release is associated with a radical new concept we've dubbed "AppInsight". Beginning with Microsoft SQL Server, AppInsight's focus is to provide unparalleled monitoring depth and visibility around a given application, while simplifying discovery and reducing overhead associated with continuous monitoring.

 

It is our belief that SAM can provide a truly multi-vendor "best of breed" application and server monitoring experience, previously only possible by deploying numerous dedicated point products. Unlike these "point products" however, AppInsight is a tightly integrated solution built into SAM to provide a single pane of glass view into the health and status of all your servers, and the applications that run on them.

 

For example, AppInsight for SQL provides visibility into who's connected to the SQL Server, how long they've been connected, and from where (host name or IP address) they're connected. Need to know who's actively using the SQL server, not just who's connected, before taking it out of service for maintenance? No problem. Within that very same resource you will discover exactly how long each of user has been idle.

 

AppInsight for SQL gives a unique view into your database's storage usage, allowing users to easily understand the size of each database file, the percentage of white space in the file, as well as calculating in the free space remaining on the volume if auto-grow is enabled. This allows AppInsight to alert you before your database runs out of space, regardless if it's a fixed database size running out of white space, a database file that's configured to auto-grow to a configured limit, or even if the database is configured to auto-grow until it runs out of space on the drive. No matter how your database's are configured, AppInsight for SQL has you covered.

 

Whether you're new to SQL, or a seasoned veteran DBA, the SQL error log is one of the first places you're likely to turn your attention to identify common issues with Microsoft SQL. The SQL Error log contains important troubleshooting information such as, client connectivity issues, backup failures, end of recovery after a restart, DBCC Events, reconfiguration of server or database options, non-yielding schedulers, stack dumps, autogrowth failures, delayed IO events, etc. With AppInsight for SQL this information is right at your fingertips, located conveniently on the Application Details view of each monitored SQL instance.

Top 10 Databases By Active User Connections.png
File By Size.pngSQL Errors.png

Speaking of backups, and other regularly scheduled reoccurring tasks like database shrinks, AppInsight for SQL also includes SQL Agent Job Monitoring. Never again be caught blindsided because a scheduled SQL Agent Job failed to run properly. Better still, understand when, and for how long, SQL Agent Jobs are running to minimize their impact during business hours. These are just a few of the features included with AppInsight for SQL in SAM 6.0.

 

So how is AppInsight for SQL licensed anyway? What does it cost? Is it another module? An add-on?

 

AppInsight for SQL is built-in to SAM 6.0 and does not require the purchase of any additional modules or add-ons. Despite monitoring well over 100 unique SQL Server instance metrics, and more than two dozen key performance indicators for each database, AppInsight for SQL consumes a mere 50 component monitor licenses per-SQL Server instance. Now that's news everyone can be excited about!

SQL Agent Job Status.png

Processes and Services.png

Threshold Baseline Calculator


Believe it or not, there's still plenty of additional new features included in the SAM 6.0 RC I still haven't covered yet. One of these features is the all new Threshold Baseline Calculator. For a several years now we've pre-populated warning and critical thresholds within the application templates included in SAM. These thresholds have been based upon the individual vendors best practices for the given application. There are however many circumstances where this "one size fits all" approach to thresholding simply isn't appropriate, or accurate. The most typical reason why "one size fits all" thresholds doesn't always "fit all" is due to size and scale of an organization and their application deployment.

 

Let's take the example of Message Queue Length in Microsoft's Exchange for an organization with 10,000 or more employees. It might not be unusual for an organization of this size to see the number of messages queued for submission rise above 100 or more on occasion. However, if a small business of  25 or fewer employees saw the same Message Queue Length, at or around 100 messages queued for submission, it would be likely be an indication of a serious issue with the transport service failing to deliver messages properly. That's because for an organization of 10,000 or more employees, having 100 messages simultaneously sent or received within a given time frame isn't too terribly difficult to fathom. On the other hand, for an organization of only 25 employees, that same feat would be extremely unusual. This is just one example of how thresholds for performance metrics don't always "fit all".


For this reason (and countless more examples just like it) the Threshold Baseline Calculator in SAM 6.0 was born. Located from within the Application Editor, directly next to any threshold field you will find two new options. The first, "Use Latest Baseline Thresholds" calculates and applies recommended warning and critical thresholds for the selected metric based upon the last seven days of statistics collection (the baseline). Some might consider this a "blind faith" approach to thresholding that more closely resembles a random number generator, but fret not. There's a science behind where those numbers came from; and for all that detail and more you need only click the "Latest Baseline Details" link that lies just beneath the "User Latest baseline Thresholds" button.

