Skip navigation
1 2 3 4 5 Previous Next

Product Blog

664 posts

I'm happy to share with you, that we reached GA milestone for Web Help Desk (WHD) 12.4. Focus of this release was mainly security and stability of the application. Namely

 

Security improvements

  • Improved security across the application for FIPS-mode SSL connections, namely
    • HTTP over SSL connections
    • Microsoft® Exchange, IMAP, POP3, and SMTP over SSL
    • WMI and other asset discovery connections over SSL
    • LDAP over SSL
    • SolarWinds® Network Performance Monitor (NPM), Systems and Applications Monitor (SAM), and Network Configuration Monitor (NCM) integration over SSL
  • User password hashes, integration password hashes, and other static data such as database custom fields and stored credentials
  • Detection and indication of system cryptography status
  • Automatic migration of all stored passwords for stronger and more secure cryptography

 

Support for FIPS 140-2 compatible cryptography

For environments where high security standards are required, you can install and configure FIPS 140-2 compatible cryptography to achieve your required level of regulation compliance. The user interface includes a password migration tool to help you migrate techs and clients to FIPS-secure passwords.

 

Additional improvements

  • Smarter backup rotations in the Virtual Appliance
  • Oracle® Java™ 8 support
  • Over 100 bug fixes that hugely improve the stability of the application

 

Now go and download web help desk from your customer portal or webhelpdesk.com.

 

PS. If you want to get excited about what is coming next (we are already busily working on new stuff) sign up for upcoming Beta here.

I am excited to announce that Database Performance analyzer 10.1 with support for Oracle 12c multitenant is now available in the customer portal and for free evaluation from the SolarWinds Website. What's so special about DPA 10.1?  Let's take a look!

 

New Features in 10.1

  • Support for Oracle 12c Multitenant
    • Monitor Oracle Pluggable Databses (PDBs)
    • Automatic Grouping of PDBs
    • Summary View, showing usage per PDB
    • Detect and alert when PDBs are added, remove or moved.
    • Mass registrion for PDBs, just like other
    • PDBs should up in the Orion integration
    • Using a PDB as an DPA repository
  • Improved Mass Registration
  • Offline License Deactivation
  • Lots of minor fixes - see the Release Notes.

 

What is a PDB?

What's a PDB you ask?   Officially, a Pluggable Database is "user-created set of schemas, objects, and related structures that appears logically to an application as a separate database". Basically, its everything that makes up the database.  Why is this important?  Previously, Oracle didn't have a good way to have multiple databases on one Oracle instance. You had a couple of options, table spaces and multiple instances per server, but they had their drawbacks.  Multitenant support is kind of like virtualization, where you can quickly "plug" in multiple databases into one Oracle "container" (aka CDB) and let them share resources and be managed as a whole, improving resource utilization and reducing management time.

 

Monitoring Oracle Multitenant and PDB changes

Adding individual PDBs now works just like Oracle single tenant or the classic Oracle databases.  Just choose Oracle, enter the needed information and go!  Same thing with mass registration.  DPA will only allow you to register PDBs, not CDBs (Container Databases).  If you try to add the CDB, DPA will politely ask you to register the PDBs instead.

 

Once you have registered two Oracle PDBs in the same CDB (Container Database), they will auto group in the home screen.  If you register just one PDB from a CDB, is will still show up as an individual database.

CDB View - Summarizing PDB Load

As a bonus, you can click on the CDB and get summary data across the PDB instances, allowing you to quickly see which PDB has more wait time, what kinds of waits they are experiencing,

 

Which PDB is waiting the most in the CDB?  Quickly see the balance between the PDBs.

If you are seeing unusual wait times at the PDB level, you can drill up and review the PDB.  Here we see a major increase "direct path read" and "read by other session".

Finally, if you want to look across all your PDBs and find the query with the most wait time, use the Top SQL tab.  You can click on the link to see the query.

 

PDB Annotations and Alerts

The data collected from a PDB is the same data we've always collected for Oracle.  However, we do annotate all PDB changes - when they are added, removed or moved.

For example, you will see annotations on the 30-day trend when

  • You plug in a PDB
  • You move a PDB from one CDB to another (see sample below)
  • You unplug a PDB

PDB Odds and Ends

  • If you have a dozens or hundreds of PDBs, mass registration allows you to quickly add them via a spreadsheet upload.
  • If you want to use a PDB as a repository for DPA, no problem - it works out of the box.
  • PDBs will show up in the Orion integration and support all current features, so they will map to your Orion nodes and application just like traditional databases.

 

 

But Wait, There's More

Every release has some minor features too, and 10.1 is no exception.

  • The mass registration file can now be uploaded directly to DPA via the GUI, rather than moving the file to the DPA server.  This simplifies mass registration and makes it a more secure process.
  • You can now deactivate licenses without involving support or customer service - even if you are offline.
  • Lots of minor fixes - see the Release Notes.

 

What's next?

Our dedicated team of database nerds and code jockies are hard at work on the next awesome DPA release - check out the What We Are Working On for DPA (Updated October 12, 2016) post.  If you don't see everything you've been wishing for there, you add it to our Database Performance Analyzer Feature Requests

 

If the above features get you excited, get on the list for the next beta by filling out this survey.

Not all virtual environments are alike, the default out-of-the-box configuration of the virtual appliance is not necessarily best suited to environments of all sizes, and those particularly large environments may want to consider adjusting some of those default settings for optimal performance.  To take advantage of the features that have been added to VMAN over the last several releases requires Orion integration, which makes correctly configuring VMAN extremely important for performance and scalability. The VMAN Sizing Guide was created to assist with the preliminary setup and configuration of both the Virtualization Manager appliance and the integrated Orion server. 

 

To access the guide click here.

 

The the following items are addressed based on the number of VMs to be polled.

 

·       Memory, CPU, and storage considerations for the VMAN appliance

·       Memory, CPU, and storage considerations for the Orion server when integration is enabled

·       Identify when federated pollers are needed

·       Identify when to deploy Orion APEs to distribute the workload when integration is enabled

·       Advanced fine tuning of the VMAN appliance for Optimal performance

·       Necessary hotfix install version to solve integration issues

·       Fixes for database size issues

 

 

The guide is organized into small, medium, and large deployment recommendations to help you determine the starting configuration size for your VMAN and Orion deployment. Not all possible scenarios are included in this document, so consider the recommendations in this document as guidelines.  This is not an exhaustive list of all the fine tuning and performance tweaks that can be made, if you are still having performance issues than please reach out to your sales engineer or support contact.  They should be able to walk you through some advance tuning recommendations that would be specific to your virtual environment. 

 

Click the following  button for the VMAN Sizing Guide.

VMAN Sizing Guide.png

Recently, Cisco® added a collection of Smart Services reports to Smart Net Total Care™.  The new Smart Net Total Care reports rely on current information about your network devices and how they are configured and used.  To get these reports, you must send information about your network to Cisco. One way to do this is to use SolarWinds® Network Configuration Manager (NCM). NCM utilizes a variety of network discovery methods to identify the network devices it manages. Therefore, NCM knows a great deal about your network devices and how they are configured and used. Using a special connector, NCM is able to send this information to Cisco.

 

What follows is a quick overview of the reports included with a Smart Net Total Care subscription that are now available using NCM and the NCM Cisco connector.  

Service Coverage

The service coverage reports, also known as Know the Network (KTN), show devices and components not covered under a valid service contract. If service coverage exists, the report includes details about the service agreement, including coverage start and end times. Use this report to identify hardware and software that may not be covered under a service agreement, and identify devices that are covered but are no longer in service.

 

EoxHW

The Hardware EoX report shows you which devices you have in your network that are approaching critical lifecycle milestones. In addition to providing important dates associated with End-of-Life (EoL), this report provides recommendations for hardware you might consider migrating to. It also provides links to published bulletins that are full of information about planning budgets, preparing for eventual replacement, and ways to avoid problems when devices require service.

 

EoxSW

The Software EoX report is similar to the EoxHW report, except that it shows the software running on your devices that are approaching critical lifecycle milestones. This report provides important EoL dates associated with iOS® versions, recommends which iOS versions to upgrade to, and includes links to published bulletins. This information can help you identify which devices require iOS updates.

 

PSIRT

The PSIRT report identifies security vulnerabilities associated with devices on your network as determined by the Cisco Product Security and Incident Response Team. Use this report to identify and investigate potential security problems.

 

Field Notice

The Field Notice report summarizes all product defects found in devices on your network. It specifies affected devices and provides a URL where you can access a published Field Notice advisory. The advisory provides details on how a product can be replaced or fixed with an upgrade. Use this report to identify hardware and software that may be defective, and receive instructions on how to remedy any defects.

 

IPv6 Profile

The IPv6 Profile report evaluates your network and tells you what actions you need to take to support IPv6-based network services. Use this report to see which devices are capable of supporting IPv6, which devices are capable of supporting IPv6 with recommended hardware and software upgrades, and which devices are not capable of supporting IPv6.

 

Medianet Profile

The Medianet™ pre-deploy assessment report helps you determine which network devices are capable of supporting multimedia services. Use this report to see which devices are capable of supporting multimedia, which devices are capable of supporting multimedia with recommended hardware and software upgrades, and which devices are not capable of supporting multimedia.

 

To use the connector, you must install the most current version of NCM (v7.4).  Then you can access these reports in two ways. First, the NCM connector will download a CSV version of these reports locally for you to use. Second, you can view these reports in your Cisco Smart Net Total care portal.

 

To download or to learn more about NCM and Cisco connector, visit this Web page. If you already own NCM, you can download the free connector from your customer portal.

SCAWARDS2016_winnerhoriz.jpg

 

On March 1, SolarWinds® Network Configuration Manager (NCM) was recognized for being the Best Policy/Risk Management Solution by SC Magazine for the fourth straight year. Other finalists for this years’ award included Bay Dynamics, TraceSecurity, Trustwave, and Venafi.

 

SC Magazine wrote, “Managing, monitoring, and auditing configuration policies on network devices are the top three reasons why IT pros select and use SolarWinds Network Configuration Manager.”

 

Risk management is a central element of IT governance for most organizations, even if they don’t have to comply with information privacy regulations. The purpose of IT risk management is to identify the business impact caused by the loss of IT services, and take measures to reasonably avoid or reduce this impact. Since the network is the very foundation for all IT services, and the function and suitability of the network is defined by the configurations for its constituent routers, switches, controllers, access control devices and more, then it makes sense to carefully manage, monitor, and audit these configurations. This is why NCM plays such a critical role in IT risk management and operations.

 

So how does NCM manage, monitor, and audit device configurations?  Here is a quick overview.

 

Manage

 

Device access  – Perhaps the first place to start is by removing ad hoc and remote access to devices. NCM lets you centrally manage device passwords, and even require configuration changes to be made using the change management features in NCM.

 

Backup and recover – Hardware failure and human error can break your network. Recover from these disasters quickly with the ability to schedule, back up, find, and restore device configurations.

 

User roles and permissions – Want to control who has access to network devices and what they can do? Use NCM user roles and permissions to determine who can access specific devices and what actions they can perform.

 

Configuration templates – Have a big network change looming, or need to standardize your configs? Use NCM configuration change templates. Change templates save you time making consistent changes across many devices by providing powerful device- and vendor-neutral automation using control logic and variable-based attributes stored in the device profile. 

 

Change approval – Want complete visibility on all changes? Use NCM workflow to review and approve changes before they can be applied.

 

Job scheduling – Want to control when changes are made? Use NCM scheduling to execute changes during maintenance windows.

 

Monitor

 

Change detection – Want to know whenever any change is made and who made the change? Detect configuration changes in near real-time, and even take automated actions, like archiving a configuration, writing a changed configuration to flash memory, or issuing an alert.

 

Change analysis – Want to know exactly what changed? Compare two configurations side-by-side and see exactly where statements have been added or removed.

 

Audit

 

Policies – Want to help ensure your configs contain (or don’t contain) specific configuration statements? Use NCM policies to define what is expected (or forbidden) in a configuration. NCM delivers out-of-the-box policies for PCI, DISA STIG, FISMA, SOX, and HIPPA, or you can build or customize your own.

 

Audit – Want to help ensure configurations never drift from your standards? Automatically audit your configurations as frequently as you like using the policies you have selected to use.

 

Report – Need to know when a violation occurs? Use interactive reports to see violations organized by policy or device, and then interactively drill into the details.

 

Remediation – Correct violations fast with remediation scripts (defined as part of the policy), that right violations quickly and consistently. Scripts can be manually executed from within interactive audit reports, or automatically when a violation is detected.

 

Summary

 

Managing, monitoring, and auditing are just three ways NCM helps you protect your network configs and manage IT risk. To learn about the SC Magazine 2016 awards and other category winners, read this article.  To learn more about Network Configuration Manager, visit our product page. To learn how to write a NCM policy, read this thwack® post.

 

How you are using NCM to manage, monitor, and audit your network configs? Use the comments below to share your stories.

In the previous two posts, we talked about high level performance information and then we dove into the details around storage performance from the array, pool, and LUN/Volume detail. Now let's talk about thresholds and alerting. This is where we start making Storage Resource Monitor adapt to your environment, while also showing what performance information matters to you. 

 

Thresholds

Setting thresholds is a key step in making sure your data center runs efficiently. When you start SolarWinds® Storage Resource Monitor the first time, there are pre-set thresholds setup based on general best practices. For most situations this will work, however there are solutions that require something a little more specific. There are applications in your environment that require low latency and if any of them deviate from that it would cause major headaches. There are other applications that require a specific amount of IOPS and any dip will slow the business down and lead to your inbox being filled with not so nice requests for information. Having your thresholds set properly can help you avoid "fire drills." The "SRM Settings" section is where you can set global thresholds for key storage resources.

Thresholds can be set for IOPS, throughput, I/O size, Capacity, and latency (LUN & Volume specific).  In addition, some of these can be set by read, write, or total so you can even customize for applications that are heavy on read or heavy on write performance. 

Using global settings allows you to tailor monitoring for your data center, but, as you know, there are also applications that differ from the others that need special attention.  If that’s the case, Storage Resource Monitor has you covered. Under each details screen (array, pool, and LUN/Volume), you can adjust the thresholds for that specific resource. Pool 1 needs to maintain 500 IOPS and I need to know when it goes below it. You can set the threshold to warning when IOPS are less than or equal to 600 and critical when IOPS are less than or equal to 550. LUN 2 has to maintain latency of 50ms. You can set the threshold to warning when it hits 40ms and critical when it hits 50ms. The thresholds you set for the individual resources will translate to the summary screens we talked about before, so at-a-glance you can see if the required performance needs are being met.

 

Alerting

So now you’re thinking, "thresholds are great, but if something happens when the custom thresholds are  reached I need to be alerted."  In addition to custom thresholds, setting custom alerts will make sure you know when something goes wrong quickly. Like before, the standard alerts in Storage Resource Monitor will get you going, however custom alerts help make sure you understand if all of your resources are performing as required. Creating custom alerts can be done for groups of resources with the same performance profile or for specific resources that have a very unique requirement.

 

You can set a single alert for a specific storage resource or set an alert for multiple resources that share a common performance profile. There is the ability to customize everything from a specific team to handle the alert, to setting that the condition has to exist for a period of time, and even the ability to set the alert to only be enable during a certain time of day to name a few. Setting a custom alert for a specific time helps avoid the unwanted alerting noise during expected downtime and/or planned degraded performance. 

 

 

By using thresholds and custom alerts, Storage Resource Monitor has you covered when monitoring storage performance for all your applications. Along with dashboards and storage resource details, you can easily stay ahead of your storage performance needs and track when more resources are needed.

 

What are some of your best practices around thresholds? What are the items you customize with alerts?

We have been working hard to bring another bulk of enhancements to the Network Configuration Manager (NCM) and NCM 7.5 Beta is available. We have been working on:

  • Additional F5 LTM & GTM Support (Including Binary Config Support)
  • Compliance Reports (security best practices) for various vendors
  • Usability Improvements

 

To get access to the Beta, you need to be a customer on active maintenance for NCM and sign up here.

 

You can discuss your experience in the NCM Beta Forum.

 

As an added incentive, Beta users who submit feedback will receive 2,000 Thwack points to buy swag at the Thwack Store.

Having a high-level view of storage performance is good for a quick overview or understanding of how things are operating.  In order to take your monitoring to the next level, having access to details is critical. In my previous post,  I reviewed storage dashboards and performance data points that SolarWinds Storage Resource Monitor provides.  Below I will cover performance monitoring at the array, storage pool, and LUN/Volume level.

The "Array Details" screen is usually the first stop when looking at your storage performance. This is a great starting point for when you want to get a look at the overall performance for a storage array. Having this information is ideal when you want to compare the expected performance of an array versus how the array is actually performing.  In addition, you can get an understanding of read/write performance ratios in relation to the overall performance.

 

The “Block Storage” and “File Storage” tabs allow you to quickly get into the underlying performance information for the device’s storage pools and LUNS/Volumes.  Each of these tabs will show you latency summaries and performance summaries for the individual resources.  At-a-glance, this will let you see if you have any latency issues at the LUN/Volume level and what your highest performing LUN/volumes are by IOPS, throughput, or latency.

 

 

"Storage Pool Details” provide storage administrators the ability to understand performance at a pool/RAID level.  Depending on how storage resources are assigned out to applications, this can provide the ability to understand performance for similar applications.  An example would be a VM farm is created for different instances of the same application.  Having the applications tied to the same pool of storage with different LUNs is ideal so that you have the same pattern of read/write ratio and not running into instances where different read/write ratios are involved.  This can cause application performance problems if the disk is having to store random data in one instance and then sequential the next.

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

The "LUN & Volume Details" screen is where you can see performance at the lowest level.  This is where you can tie application performance directly to the assigned storage. In addition, this is where the power of Storage Resource Monitor really comes into play.  Not only can you see the individual LUN performance, you can also see it in relation to other LUNs in the same storage pool.  Did a LUN in the same pool spike performance?  Are all the LUNs in the same pool experiencing high latency?  These are a couple of questions the LUN Details screen can help answer.

 

 

As you can see, the more in-depth you go with Storage Resource Monitor, the more information and comparisons become available.  All of the information presented is critical to understanding your storage performance and how it affects your overall environment.  In my next post, I will cover thresholds & alerting and how with the right settings & planning you can make Storage Resource Monitor not just an important monitoring tool, but a critical one.

 

How have you used the details screens to monitor and troubleshoot your storage performance?

Managing storage is a constant dance of making sure resources are available for the applications that need them, and making sure resources are constantly in use, because having wasted resources in addition to no resources can be problem. SolarWinds® Storage Resource Monitor helps make this dance a little less complicated. Over the next few posts I am not only going to show different parts of Storage Resource Monitor in relation to storage performance, but also how each of these parts can give you the information you need to monitor your environment and maximize one of your largest IT investments.

 

To start, we will address some basic information regarding storage performance and how Storage Resource Monitor presents the data. Based on customer feedback, one of the best things about SRM is that users are able to quickly view and understand their storage performance problems. Below, I will show you what initial performance information SRM provides, and ways to interpret the data. Depending on your environment, there will always be different ways to interpret performance data, so your mileage will vary.

 

Here we have part of the SRM Summary screen. In one simple view you get a list of storage devices being monitored, alerts, events, and performance and capacity summaries. The All Storage Objects widget will not only show you all the storage devices, but also point to devices that are having problems using easy-to-see green, yellow, and red notifications. To get to the exact cause, you can drill down into the array date until you get to the specific storage resource with the problem. A faster way to recognize performance problems is with either All Active Alerts or Storage Objects by Performance Risk.

                        

 

The Storage Objects by Performance Risk will give you a summary of performance problems based and sorted by latency. Like most things, high latency is not an ideal situation. However, the definition of "high" varies by environment and application. In addition to latency, IOPS and throughput are shown, and you can tailor the thresholds for the resources to be more specific to your requirements. Using this allows you to select your top performance problems by latency at the main screen without any digging. 

 

                             

In addition to the performance information on the SRM Summary screen, the Performance Dashboard lets you see additional performance data points. It includes the performance objects by risk and information for LUNs by Performance and NAS Volumes by Performance. Any of these sections will allow you to instantly dig into the specific storage resource that is experiencing performance problems.

              

 

This data allows you to instantly address performance problems. To see overall performance at the array and/or storage pool level, SRM gives you access to that data in a mere one or two clicks.  For array-specific performance information, select an array in the All Storage Objects section and the Array Details screen will show detailed information for that array. Clicking once more in the All Storage Objects section will show the storage pools and allow you to select the Storage Pool Details screen for each pool. Going even lower will show all the LUNs assigned to each pool.  Selecting a LUN will bring up the LUN Details screen.   Each of these screens will present specific performance information as it relates to that storage resource.

 

Array Details

 

Storage Pool Details

 

LUN Details

 

Now, what do these high-level performance views do for the end-user? Right from the start, you can instantly discover, identify, and start troubleshooting performance problems. The goal is that the critical problems are up front, and the need to check each storage device one by one for problems is eliminated. In addition, having the ability to customize the dashboards and information is critical to tailoring the monitoring to your needs.

 

My next post will cover the three specific layers we use to help you monitor your storage performance: array, storage pool, and LUN/volume.

 

I would love to hear your feedback about how SRM has helped you monitor your storage performance. Please leave comments and questions below.

I am excited to announce that Server & Application Monitor (SAM) 6.3 Beta 3 is now available . The team at Solarwinds has been hard at work at producing the next release of SAM with some great new features that continue from the SAM 6.3 Beta 1.  The Beta is open to SAM customers currently on active maintenance.  The beta is the best opportunity to provide feedback and have direct input which can affect this release and improve the usability of SAM.  We encourage all to sign-up and kick the tires.  Just as in beta 1 your feedback might just earn you some much deserved Thwack points that can be redeemed for some cool SolarWinds SWAG!

 

The SAM 6.3 Beta 2 includes some of the features mentioned in the Server & Application Monitor - What we're working on beyond SAM 6.2 post. Don't forget to signup for the Beta and provide your feedback in the Server & Applications Monitor Beta forum!!

 

Beta 2 Button.png

NCM Compliance reporting isn’t just for security auditors!  Use it to ensure network devices are compliant with your operational standards and controls.

 

As a busy network engineer, are you always looking for cool skill hacks to help you work smarter? Well if so, here is new one for youcompliance reporting.  That’s right, NCM compliance reporting.  Compliance is an incredibly powerful tool that helps you ensure all network devices are compliant with your operational standards and controls.

 

Consider this example, a network engineer queues all planned network changes into a quarterly update and pushes the changes out using a versioned config.  After the push, he audits his configs using the NCM audit feature to make sure all devices are running the right config. By auditing configs for a specific version, he knows if a device is missed, or if a config has been rolled back to a prior version. If you’re looking for other practical uses, consider the following: Make sure public SNMP community strings are never enabled, password changes are synchronized, or you have required QoS settings needed for VoIP.  The NCM Compliance feature isn’t just for security auditors!

 

To show you how simple this is, let’s step through it together.  But first a little context.  When enabled, NCM Compliance Reports automatically run when the config backup job has completed.  At which time NCM will scour through your configs looking for violations as defined in Compliance Rules.  Compliance Rule use pattern matching to identify configuration commands which should be included in, or excluded from, your config files.  If a rule match is found, then a violation is recorded. In addition, a Compliance Rules also includes an optional remediation script.  A remediation script can be executed automatically or manually against each identified violation.  Compliance Rules are grouped and organized into Policies. A Policy is a container for rules and associated: 1) with one or more devices to audit and 2) a Compliance Report through which violations are reported.  From this quick overview, it should be easy to see how Compliance Auditing is a powerful tool to help you keep your network in sync with required regulatory and operational standards and controls.  Now let’s build a simple compliance report.  We will start with building the Compliance rule, associate with a policy and then associate the policy with a report.  For our example, we want to make sure we never have any devices that allow the use of public SNMP community strings.

 

 

1: Create Audit Rules

 

Follow along with these steps:

  1. Log in to the Orion® Web console website as an administrator.
  2. Click CONFIGS > Compliance.
  3. Click Manage Policy Reports.

 

Pic1.png

 

 

  1. Select Manage Rules, and click Add New Rule.

 

Pic2.png

 

 

  1. Enter a name for your new rule.
  2. Add a description, if needed.
  3. Click the alert level to associate with this rule.
  4. If you want to assign this rule to a folder, enter a name in New folder name. Otherwise, select an existing folder from Save in folder.
  5. Click the type of alert trigger to associate with this alert.
  6. If you want to search the device config for a simple string, click the appropriate option in String Type and enter text in the box. (Note: in this example we will build a remediation script and not use the testing tools.)
  7. Click Submit to save

 

 

Revised SNMP Rules1.png

 

 

2: Create an Audit Policy

 

Follow along with these steps:

 

  1. Click Manage Policies and Add New Policy.

 

Pic4.png

 

 

  1. Enter a name for your new Policy.
  2. Enter a Policy description.
  3. Specify where to save the Policy
  4. Select nodes to use with this Policy (default is all nodes).
  5. From the list, select the type of configuration you want to search with this Policy.
  6. Select and add Rules to associate with this Policy.
  7. Click Submit to save and exit.

 

Pic5.png

 

 

3: Create an Audit Report

 

Follow along with these steps:

 

  1. Click Manage Reports and then Add New Report.

Pic6.png

 

 

  1. Enter a name for your new report.
  2. Enter a description of the report.
  3. If you want to assign this report to a folder, enter a name in New folder name or select an existing folder from the Save in folder list.
  4. If you want to also display rules without violations, select Show rules without violation.
  5. Select the policy created from our previous task and associate it with this Report.
  6. Click Submit to save and exit.

 

Pic7.png

 

By default, your report is now enabled.

 

Pic8.png

 

The next time NCM archives your device configs, this report will automatically run and you will see any violations from the NCM summary screen using the Policy Violations resource.

 

Pic9.png

 

 

Are you a Network Control Freak?

 

Are a Network Control Freak? Try compliance auditing on your network and enter to win a SolarWinds Certified Network Control Freak swag-packClick here for contest rules and to enter.  Then simply take a screen-shot of a policy rule you create using this tutorial and submit it to here to win.  If you create something awesome, be sure to share it on thwack!

We have been working hard to bring another bulk of enhancements to the Storage Resource Monitor (SRM). SRM 6.3 Beta 1 contains the following improvements:

  • Support for Pure Storage arrays
  • Support for EMC XtremIO arrays

 

To get access to the beta, you need to be a customer on active maintenance for SRM and sign up here.

 

As an added incentive, beta users who submit feedback will receive 2,000 Thwack points to buy swag at the Thwack Store.

A SIEM tool is not a vacuum cleaner; you can’t just turn it on and have it siphon up all your log information, and bag it up nicely for you to later dump with out getting your hands dirty. A SIEM requires hands on work, and careful consideration of your particular environment. What may be perfectly normal in your environment may very well be a red flag for another environment. Many times companies will buy a SIEM to simply "check off the box" of some compliance requirement without ever seeing if the solution will work for them.

 

SIEM vendors, including Solarwinds, have worked diligently to make the out of the box experience with SIEM more “vacuum-esque”, with easier configuration tools, and out of the box rules, alerts and reports. Unfortunately there is no one-size-fits-all approach a vendor can take to apply to all industries and businesses.

 

With all that being said I would encourage the following: Know your network, spend time with it (many of you already do). Then spend time and effort configuring your SIEM for your network and your needs. In the end it will be a much more fulfilling experience. After all, what is the point of a tool if it isn’t used properly?

To check out the most up-to-date information regarding What We're Working on, please visit the LEM Product Roadmap page.

 

Be sure to let us know in the Log & Event Manager Feature Requests forum, if there are features you're really keen on. This list doesn't enumerate a lot of the features we're looking into for long term development and further releases, but we continually use Thwack as our biggest source of feedback.

We are busily working on the next release and among many things we are looking at, there is Checkpoint R77 and PCI 3.0 support!

 

If you would like to influence this feature and Firewall Security Manager in general and if you are interested in these particular feature, please reach out to me as soon as possible!

 

Sign up for the beta here: FSM Beta Survey

 

Please note this beta is open to current customers with active maintenance on Firewall Security Manager and is NOT suitable for production environment and you need a separate test system.


This Beta is focused on small, but high quality feedback and you will be rewarded by crazy number of Thwack points!   First come, first served!

 

After you sign up and confirm Beta agreement, I will contact you shortly.

Filter Blog

By date:
By tag: