cancel
Showing results for 
Search instead for 
Did you mean: 
Create Post
Highlighted
Level 8

remote monitoring of a network behind a firewall

We have a situation where a network  behind a firewall needs intensive monitoring.  there is a firewall behind the firewall which we do not control which needs access to the internet through our firewall. 

The problem is that we need to know its status every one seconds and collect that data.   So ideally, it would be an orion server inside that network but able to collect data every one seconds..  so far, the fastest we can set orion I think is 10 seconds. 

Effectively, I need to ping several devices and a google dns and collect that data.

Any idea how to collect at this frequency? 

We are running orion but falling short because the episodes are lasting less than 10 seconds.  So we have no method to "prove" our network is not at fault..

0 Kudos
4 Replies
Highlighted

Re: remote monitoring of a network behind a firewall

for such short polling frequencies, you could use the engineers toolset, it is capable of live monitoring.

Orion itself is not capable of a polling frequency less than 10 seconds.

could you elaborate a bit on what you are trying to see?

cheers,

Holger

Highlighted
Level 8

Re: remote monitoring of a network behind a firewall

Credit card processing is done down a vpn tunnel.  While I cant see the processor on the far end I can see the device (POS) wanting the credit, the device (firewall) sending the credit and I can see the internet.  If those three things are present then in theory "my" network is doing its job. 

Im downloading the toolset demo.

0 Kudos
Highlighted

Re: remote monitoring of a network behind a firewall

NetPath and QoE should do the job over time, but Enhanced Ping from the Toolset will give you real time stats at the rate you set.  Be careful with the tool set; it can be a tool of good or evil.  It's easy to inadvertently create a DOS using those tools if you're not completely familiar with their setup and the size of the pipe and the capabilities of the devices you'll monitor.

Highlighted

Re: remote monitoring of a network behind a firewall

Some ideas:

  • Coordinate with the other firewall's administrator and ensure your Solarwinds systems and tools have the necessary access through the first firewall to monitor your devices.  Then ensure your firewall, and the devices behind it, have the correct firewall rules / permissions for management/monitoring from your Orion systems.  Finally, set Orion to poll every ten seconds (which is as fast as it will allow).  Statistically, you should see errors over timeif any occur.
  • Configure a NetPath monitor of one or more of your devices.  Again, you can use this statistically to show packet loss (or not) which can suggest the presence or absence of problems.  Do not infer there are no problems if nothing shows up until a statistically significant amount of time has been spent monitoring.  Ideally your monitors would show problems when your users complain.
  • Set up a Quality Of Experience monitor for a service on one or more of those devices behind the first firewall.  I would expect this solution to capture outages and show where they are occurring.
  • Use the Engineers' Toolset's Enhanced Ping to track real time responses of all devices behind the first firewall.  This requires leaving Enhanced Ping up and running, but it will catch ANY lost packets or flow.  The problem may be more of you seeing it happen there, but Enhanced Ping can log the ICMP responses to a file as they are received, and you can review the file for packets lost.
  • Don't waste time worrying about NPM not polling more frequently than once per ten seconds.  Some hardware cannot react to polls more frequently than that.
  • Ask the administrator of the first firewall to provide statistics and logs showing throughput, uptime, packet loss and discards.  If they will not provide that information, it's acceptable to politely escalate the problem to their Manager, and even ask if you may monitor their firewall with Read-Only permissions from your Orion system.  They might not allow it, but without asking, you won't discover whether they will or not.  You may be pleasantly surprised!  Presenting your request in a calm and friendly manner will have better results than using a confrontational or adversarial style.  Maybe you can approach it from the point of view of your two groups teaming up to fix a common problem.
  • Open a support ticket with the first firewall adminstrator's team/company and describe the problems you're recording / experiencing.  Team with their folks to help get this understood and resolved.
  • Install the Toolset on a computer behind the second firewall and monitor traffic outbound to your Solarwinds corporate server.  Maybe you'll have better luck tracking issues from there.
0 Kudos