Microsoft DirectAccess 2008 R2

Version 1

    This template assesses the overall health of the Microsoft DirectAceess server installed on Windows 2008 R2.


    Prerequisites: RPC and WMI access to the domain controller.

    Credentials: Windows Administrator on the domain controller.


    Monitored Components

    Note: Components without predetermined threshold values provide guidance such as "use the lowest threshold possible" or "use the highest threshold possible" to help you find a threshold appropriate for your application. For more information, see http://knowledgebase.solarwinds.com/kb/questions/2415.

     

    Teredo Relay: In - Error Packets

    This monitor returns the total number of error packets received by the Teredo relay.

    Note: By default, this monitor has the Count statistic as difference box checked. It will show the statistic since the last polling period.

     

    Teredo Relay: In - Success Packets

    This monitor returns the total number of error packets received by the Teredo relay.

    Note: By default, this monitor has the Count statistic as difference box checked. It will show the statistic since the last polling period.

     

    Teredo Relay: In - Error and Success Packets

    This monitor returns the rate of total packets received by the Teredo relay.

     

    Teredo Relay: Out - Error Packets

    This monitor returns the total number of packets failed to be sent by the Teredo relay.

    Note: By default, this monitor has the Count statistic as difference box checked. It will show the statistic since the last polling period.

     

    Teredo Relay: Out - Error and Success Packets

    This monitor returns the rate of total packets sent by the Teredo relay.

     

    Network Interface (6TO4 Adapter): Packets Received Errors

    This monitor returns the number of inbound packets that contained errors preventing them from being deliverable to a higher-layer protocol.

    Note: By default, this monitor has the Count statistic as difference box checked. It will show the statistic since the last polling period.

     

    Network Interface (6TO4 Adapter): Packets Received/sec

    This monitor returns the rate at which packets are received on the network interface.

     

    Network Interface (6TO4 Adapter): Packets Sent Non-Unicast/sec

    This monitor returns the rate at which packets are requested to be transmitted to non-unicast (subnet broadcast or subnet multicast) addresses by higher-level protocols. The rate includes the packets that were discarded or not sent.

     

    Network Interface (6TO4 Adapter): Packets Sent Unicast/sec

    This monitor returns the rate at which packets are requested to be transmitted to subnet-unicast addresses by higher-level protocols.  The rate includes the packets that were discarded or not sent.


    Network Interface (6TO4 Adapter): Packets Sent/sec

    This monitor returns the rate at which packets are sent on the network interface.

     

    Network Interface (6TO4 Adapter): Packets/sec

    This monitor returns the rate at which packets are sent and received on the network interface.

     

    IPHTTPS Global: Authentication Errors

    This monitor returns the total number of authentication errors.

    Note: By default, this monitor has the Count statistic as difference box checked. It will show the statistic since the last polling period.

     

    IPHTTPS Global: Receive Errors on the Server

    This monitor returns the total number of Receive errors on the server.

    Note: By default, this monitor has the Count statistic as difference box checked. It will show the statistic since the last polling period.

     

    IPHTTPS Global: Transmit Errors on the Server

    This monitor returns the total number of Transmit errors on the server.

    Note: By default, this monitor has the Count statistic as difference box checked. It will show the statistic since the last polling period.

     

    IPHTTPS Global: Bytes Received

    This monitor returns the total number of bytes received on the IPHTTPS server.

    Note: By default, this monitor has the Count statistic as difference box checked. It will show the statistic since the last polling period.

     

    IPHTTPS Global: Packets Received

    This monitor returns the total number of packets received on the server.

    Note: By default, this monitor has the Count statistic as difference box checked. It will show the statistic since the last polling period.

     

    IPHTTPS Global: Bytes Sent

    This monitor returns the total number of bytes sent on the IPHTTPS server.

    Note: By default, this monitor has the Count statistic as difference box checked. It will show the statistic since the last polling period.

     

    IPHTTPS Global: Packets Sent

    This monitor returns the total number of packets sent from the server.

    Note: By default, this monitor has the Count statistic as difference box checked. It will show the statistic since the last polling period.

     

    IPHTTPS Global: Sessions

    This monitor returns the total number of sessions on the server.

    Note: By default, this monitor has the Count statistic as difference box checked. It will show the statistic since the last polling period.

     

    Network Interface (isatap): Packets Received Errors

    This monitor returns the number of inbound packets that contained errors preventing them from being deliverable to a higher-layer protocol.

    Note: By default, this monitor has the Count statistic as difference box checked. It will show the statistic since the last polling period.

    Note: Before using this monitor, you should provide the correct instance field. For example, the instance should resemble the following:

    isatap.<DOMAIN> where <DOMAIN> FQDN name of your domain. 
    Example:
    isatap.example.com

     

    Network Interface (isatap): Packets Received/sec

    This monitor returns the rate at which packets are received on the network interface.

    Note: Before using this monitor, you should provide the correct instance field. For example, the instance should resemble the following:

    isatap.<DOMAIN> where <DOMAIN> FQDN name of your domain.
    Example: isatap.example.com

     

    Network Interface (isatap): Packets Sent Non-Unicast/sec

    This monitor returns the rate at which packets are requested to be transmitted to non-unicast (subnet broadcast or subnet multicast) addresses by higher-level protocols. The rate includes the packets that were discarded or not sent.

    Note: Before using this monitor, you should provide the correct instance field. For example, the instance should resemble the following:

    isatap.<DOMAIN> where <DOMAIN> FQDN name of your domain.
    Example: isatap.example.com

     

    Network Interface (isatap): Packets Sent Unicast/sec

    This monitor returns the rate at which packets are requested to be transmitted to subnet-unicast addresses by higher-level protocols.  The rate includes the packets that were discarded or not sent.

    Note: Before using this monitor, you should provide the correct instance field. For example, the instance should resemble the following:

    isatap.<DOMAIN> where <DOMAIN> FQDN name of your domain.
    Example: isatap.example.com

     

    Network Interface (isatap): Packets Sent/sec

    This monitor returns the rate at which packets are sent on the network interface.

    Note: Before using this monitor, you should provide the correct instance field. For example, the instance should resemble the following:

    isatap.<DOMAIN> where <DOMAIN> FQDN name of your domain.
    Example: isatap.example.com

     

    Network Interface (isatap): Packets/sec

    This monitor returns the rate at which packets are sent and received on the network interface.

    Note: Before using this monitor, you should provide the correct instance field. For example, the instance should resemble the following:

    isatap.<DOMAIN> where <DOMAIN> FQDN name of your domain.
    Example: isatap.example.com

     

    IPsec AuthIP IPv4: Active Extended Mode SAs

    This monitor returns the number of currently active extended mode security associations.

     

    IPsec AuthIP IPv4: Active Main Mode SAs

    This monitor returns the number of currently active main mode security associations.

     

    IPsec AuthIP IPv4: Active Quick Mode SAs

    This monitor returns the number of currently active quick mode security associations.

     

    IPsec AuthIP IPv4: Failed Extended Mode Negotiations/sec

    This monitor returns the rate of failed extended mode negotiations.

     

    IPsec AuthIP IPv4: Failed Main Mode Negotiations/sec

    This monitor returns the rate of failed main mode negotiations.

     

    IPsec AuthIP IPv4: Failed Quick Mode Negotiations/sec

    This monitor returns the rate of failed quick mode negotiations.

     

    IPsec AuthIP IPv4: Pending Extended Mode Negotiations

    This monitor returns the number of pending extended mode negotiations.

     

    IPsec AuthIP IPv4: Pending Main Mode Negotiations

    This monitor returns the number of pending main mode negotiations.

     

    IPsec AuthIP IPv4: Pending Quick Mode Negotiations

    This monitor returns the number of pending quick mode negotiations.

     

    IPsec AuthIP IPv6: Active Extended Mode SAs

    This monitor returns the number of currently active extended mode security associations.

     

    IPsec AuthIP IPv6: Active Main Mode SAs

    This monitor returns the number of currently active main mode security associations.

     

    IPsec AuthIP IPv6: Active Quick Mode SAs

    This monitor returns the number of currently active quick mode security associations.

     

    IPsec AuthIP IPv6: Failed Extended Mode Negotiations/sec

    This monitor returns the rate of failed extended mode negotiations.

     

    IPsec AuthIP IPv6: Failed Main Mode Negotiations/sec

    This monitor returns the rate of failed main mode negotiations.

     

    IPsec AuthIP IPv6: Failed Quick Mode Negotiations/sec

    This monitor returns the rate of failed quick mode negotiations.

     

    IPsec AuthIP IPv6: Pending Extended Mode Negotiations

    This monitor returns the number of pending extended mode negotiations.

     

    IPsec AuthIP IPv6: Pending Main Mode Negotiations

    This monitor returns the number of pending main mode negotiations.

     

    IPsec AuthIP IPv6: Pending Quick Mode Negotiations

    This monitor returns the number of pending quick mode negotiations.

     

    IPsec DoS Protection: Current State Entries

    This monitor returns the number of state entries in the table. A state entry is a pair of IPv6 addresses that is authorized to pass through from a public to an internal interface.

     

    IPsec DoS Protection: Per IP Rate Limit Queues

    This monitor returns the current number of per internal IP address rate limit queues for unauthenticated IKEv1, IKEv2, AuthIP, or ESP IPv6 packets. An unauthenticated packet is an IPsec packet without an associated state entry. A state entry is a pair of IPv6 addresses that is authorized to pass through from a public to an internal interface. Unauthenticated packets are placed in a separate queue for each destination IP address that is available on the internal interface.

     

    IPsec DoS Protection: State Entries/sec

    This monitor returns the rate at which state entries are created by the IPsec Denial of Service Protection component. A state entry is a pair of IPv6 addresses that is authorized to pass through from a public to an internal interface.

     

    IPsec Driver: Bytes Received in Tunnel Mode/sec

    This monitor returns the rate of bytes received using tunnel mode.

     

    Service: Remote Access Connection Manager

    This service manages dial-up and virtual private network (VPN) connections from this computer to the Internet or other remote networks. If this service is disabled, any services that explicitly depend on it will fail to start.

     

    TCP Port: Direct Access

    This monitor tests the ability of a DirectAccess service to accept incoming sessions. The Forefront UAG DirectAccess server is listening on TCP port 443 for traffic from IP-HTTPS-based DirectAccess clients.

     

    Configuring Windows Remote Management (WinRM)

    1. If not already done so, install PowerShell 2.0 and WinRM on the SAM and target servers. Powershell 2.0 can be found here: http://support.microsoft.com/kb/968930.
    2. On the SAM server, open a command prompt as an Administrator. To do this, perform the following step:
    • Go to the Start menu and right-click the cmd.exe and then select Run as Administrator.
    1. Enter the following in the command prompt:
             winrm quickconfig
      winrm set winrm/config/client @{TrustedHosts="*"}
    2. On the target server, open a command prompt as an Administrator and enter the following:
             winrm quickconfig
      winrm set winrm/config/client @{TrustedHosts="IP_ADDRESS"}

    where IP address is the IP address of your SAM server.


    Portions of this document are based on http://technet.microsoft.com/en-us/library/hh918442.aspx Microsoft, copyright 2013