 

http://thwack.solarwinds.com/servlet/JiveServlet/showImage/2-207334-11847/Threshold+Basline+Calcuator.png

 

Upon clicking the "Latest Baseline Details" link (pictured above) you will see a chart which displays the occurrences of statistic values returned by the selected component. This is a visual representation that allows you to easily digest all of the values collected during the baseline period to gain an understanding of what is considered "normal" for this metric in your environment. You have the option of selecting/deselecting typical business hours (8am-6pm Monday-Friday) as well as nights and weekends, or view the cumulative total for entire time period. Overlaid on the chart are the color coded red and yellow banding that represent how the recommended warning and critical thresholds relate to the baseline data. This provides a quick and easy way of determining the number of times you would have been alerted during the baseline period depending how your thresholds were defined.

 

Latest Baseline Details.pngIf embracing your inner statistician isn't your thing, you can also choose the more familiar "Metric over time" from the top most tabs, which displays the typical historical chart view with visual warning and critical thresholds included.

 

Thresholds are calculated using standard deviation, as represented by the sigma "σ" symbol in the table header above. By default 2 standard deviations are used for warning, and 3 standard deviations are used for critical thresholds above or below the mean/average depending upon which operator is selected (greater than/less than). Clicking on any number in the table provides you the option of setting the selected value as either the warning or critical threshold. This also dynamically updates the visual yellow and red banding representing warning and critical thresholds in the chart above the table. At any time you may click the "Reset to Recommended Thresholds" link to return values selected in the table, and represented in the chart above to those recommended by the Threshold Baseline Calculator. You may also click the "Cancel" button to revert any changes made and return to the Application Editor.


Armed with a better understanding provided by the Threshold Baseline Calculator of what is typical/average for a given metric you can make educated, informed decisions as to how warning and critical thresholds should best be defined for your environment.

 

We think you'll agree that this has shaped up to be an outstanding release of Server & Application Monitor. If you've been one of the many patiently waiting for this moment to come, we'd like to welcome you to sign-up here to download the SAM 6.0 Release Candidate now.

 

Please note that the SAM Release Candidates is available exclusively to those running previous versions of SAM or APM under active maintenance.

I'm very happy to share with you that we have officially reached Release Candidate (RC) status for Serv-U FTP Server and MFT Server v15.  The contents of this release contain exciting new features and improvements, namely,

 

  • File sharing in Serv-U MFT Server
  • New web client user interface
  • Rebranding of the user interface
  • FTP Voyager no longer requires an activation key

 

You can download the RC in the Release Candidate section of your Customer Portal. If you have any questions I encourage you to leverage the Serv-U Release Candidate RC group on thwack. RC is the last step before general availability and is a chance for existing customers to get the newest functionality before it is available to everyone else.


File Sharing

 

All of us need to occasionally share a file with a partner, colleague or a customer (we call them Guests in File Sharing, or someone who does not have an account in Serv-U). File Sharing is a great new feature of Serv-U MFT Server which helps you to share small or large files without email limitations, temporary accounts or any administrative hassles. It allows you to have your own on premise file sharing service. File Sharing is meant as a temporary storage for simple web-based file sharing. Guests will simply receive an email with the link allowing them to download or upload files. If you wish you can also send links via IM, social networks or by other means.

 

First you need to enable File Sharing in the Serv-U Management Console. You can configure settings on the global level in the Server Limits and Settings section or per domain in Domain Limits and Settings.

 

On the screenshot below you can see the simple configuration settings for File Sharing. You can define a URL for the File Sharing, you set a folder where all shares will be stored and you can also define how long expired shares should last before Serv-U deletes them permanently. If you wish you can also define a template for emails received by Guest users, enable or disable usage of SSL and most importantly enable/disable the entire File Sharing feature.

 

Managmenet_Console_marked.jpeg

 

After you enable File Sharing you can find the link to the File Sharing UI in the bottom of the management console next to the FTP Voyager JV and Web Client links.

 

File-Sharing_link_from_MC_marked.jpeg

 

As a regular user you can choose the File Sharing UI during login or click on the upper menu in the new Web Client UI.

 

File-Sharing_link_from_WC_marked.jpeg

 

In the home page of File Sharing you can see the last 5 shares for requested files and sent files with some basic information about each share like date share was created, name of the share, email address(es) of Guest(s), status of share, expiration date and so on.

 

FS_homepage.png

 

If you wish to start with sharing files simply click on "Request Files" or "Send files" in the menu to create a share. Let's first send some files to a Guest. After clicking on Send Files, you are presented with a form with basic settings for the share. You need to define one or more email addresses. You can change the default Subject line of the email which will be sent by Serv-U.

 

Then you can briefly describe what data you are sending and change your email address if it's different from the default. Since a share is only a temporary storage, you have to define the expiration time which is up to 90 days. This is to prevent filling up your storage with shares.

 

You can also ask Serv-U to send you notification when the file is downloaded by a Guest so you know immediately and can follow-up. Additionally you can also protect shares with passwords. When you are done click "Next".

 

Send_File_Form.png

 

In the next step you simply choose files to upload, click Upload button and you are done. The share is created, notification email is sent to the Guest user(s) and you can close the confirmation screen by clicking on the Done button.

 

You can request files for upload in the same way by clicking on Request Files in the menu. After that a similar form is displayed as for sending files. You configure your share (when requesting files you can also limit individual size of files uploaded) and this time click on Send Request and your are done.

 

Request_File_Form.png

 

After you create a share, an email is sent and the Guest user can click on the link in the received email. If the share is password protected, then the Guest is asked for a password and after entering it, it's as simple as clicking on the Download All button or choosing files to upload.

password_field_in_Guest_UI.pngGuest_UI_upload.png

 

 

New Web Client UI

 

With the new File Sharing feature, which as you noticed is using a new, cleaner UI, we also redesigned the Web Client UI. It is now cleaner, faster and behaves more like Windows Explorer.

 

WC_UI.png

 

FTP Voyager is now FREE!

 

FTP Voyager is a powerful FTP client with many great features like scheduler. We decided to make it a free product! We removed all references to purchase or any licensing constraints. Go, download FTP Voyager now from the customer portal and enjoy its rich functionality!

 

Download Serv-U v15 RC, which is availble in the Release Candidate section of your Customer Portal.

 

If you have any questions I encourage you to leverage the Serv-U Release Candidate RC group on thwack.

We are pleased to announce the general availability of SolarWinds Web Help Desk 12.0.1. This is a service release, which contains number of improvements and fixes. Namely,

 

  • Installation issues with non-standard installations
  • Friendlier and more informative messages during installation and upgrade
  • Certificate issues on Exchange when running SSL.
  • Upgrade and migration issues.
  • PostgreSQL service does not start on Win2003.
  • E-Mail account type label includes Exchange 2013.
  • Exception when deleting an attachment.
  • Upgrade fails when IP Address is bound in WHD.conf.
  • Unable to create ticket notes using API.
  • Escalate privileges to admin when running WHD scripts in Windows.
  • WHD discovery Engine (WMI) ignores XP machines.
  • Escalate privileges to admin when running WHD installer.
  • Performance issues with SAVE operation on notes.
  • Installer blocks on maintenance expired.
  • Discovery engine not collecting HDD info.
  • Additional logging during migration.
  • Call uninstallation of whd from installer.
  • Update installation script to be HDD independent.
  • Verify previous installation of WHD.
  • Windows installation on different HDD.

 

You can view the full set of release notes here.

 

Download Web Help Desk now and have fun!




We have a new "What We're Working On" post. Click here for the new post.








We shipped v10 mid year, added mobile access for your iOS devices and last month we added support for Android OS based devices.  We're now working on the next release. 


Here is a list of what we're working on:

 

  • Remote control 'over-the-internet' to support remote control scenarios outside the LAN.
  • Centralized Server for both DRS.  This will provide the following benefits:
    • Central console to setup and manage centralized functionality
    • Centralized and easily accessible host lists
    • Drastic simplification of SolarWinds offline license activation and license management
    • Ability to search host lists
  • Native OSX agent
  • Native Web Help Desk integration
  • Ability to reboot a system into safe-mode and connect with MRC
  • More granular connection and client agent security
  • Session recording either ad-hoc or forced to a central location
  • Reverse screen sharing
  • Advanced Centralized Functionality
    • Ability to restrict / grant access to various DRS functions via user profile / policy
    • Ability to push MRC agents and agent updates
    • Ability to push DRS consoles
    • Leverage Active Directory/LDAP for authentication as well as access control based on groups
    • Centralized MRC agent configuration management
    • Centralized access logs for auditing



PLEASE NOTE:  We are working on these items based on this priority order, but this is NOT a commitment that all of these enhancements will make the next release.  We are working on a number of other smaller features in parallel.   If you have comments or questions on any of these items (e.g. how would it work?) or would like to be included in a preview demo, please let us know!

We have been keeping an eye on the discussions here asking for improvement in terms of network traffic analysis, beyond what MIB 2 (Interface traffic) and Flow technology (NetFlow, sFlow, jFlow...) have to offer.

And we recently saw that NBAR support was voted #1 enhancement request for NTA - the Network Traffic Analyzer (see more about SolarWinds Network Traffic Analyzer here)
As we were thinking about this, we wondered whether the requirement was basically for NBAR - period - or if this was the sign of a larger requirement for better tools to ananalyze your traffic.
For example, we did a Traffic Analysis survey, asking if you used DPI-type solutions and we discovered that a large proportion was using Wireshark (not really a surprise, but was a good confirmation) or any other form of DPI product
DPI solutions used by SolarWinds customers.PNG
Also, I recently talked to some of you and confirmed that a significant proportion (actually higher than what the above chart suggests) either had a Deep Packet Inspection (DPI) solution in place (Riverbed Cascade/Opnet, LanCope, ...) or had this in their budget for this year.
So all this fueled a lot of thoughts and raised some questions on our side, on which we'd really appreciate your comments and answers:
  • Does Wireshark meet most of your needs?
  • Do you need Advanced Traffic Analysis for environments other than Cisco, where solutions like NBAR may not be available? In other words, do you need a vendor-agnostic solution?
  • All of you who own a DPI-type solution, mentioned their (prohibitive) cost as an issue. We are convinced that you don't need to be an Enterprise, able to spend $200K or more on these solutions, to really need them. Small and medium-size businesses also encounter challenges with their traffic which require deep analysis.
    Is it time for SolarWinds to commoditize that market and offer 80% of those features for 20% of the cost?

Before I'll let you go and express your thoughts and describe your experience, here is a bit more on how we think about this problem.

What are the needs for Advanced Traffic Analysis?

We see mainly 4:

Breakdown my traffic by application and user, like Netflow does ... but better

As convenient as Netflow technology is, it actually does a pretty average job at identifying your applications (unless you deploy Flexible Netflow):
    • Limited to static ports. Any app using dynamic ports will be invisible to (Net)flow technology
    • Ignores that many application use port 80 to go through firewalls and are actually NOT HTTP / Web applications
    • Is unable to identify reliably true Web applications: either because (Net)flow does not inspect the HTTP header and does not do URL extraction. Also, content networks such as YouTube.com (owned by Google) are identified by the Content Distribution Network they use as opposed to the Web site they really have (e.g. 1e100.net for YouTube.com...).
      See this typical question we have, pointing to this great post explaining why (Net)flow is really not the ultimate weapon and why Flexible Netflow is not the panacea either.

 

I need an aggregated view of the Quality of Experience rendered by my applications to my users

In a perfect world, users experiencing slowness in their application will open a ticket or send an email, and IT will know about it. But the world is not perfect and how many IT engineers discovered the hard way, as they were thrown under the bus by an email from a user to the CIO, that the QoE offered by IT is actually not that great, despite what they thought?

Of course there are solutions to simulate users connecting across the network (E.g. SolarWinds VNQM, based on Cisco's Ip SLA technology) as well as simulate the details of their transactions on their mission critical applications (e.g. SolarWinds WPM), but those are based on simulations and do not reflect the true experience of users.

Wouldn't it be great to have a dashboard looking at the traffic of all your users connecting to their applications and calculate the latency they REALLY experience and reporting this in near real-time, or on a daily, weekly, monthly, quarterly basis?

 

I need help troubleshooting slow access to applications

Your users are complaining about slowness when accessing some application? (or a QoE dashboard, as presented above, is keeping you informed about that)

The first things people do is use the basic tools they have, to try to troubleshoot:

    • Look at saturated interfaces that can explain slowness. Then go to  (Net)flow information to understand the nature of this traffic and see what non mission-critical traffic could be removed to avoid the saturation moving forward. The problem with this, is that a) it's not always easy to identify all interfaces on the path from the impacted user(s) to the application and b) excess of traffic is not always the cause of the slowness
    • Look at the devices along the path - from the switch the user(s) is(are) connected to, up to the server this application resides one, via all WAN routers - and see if any experience poor health explaining the slowness (CPU, memory, IO...)

Decent start, but what if this does not answer the question?

What if it's a mis-configuration? What if it's one particular transaction of this application, out of dozen, that is slow, how do you figure which one? What if the slow application is actually spread across multiple-tiers (application server, database, storage...) and what you thought was a "simple" analysis of the path between the user and the application server, happens to be more complicated and involve several back-end servers?

All these more complex but unfortunately real-life examples, are almost impossible to troubleshoot with the basic tools.

 

Security is key for us and I need to know exactly what peole do on my network

Who is accessing internal file shares? From the outside of my network, really?

How about browser-based file shares (e.g. dropbox)? Is last amount of internal material being copied over to those?

Are your users downloading copyrighted content from P2P media and storing it on company-owned asset, e.g. their workstation?

Do you have unusual traffic from unexpected countries? What is this traffic about?

You already have an Advanced Traffic Analysis (e.g. DPI-based solution)? Tell us what you think about it...

  • What use case(s) does it meet for you (from list above or other)?
  • Do you consider it cost effective?
  • How important is it to have these products integrated to platform such as an NMS / IT infrastructure management platform such as Orion?
  • Would you consider a solution integrated to Orion that would address your most important need at a fraction of the cost? Or do you need the full power of those expensive solutions? Tell us what the minimum bar is!

 

How does encrypted traffic impact the effectiveness of your Advanced Traffic Analysis (e.g. DPI-based solution)?

 

If you currently run some form of Advanced Traffic Analysis product (e.g. DPI-based solution), how does encrypted traffic impacts it.

Did encrypted traffic dictated where you deployed your packet capture probes? Are there areas of your network that carry encrypted traffic that you are blind on due to that?

 

Sniffing traffic, ok, but which one?


Let us know about your most important traffic types, on which to perform Advanced Traffic Analysis:

  • A) LAN traffic on corporate / Data Center (internal)
  • B) LAN traffic on remote site
  • C) WAN traffic (general)
  • D) WAN optimized traffic (e.g. Cisco WAAS, Riverbed, Bluecoat)
  • E) VM to VM traffic
  • F) Load balanced traffic (e,g, Cisco ACE, F5)
  • G) Virtualized traffic (e.g. analyse traffic in/out of an application hosted by a Cloud SP)
  • H) DMZ traffic

 

Sniffing traffic, ok, but how?

 

Agents, span or Tap or RITE?

  • The agent-based technique is about running agents on the OS - virtual or not - that hosts your mission critical applications. If your focus is the traffic that goes to your applications (as opposed to look at all traffic including the fully meshed opne that goes across all your sites sites), then agents are a good solution because they make the 3 techiques below unnecessary, but they require an invasive action on your OS by adding a component to it: what CPU/memory do they consume on the OS? Are they really only looking at the traffic? How do we upgrade 100's of them that are deployed on yuour server farm...
  • The Port Spanning / Mirroring technique is basically about high-jacking one port from your switch and dedicate it for mirroring all or part of the entire traffic of the switch. Then the management product listens to packets from this port and performs analysis, storage...

Pretty simple, because most switches support this now, just a commend top issue and a cable to connect and you can start drinking from the fire hose; but may have an impact on the switch and can't guarantee 100% packet captured on very heavily loaded switches.
Note that spanning a port is possible on a HW switch but also on a vSwitch within a virtual environment

  • Network Taps are basically pieces of hardware that you buy to replace the switch for this function (capturing packets). They are placed inline and have no influence on the switch and pretty much capture 100% of the traffic.
  • RITE - Router IP Traffic Export, is a Cisco technology like spanning a port on a switch, except that it's done on a router. Again, easy to deploy since it leverages an existing device, but it impacts it and won't work great at high speed. See this nice and short blog post

 

Tell us about your experience, your preferences, what's allowed and not allowed on your networks, as far as capturing packets for Advanced Traffic Analysis.

 

 

 

We have officially reached Release Candidate (RC) status for Network Configuration Manager 7.2. RC is the last step before general availability and is a chance for existing customers to get the newest functionality before it is available to everyone else.

 

Here is the content of this RC version:

  • Continue moving functionality from Win32 client to Web UI
    • Job management (Windows Task Scheduler not used anymore)
    • Config management (edit, delete, set baseline)
    • Possibility to test device login credentials
    • Import config from file
  • Provide End-of-Life information for managed devices.
  • Multiple global connection profiles
    • Define multiple connection profiles (device credentials, protocol, port etc.)
    • NCM will try which of the predefined connection profiles works for a device (configurable per device)
  • The execution of Config Change Templates can be scheduled.
  • Change Approval System enhancements
    • Approved requests to be executed at specified date/time
    • Approved requests to be returned to requestor for execution
    • Requesters can see a history of what they requested and was approved
    • Approvers can see a history of what they approved
  • SNMPv3 -- Support of AES-256 encryption
  • Inventory for Brocade devices
  • More devices supported natively (Palo Alto)
  • Config Change Template Extensions: 'delay' command, string <-> number conversion
  • Make downloaded configurations searchable for IP addresses with FTS enabled.

More details and screenshots can be found in the NCM 7.2 Beta blog post and in Manage End-of-Life Information for Your Devices with NCM!

 

RC builds are made available to existing customers prior to the formal release. These are used to get customer feedback in production environments and are fully supported. If you have any questions, I encourage you to leverage the NCM RC forum.


You will find the latest version on your customer portal in the Release Candidate section.

SolarWinds has prepared a new on-line sessions for all of you who are interested what's coming in our product series. This sessions will be presented by Product Managers and we believe that it will give you an interesting look into product's future.

