cancel
Showing results for 
Search instead for 
Did you mean: 
Create Post

THWACK Monthly Mission - January 2018

Level 15



Zoinks! Someone is using up all the bandwidth and causing major slowdowns throughout the whole organization. For this mission, we’re going to need to hop into the whodunit wagon and use Network Performance Monitor (NPM), Network Traffic Analyzer (NTA), and User Device Tracker (UDT) to unmask the inconsiderate bandwidth hog. NPM and NTA combine to form Bandwidth Analyzer Pack, which can detect, diagnose, and resolve network performance issues. UDT allows you to locate users and devices on your network. This groovy trio of network tools will make it easier than ever to stop bandwidth hogs in their tracks.

And they would have gotten away with it, if it weren’t for you meddling THWACKsters!



JANUARY MONTHLY MISSION

Use the mission’s resources to complete the tasks and answer the questions for a chance to win!

Correctly answer each question during the week and you'll be entered for a chance to win the weekly prize.

Correctly answer all 20 questions over the course of the month and you'll be entered for a chance to win the grand prize: Nest Cam Indoor Security Camera


PRIZES

Weekly Prizes & Drawing Dates:

January 15: Phillips Smart Bulb Kit

January 22: CORSAIR Gaming Keyboard & Mouse

January 29: Hyper X Gaming Head Set

February 5: Action Back Pack for GoPro

Grand Prize

February 5: Nest Cam Indoor Security Camera

150 points are being awarded for each correctly answered question. There are 20 questions, which means you can earn a maximum of 3,000 points for this mission.



MISSION SHORTCUT

Complete the mission shortcut to earn an additional 1,000 THWACK® points & enter to win a LEGO® Scooby-Doo® the Mystery Machine Building Kit!

The shortcut is simple:
    1. Download Bandwidth Analyzer Pack.
    2. Take a screenshot of the Application Summary Page. (My dashboards> Netflow> Apps)
    3. Submit your screenshot below.





*Bonus round* Earn up to an additional 500 THWACK points for screenshots showing all UDT Nodes - Submit bonus screenshots here


MISSION RULES

A new question will open every day (Monday - Friday) starting on January 8, 2018. Once a question has opened, it will remain open until February 4, 2018 at 11:59 p.m. CST. Check the schedule below for exact open/close times.



Weekly PrizesMonTueWedThuFriWinners
Week 1: Complete questions 1-5 by January 14 to be entered to win: Phillips Smart Bulb Kit
Week 2: Complete questions 6-10 by January 21 to be entered to win: CORSAIR Gaming Keyboard & Mouse
Week 3: Complete questions 11-15 by January 28 to be entered to win: Hyper X Gaming Head Set
Week 4: Complete questions 16-20 by February 4 to be entered to win: Action Back Pack for GoPro

Correctly answer all 20 questions by February 4 and get entered to win the Grand Prize! Nest Cam Indoor Security Camera



Monthly Mission Terms and Conditions: US, UK, and Canada | Germany | Australia

Mission Shortcut Terms and Conditions: US, UK, and Canada | Germany | Australia

196 Comments

Isn't that just the opposite with beef, the caged forever and massaged daily Kobe' beef and others are considered the best in the world. 

Naw . . .  I just suspect the content put out there for you to use was not spell-checked before it made it to you.  Always blame the publisher.

Level 20

Lol that's funny there were a LOT of them in that little area!

Level 12

Happy New Year!

Has anyone received the 1000 point for last year/month survey?

I completed the survey but don't see points yet:)

Level 20

I completely agree!  Now you can have your career ruined just for hitting on the wrong person.

Level 20

I had trouble trying to get the video to play today... when I clicked on it it says "No compatible source was found for this media."  This was in IE... I just tried firefox and it worked.  So if this also happens to you try firefox.

Level 12

Chrome 63.0.3239.132 also works.  I'm happy to see a CC option with a time-coded hint (not that it's really needed this time).  Pretty sweet.

Same issue with IE.  BTW, wabbott​, I downloaded the trial of BAP and wanted to submit the screenshot requested in the "Mission Shortcut".  I presume that by "Application Summary Page", you are referring to the "Orion Summary Home"...or are you?  Just want to make sure I get the screenshot you are looking for.

Level 12

Video is not working for me in Chrome, Firefox, or IE.  It's a hat trick, I can go home for the day!

Level 8

"Cones of Shame" ought to be mandatory everywhere when there are this kind of problem caused by a user.

Today's "correct" answer is not valid in my deployment, since we don't allow Solarwinds to have RW snmp permission.  But the options that would make today's correct answer correct in my environment can be seen--they're just grayed out.

Today's is a conditional answer, depending on your security needs & your NCM/NPM deployment.

Level 17

While the line 'Pretending you got A sliver', needed a correction and is grammatically correct. The correct Lyric for the next line, "You know we got a Mysterie(y) to Solve..." is grammatically incorrect because the conjunction "We've" is not used in that line.  

... so bad grammar can be a a 'thing' when it comes to music/lyrics/rhyme/etc. Either from dialect/regional/personal preference or just the idea that an elongated/extra word or conjunction is just too much to sing or say. That line speeds up and if we've was originally written, it was shortened so Austin Roberts could catch his breath to get the rest out audibly. Just one musician's thoughts.

Sometimes, rschroeder​, as you mentioned, one cannot help oneself...CANI (Constant and Never-ending Improvement)

pastedImage_1.png

the * indicates optional lyrics.  The "That's the fact!" lyric was added in later seasons of the Scooby Doo Mysteries.  Man, am I an introvert or what! 😉

MVP
MVP

I love the advice to use CC for those of us sometimes in a noisy environment

Hadn't thought about that - I've just been cranking the volume on my headphones!

rschroeder​, is there a particular reason that you do not allow SW to have RW on SNMP?  If so, can you share what it is?  Just curious about the methodology used there and if it might be applicable to others' environments.

Level 15

Hi Alex (& anyone else who is confused by the mission shortcut), this is how you get to the "app summary":

pastedImage_1.png

Example from online demo: http://oriondemo.solarwinds.com/Orion/TrafficAnalysis/SummaryView.aspx?viewkey=NetFlow%20Application...

It's a security issue and a trust issue.  I'm enough of a control freak that I don't want to risk RW credentials being exposed and used without permission.  If there are no RW permissions on any equipment, then I don't worry about someone being able to do something inappropriate via those credentials.

We've have some great outside auditors come in and try to hack our network.  These White Hats are paid to do their best to find holes and show how they could have been exploited.  My Network Team's received good marks from them, every time.  In part because we follow best practices and strive to achieve compliance in many realms, and in part because snmp is limited to RO.

There are ways to further secure RW, I realize.  Creating ACLs on every device that define source addresses that can issue RW snmp commands.  Using RADIUS and TACACS to further refine the security capabilities and requirements of RW string users.

But staff levels & training and project tasks don't allow for the additional expense and time for training and reconfiguration of all our devices. 

Back in the day, we had no RADIUS, no TACACS, and anyone with access to an snmp tool could have exploited RW powers all too easily.

So I made the decision to not put RW snmp creds on anything about fourteen years ago.  And amazingly, we get along without RW quite nicely.  There's nothing RW can do for us that we would not rather do more granularly on our own--SO FAR!  I'm open-minded enough to realize that there may be security requirements and cases where time is of the essence, and RW snmp strings could serve some needs.

But the commands which RW can accomplish can also be done via NCM as it executes scripts, and THAT has full TACACS AAA  going for it--which snmp does not.

;^)

Level 15

If you can't see the video, it may be time to update your browser.

pastedImage_1.png

Although I think you can guess the correct answer to Q3 without the video.

If you think you need to see the video to find the right answer, after reviewing the available answers . . . well . . . uh . . . 

pastedImage_0.png

Level 12

That makes it more clearer!!   I was wondering what "Application Summary" has to do with Bandwidth Analyzer pack.   So, you want "NetFlow Application Summary", not "Application Summary" (which is a SAM page).

Level 14

I like Q3. It really suited my mood

Level 12

Well to be honest, one should always use caution just in case it is a trick.  

Gee, you're right - remember the good old days with mandatory 'hugs'?

Absurd.

Level 20

I don't use RW snmp creds on my devices either.  It's just not the way to manage these devices and unless it's snmpv3 it's just not a good idea having plaintext RW community strings floating around the intranet.

Level 20

Q4 wasn't too bad!  Even the URL gives you a huge hint!

True, yes, the other "answers" were, um, pretty obvious.  And, Wendy, the problems were only with IE 11 that I saw...Chrome and Firefox were reported to work just fine with the video.

Thanks for the reply, rschroeder​!  I appreciate the insight.

True that!

Level 9

Thanks for the clarification. But we have not used NTA yet so the page is pretty much blank. I will submit it and see if I get the points.

gundamunit1​, I was in the same boat until I realized that I had to configure NetFlow on my test router.  This Cisco article got me up and running fairly quickly: NetFlow Configuration Guide, Cisco IOS Release 15M&T - Getting Started with Configuring Cisco IOS Ne...  Hopefully this helps...

Level 9

Wow, great weekly prizes and monthly prize, I'd be happy to win any of those

All green for this week.

Good luck everyone

Level 20

Tell the devs... bring on the Palo Alto and Sourcefire/Firepower support!!!!

Level 12

Palo Alto.

I preferred Scrappy to Scooby Dumb...he was the blurstestest, if I understand the meaning of the expletive.  Then there was Lula Doo...Scooby's mom.  Interesting that there is nothing on the Intarwebs about Lula...is it just me or does anyone else remember her?  Please, tell me I'm not going crazy!!!  Doh, too late! 😛

Level 10

I don't see anything about Scooby's mom being called Lula. Just Mumsy and Dada doo. Huh, maybe it's the Mandela Effect

MVP
MVP

Anyone else having problems with the demo?  The watch list is just spinning and never loads.

Level 9

On a DoD network, I can't access it either.

Not loading the data here either

Changing to Chrome worked for me

Level 12

pastedImage_0.png

Level 11

Loving this new mission!!! And the prizes are even better.

No seatbelts?  Ridiculous!

Well, that would be the reason there is nothing on the Web about Lula.  I swear I was not on anything back then...and I'm from Colorado!!!

MVP
MVP

rschroeder  wrote:

But the commands which RW can accomplish can also be done via NCM as it executes scripts, and THAT has full TACACS AAA  going for it--which snmp does not.

I totally agree with you there - I have never given Orion RW SNMP in any of the environment I've worked as NCM does the job, unless there is a specific need, and I can't think of one that would make me change the entire estate.

Back when I was the only guy with access to an NMS, and the network I'd built and supported wasn't one in the 7x24 Critical Health Care realm, I leveraged the NMS's ability to make my life more efficient through R/W permission.

Now that more people have access to my current Solarwinds NMS, and now that even enabling or disabling a port can mean a major impact to a business or clinic or hospital, I want the full AAA incident tracking log of what happens to switch, router, or firewall. 

TACACS provides that for us, no matter whether we issue the commands to the device directly, or whether we have NCM do it with a service account.

NPM with SNMP can leverage parts of AAA, but it doesn't provide what our documentation and Change Management and Incident Control solutions require.

If I were back in the earlier environment, where I was the only guy supporting 14,000 users at 33 geographic sites, on a network I designed and built and installed, I'd be comfortable enabling Read/Write SNMP-v3 with NPM.  Perhaps I'm just too much of a security / control person, but in that environment I could rely on myself to not make mistakes, and not try to cover them up through an NMS.  Here in Health Care, though, I want every one of my team using processes and protocols that are fully logged and fully transparent.  It prevents "cowboy networking" (see James T. Kirk's "Cowboy Diplomacy"), and helps ensure everyone knows what anyone else is doing on the network.

NCM's Real-Time Change Detection can be part of that solution, too, but we've tried it and found it doesn't meet our needs as well as the combination of NCM's Daily Change Reports and AAA's TACACS logs.

Level 20

We really appreciate some of the guidance on where to start looking in long docs as well like for today's question.  It helps a LOT.  Thanks everyone!

Level 9

Hear, hear! As much as I'd like to read the whole document (and intend to) I don't always have time in the morning to invest in that manner.

Level 8

Control F is your friend