If you would like to attend, simply make your registration at GoTo meeting web site: New Series: PM-Hosted Monthly Product Roadmap Updates

 

The upcoming Wednesday 17th July's session will be focused at Network Performance Monitor 10.5 and beyond. In this episode, we will review the new features in SolarWinds Network Performance Monitor v10.5 and additionally, we will discuss what we are working on for the future. Feel free to bring your comments and questions.

 

See you there.

We have completed the bulk of the development effort and are now focused on testing the latest release of Kiwi Syslog Server (KSS). KSS v9.4 has reached Beta status. This is your chance to install the latest version and provide feedback on the new features and fixes. Providing feedback during the beta is the best way to ensure that your feedback will be incorporated in to the release. To participate, simply fill out this survey and you will be sent the download links for the Beta. Remember, Betas cannot be installed in production and you cannot upgrade the Beta to any other future versions.

 

The following enhancement have been added to KSS:

  • Moving to a new web server
    This change brings a lot of new functionality "for free". Examples:
  • Active Directory authentication for web access
  • Alerting for Message Queue Monitor
    Be notified when the number of messages in the message queue crosses certain threshold. This indicates there might be performance problems and gives you chance to take an action before messages get dropped.

FreeDNS.png

Today we made it official - our library of handy DNS and email troubleshooting tools on DNSstuff.com are now free! You can use the tools a few times before being prompted to create an account, with an account you can create your own favorites and arrange the tools as you see fit. The DNSstuff Toolbox ("Professional Toolset") has dozens of tools for testing/retrieving DNS records and troubleshooting configuration issues that might affect network connectivity, routing, DNS and email; the Mail Server Test Center consolidates a few critical tests that might affect email into one place.

 

Questions DNSstuff Tools can Help you Answer

 

Is it down for everyone or just me? Can people reach my site? Is my site slower from different parts of the internet?

DNSstuff is a great third party external resource that lets you troubleshoot remote connectivity issues without calling all your friends to ask them to try accessing your site and tell you how slow it is. In addition to the usual traceroute, our vector trace tool lets you drop in an IP and we'll connect to it from 2 different locations to see whether there's any issues with your site that might differ based on someone's location. While you're there, dig into the details about any hop to find out more about who owns it and where it is.

 

DNSvector1.pngDNSvector2.png

 

 

Are my DNS records good? Has my DNS change propagated through the internet yet? I am setting up a new site or working with a new customer and how can I tell their DNS is configured correctly? Is there a problem with one of my listed DNS servers not responding?

 

Nothing's more fun than making changes or making a new site live and having someone ask you every 5 minutes why the traffic isn't coming yet, or why people are still seeing the old site. Okay, maybe more fun than that is when you have random reports of lookup failures or communication errors to your site and have no idea why - but all of the network connectivity itself seems good. You can use DNSstuff to do tests against your DNS records and their listed DNS servers to make sure all of the listings are correct AND help you identify common problems or pitfalls with DNS that might lead to these types of failures.

 

Our DNSreport tool will run a number of tests against your domain and subsequent listed DNS servers to tell you if there's a problem anywhere down the line. You can also use the ISP cached DNS lookup tool to see if ISPs have cached your records or are showing the new ones.

 

DNSreport.pngDNScachedISP.png

 

Where is this IP address physically located? How does traffic route through different geographic areas to get to one of my sites? Could a wonky route that sends traffic overseas be making my site particularly slow?

DNSstuff has a few IP location and visual traceroute tools that help you identify where a certain IP is located and what routes traffic might be taking to get to an IP address. The vector trace (sample above) is handy to see how different locations might be reaching you. Our standard traceroute performs the exact same lookup but from a single host. IP information will look up all of the info related to an IP (including location across several location tools) and there's always standard IPWhois to do a simple reverse ownership lookup.

DNSipinfo.pngDNSipwhois.png


Am I listed on any spam blacklists?

There's a bunch of spam blacklists out there and getting listed means email from you might not reach someone using a blacklist to prevent unwanted email. DNSstuff has a blacklist lookup tool that checks your IP address against those lists.  You can also check a domain against a URI blacklist tool in case your domain has appeared in spam and that's causing you to be blocked, too. If you are blocked, we've lined up the contact info so you can react accordingly.

 

DNSspambl.pngDNSuribl.png

 

Who owns this site and which whois service should I use to find out if I need to contact them? I changed my whois record info, but how do I know it's done?

There are several online whois tools, but usually in order to use them, you have to at least figure out which whois service to go to. We've hooked them all up to one lookup tool so you can drop in an IP or domain name and see who it belongs to (and all the other useful whois info). We also have snapshots so you can see when whois information last changed and what changed.


DNSwhois1.pngDNSwhois2.png

 

People are getting bounce messages from our email, but not all of the time, and I can't figure out what's going on - help?

If you've got multiple servers configured as your MX, mail can find its way to all of them - but only sometimes, which makes problems pretty hard to track down unless you check every server. Mail Server Test Center runs a bunch of tests that check basic connectivity, records, SPF, and other info against ALL of your MX records.

 

DNSmstc.png

 

And More!!

There's a ton of other tools on DNSstuff - everything from a Speed Test to DKIM Key/SPF record checking to a CIDR calculator and even social media search. DNSstuff is also here on Thwack, over in the DNSstuff space where our product management and sometimes even dev team checks in to see how we can help.

 

NOTE: All paying DNSstuff customers continue to have access to the same tools and information that they did before, and access to create an online case with our support team up to the expiration date of your account. As your account expires, your access to any tools won't change and you'll experience no interruption in service.

The SolarWinds Engineer’s Toolset – 10.9.1 Release Candidate is now available for download in your customer portal.

This Release Candidate fixes the following issues.

 

• Issues with Neighbor Map (250173, 186932)

• Port Mapper - In correct VLAN ID displayed (156029)

• Bandwidth Gauge –Historical Statistics issue fixed (175923)

• Subnet Calculator – Resulting in wrong subnets (243226, 228460, 222771)

• Port Scanner crashes (222332, 218038)

• Switch Port Mapper does not work with Cisco Nexus 5000 (197087)

• Switch Port Mapper does not show MAC Address (204097)

• Switch Port Mapper fails to export to CSV format (250453)

• Workspace Studio Crash (236890, 236888)

TraceRoute crashes when hostname is not resolved (233322)

• Cannot add nodes to Bandwidth Gauges, with Non Admin user rights (234987)

WorkSpace Studio: Interface Chart % Utlization Rx+Tx faulty logic (245706)

• SNMP Real Time Graph displaying duplicate column names (250074)

• Watch It gives a Run-Time error after exiting the application when log in as a standard user (241675)

• Compare config Tool error out when logged in as a standard user (240296)

 

We have also included some enhancements into the tools.

 

• Enhancements into the TraceRoute tool.

WorkSpace Studio - Export function available in IP Network Browser.

• Neighbor Map can now export to Visio

• Proxy Ping supports IPV6 and SNMPv3

• SFTP functions using DSA Algorithms

• Fixed the renaming of file name in SCP Server and TFTP Server Tools.

 

The full set of release notes will be available when we have the formal release.

 

P.S: The Release Candidate (RCs) is a fully supported early release available to existing customers. If you have active maintenance and you are interested in the RC, please download the RC from your Customer Portal..

For those of you not familiar with Google Fusion, it's the latest (beta) data visualization tool to come out of the Mountain View Chocolate Factory. Among other things, it can make some pretty awesome charts and maps.

Since we here at SolarWinds subscribe to all sorts of geekery, we thought it only fitting to pump our topology and dependency data into it and see what came out. As you can see from the video below, the results are pretty awesome.

 

So how does one go about creating such a cool map and putting it in NPM?

 

First, you'll need the SolarWinds SDK installed (http://thwack.solarwinds.com/thread/39001)

 

Then open SWQL Studio and attach to SWISv3 with your Orion Credentials.

For topology data, use the below query:

 

 

SELECT d.Caption AS DestCaption, s.Caption AS SrcCaption FROM Orion.TopologyData t

JOIN Orion.Nodes s ON s.NodeID = t.SrcNodeID

JOIN Orion.Nodes d ON d.NodeID = t.DestNodeID

 

 

 


For Dependencies, you would use the below query:

 

 

SELECT dp.ParentDisplayName, dc.ChildDisplayName

FROM

(

SELECT d.DependencyID, d.ParentUri, p.DisplayName AS ParentDisplayName

FROM Orion.Dependencies d

JOIN System.ManagedEntity p ON p.Uri = d.ParentUri

) dp

JOIN

(

SELECT d.DependencyID, d.ChildUri, c.DisplayName AS ChildDisplayName

FROM Orion.Dependencies d

JOIN System.ManagedEntity c ON c.Uri = d.ChildUri

) dc ON dp.DependencyID = dc.DependencyID

 

 

 

 

Right click on the results and save as a CSV file to your local hard drive.

FusionTables.png

Now let's go over to Google and search for "Fusion Table"

 

Select "Create" (you may need to login with your Google account credentials)

Select "Choose File" and select the file you have saved from SWQL Studio and click Next.

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

Table_data.png

 

 

Take a moment to admire your data, and click Next then Finish.

See your data in the Fusion Table?

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

Network_Graph.pngOn the "Help" Menu  Select "Switch to Classic View".  You should now see the "Labs" menu option

From the "Labs" menu, select "Network graph", and you should now see your beautiful map.

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

publish.png

Click on the "Get embeddable code" button and select the "Change Visibility" link

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

Select "Anyone with the link". Click "Save"

Change the Height and Width to your desired size.  This size will need to be smaller than your column width in your Orion Page you will be putting the resource on minus about 50 pixels.  So if my Orion page column in 850, then I set 800 Width here.

Copy the "Paste HTML to embed in website" text.  Keep in your clip board for future use

Go to NPM, navigate to the page you want to place your Fusion Graph Map on.

From here it's a simple process of creating a Custom HTML resource. This has been covered previously here: http://thwack.solarwinds.com/community/solarwinds-community/product-blog/blog/2010/08/05/hidden-gem-the-custom-html-resource

Once complete, get ready to impress your friends, family, and co-workers. Well, perhaps not, but you likely won't be able to stop playing with the new map.

SolarWinds is hosting a Customer Event at Cisco Live Orlando! Sign up to join us for one or more sessions. Sessions will be held Wednesday and Thursday, June 26 & 27, over lunch. The Customer Event will be held at the Rosen Centre Hotel, directly across the street from the hotel. Each session is limited to 30 people, and a catered lunch will be provided. We hope to see you there.

 

Sessions Include:

 

Wednesday June 26, 11:30-12:30

Don’t Forget the Superglue

 

This session covers three critical areas that can be overlooked until you’re in a pinch: config backup and policy scanning, network discovery and diagramming, and maintaining a clutter-free helpdesk queue.

 

Wednesday June 26, 12:30-1:30

NPM – What’s New, What’s Coming, and Popular Extensions

 

Join us for a product update, one-on-one discussion, and live demo with SolarWinds Product Managers and Head Geeks to learn and ask questions about the brand spanking new PM 10.5 release. The Product Management team will discuss what we’re working n for future releases.

 

Thursday June 27, 11:30-12:30

Protect Your Network From Hackers

 

Join us for a power unch to swap stories from the front lines and learn what SolarWinds is bringing to the table in the security space. A SolarWinds customer will also join the presentation to share how they are using SolarWinds in their environment.

 

Thursday June 27, 12:30-1:30

NPM – What’s New, What’s Coming, and Popular Extensions

 

Join us for a product update, live demo, and one-on-one discussion with SolarWinds Product Managers and Head Geeks to learn and ask questions about the brand spanking new NPM 10.5 release. This session will also feature a long-term SolarWinds NPM customer as a special guest panelist. The Product Management team will discuss what we’re working on for future releases.

 

Sign up here!

It’s been a month since the release of NTM 1.0.10., We are now working on our next version which has been guided by your valuable feedback. Below is snapshot on what we are considering.

 

  • Edit Node Properties – You will be able to Change your Nodes’ Names or Name your Unidentified nodes.
  • Ability to save credentials – NTM will give you the ability to save credentials and reuse it to perform a new scan.
  • Schedule export to Network Atlas – For our NPM users, you will be able to perform scheduled exports of NTM Maps into Network Atlas.
  • Better representation of ICMP (only) Nodes – We are working on building some intelligence in that allows for better grouping of ICMP nodes and better representation of them on the map.
  • Support Hyper V – We will extend our Virtualization mapping by supporting Hyper V

 

 

Questions? Comments? Did We Miss Something? If you've got questions or ideas about a particular feature that might be most useful to you or your organization, or want to take part in a release candidate or beta, feel free to comment. Make sure to file a feature request over in our Network Topology Mapper Feature Requests forum if you don't see your request. If someone else already posted it, please add your comments so we know there's interest in a particular feature or issue and please don’t forget to mention the use-case that particular feature will solve for you.

 

Disclaimer: We are working on these items based on this priority order, but this is NOT a commitment that all of these enhancements will make the next release. If you have comments or questions on any of these items (e.g. how would it work?) or would like to be included in a preview demo, please let us know!

Hello!

 

After the release of NTA 3.11 we here at SolarWinds turn our focus on performance and retention with in NTA. There have been several surveys that you all have been great about providing feedback on in addition to here on Thwack. Survey Says: make it run faster! Retain my data longer! You asked, we listened and now we are focused on delivering our next release with these enhancements as the primary focus.

  • Performance:
    • Decreasing Web Page Load Times
    • Decreasing Flow Processing overhead
    • Increasing Flow Processing speed and capacity
    • Decreasing SQL DB overhead
  • Retention:
    • No more data aggregation
    • Greatly increased detailed data retention

 

And for all you Juniper folks, we're also planning on supporting sampled jFlow. Stay tuned for more updates about beta builds in the near future! Can't be contained in 4.0

 

Disclaimer: This is not a commitment to a time frame or delivery of any of the features discussed below. This is also not a commitment to deliver all of these features in our next release. This post is intended to give you a rough idea of what we're doing.

Filter Blog

By date:
By tag: