Weitere ähnliche Inhalte Ähnlich wie SolarWinds User Group - Hawaii November 2016 (20) Kürzlich hochgeladen (20) SolarWinds User Group - Hawaii November 20162. • SolarWinds
Omar Rafik
Senior Federal Sales Engineer
omar.rafik@solarwinds.com
703-386-2626 (office)
• NorthTide Group, LLC
Eric S. Hodeen
Senior Network Engineer
ehodeen@northtidegroup.com
808-438-4662 x231 (office)
INTRODUCTIONS
© 2016 SOLARWINDS WORLDWIDE, LLC. ALL RIGHTS RESERVED. 2
3. AGENDA
• Welcome and Ice Breaker
• Network Performance Monitor 12.0 Discussion & Demo
• Server & Application Monitor 6.3 Discussion & Demo
• Log & Event Manager 6.3 Discussion & Demo
• Customer Spotlight: Compliance & SolarWinds
• Orion® Platform Architecture and High Availability Discussion
• Wrap-up and Q&A
The power to manage IT
© 2016 SOLARWINDS WORLDWIDE, LLC. ALL RIGHTS RESERVED.
3
4. Get to know who’s in the room!
Rules:
o Find people who has achieved any of the goals in the Ice Breaker handout
o Have them put their THWACK® ID (or name if they don’t have a THWACK ID yet)
in the squares for items they have done
o One person can only sign up to 3 boxes
o Complete the entire grid (or more than anyone else) and win!
TRICK: While you “interview” people, ask them who THEY’VE found for items you are missing,
and then go find those people also
PRIZE: First to finish gets a Raspberry Pi®!
ICE BREAKER
4© 2016 SOLARWINDS WORLDWIDE, LLC. ALL RIGHTS RESERVED.
5. ICE BREAKER
5© 2016 SOLARWINDS WORLDWIDE, LLC. ALL RIGHTS RESERVED.
Running NPM,
NCM, NTA
Knows how to
play the ukulele
Has at least one
alert with a
trigger action
that uses JSON
Has ever set up
an alert that uses
the Text-to-
speech option
Is a SolarWinds
THWACK MVP
Beta tested more
than 3 different
versions of
SolarWinds
products
Sending alerts to
something
OTHER than
email
More than 100
active alert rules
Can do the Haka
dance
Used Cirrus Monitoring >
2000 network
devices
Has entered a
surfing
competition
Has lived in
another country
Monitoring >
5,000 devices
total
Used CatTools
before it was
part of
SolarWinds
Running more
than 1 instance
of SW products
in production
Running IPAM
and UDT
Monitoring >
50,000 NPM
elements (disk,
NIC, IP)
Running Full
Appstack (SAM,
SRM, WPA,
VMan)
Bought
Engineer’s
Toolset from
SolarWinds.NET
Has served in the
military
Monitoring >
2000 servers
Has been using
SolarWinds
products for 5+
years
Appeared as an
extra in a movie
or TV show
filmed in Hawaii
7. • NetPath™ Troubleshooting (NPM 12)
• ServiceNow® Integration (NPM 12)
• Network Insight for F5® Big-IP® Load Balancers (NPM 12)
• Monitoring for Cisco® Switch Stacks (NPM 12)
• Automated Dependencies
• Network Atlas and Topology Data
• Wireless Monitoring and Wireless Heat Maps
• QoE DPI for Application and Network Response Time
• Configuring Reports, Alerts, and Role Based Access
• NOC View Creation
• Simple Dashboard Customization
© 2016 SOLARWINDS WORLDWIDE, LLC. ALL RIGHTS RESERVED.
NETWORK PERFORMANCE MONITOR
7
8. SERVER & APPLICATION MONITOR (SAM)
DISCUSSION AND DEMONSTRATION
© 2016 SOLARWINDS WORLDWIDE, LLC. ALL RIGHTS RESERVED.
8
9. • Server & Application Monitor
o Orion Agent for Linux® (6.3)
o AppInsight™ for SQL Server® 2016 and Exchange™ (6.3)
o Active Directory® discovery (SAM 6.2.4)
o ServiceNow Integration (SAM 6.2.4)
o Group Assignments for Application Templates (SAM 6.2.4)
o AppInsight for IIS™
o Hardware Health (temperature, power, fan speed, …)
o Asset Inventory
o Customizable application monitoring
© 2016 SOLARWINDS WORLDWIDE, LLC. ALL RIGHTS RESERVED.
SYSTEMS MANAGEMENT PRODUCTS
Technical review and update
9
10. APPSTACK MANAGEMENT BUNDLE
What is it?
The AppStack™ concept is the monitoring of an
Application throughout the entire stack –
application, database, virtualization, server, and
storage layers – so the location of any
performance bottlenecks can quickly and easily
be determined
How is it accomplished?
Utilizing our Server & Application Monitor (SAM),
Virtualization Manager (VMAN), Storage
Resource Monitor (SRM), Web Performance
Monitor (WPM), and Database Performance
Analyzer (DPA) products we can see each piece
of the puzzle; with integration amongst the
products, we can follow the breadcrumbs to see
where the issue lies
It’s here – enabled in SAM, VMAN, SRM, WPM
© 2016 SOLARWINDS WORLDWIDE, LLC. ALL RIGHTS RESERVED.
10
12. LOG & EVENT MANAGER (LEM)
DISCUSSION AND DEMONSTRATION
© 2016 SOLARWINDS WORLDWIDE, LLC. ALL RIGHTS RESERVED.
12
13. • Log & Event Manager
o Connectors for various log data sources
o Correlation rules
o Architecture
o NIST FISMA and DISA STIG compliance reporting
IT SECURITY TOOLS
Technical review and update
© 2016 SOLARWINDS WORLDWIDE, LLC. ALL RIGHTS RESERVED.
13
15. © 2016 SOLARWINDS WORLDWIDE, LLC. ALL RIGHTS RESERVED.
NCM COMPLIANCE FEATURE
Getting Started
• Requirements for Compliance Feature
o NCM 7.4 or later
o Device Configurations downloaded
o Custom Properties defined
16. © 2016 SOLARWINDS WORLDWIDE, LLC. ALL RIGHTS RESERVED.
NODE DATABASE
• Compliance Columns
o Two columns were created
• A Device Type Column (PRTR, PL3S, IRTR, IL3S, L2SW, etc.)
• A Device OS Type Column (IOS, NXOS, F5, PALO, BROS, BVDX, etc.)
17. © 2016 SOLARWINDS WORLDWIDE, LLC. ALL RIGHTS RESERVED.
COMPLIANCE REPORTS
• Reports
o NCM native Reports/Policies/Rules
o THWACK Reports/Policies/Rules
• Everything DISA STIGs for your Network
• https://thwack.solarwinds.com/thread/97900
18. © 2016 SOLARWINDS WORLDWIDE, LLC. ALL RIGHTS RESERVED.
COMPLIANCE FEATURE DASHBOARD
• Site Audit Dashboard
o Provide One-Stop view of all
networking devices configured
in Node Database
o CAT I – CAT III notifications
o Gives administrators exactly
where to start
19. © 2016 SOLARWINDS WORLDWIDE, LLC. ALL RIGHTS RESERVED.
RULE MODIFICATION
• Rules – Infrastructure Router (IRTR)
o NET0812 - The network element must use two or more NTP servers to synchronize
time
o NET0813 - The network element must authenticate all NTP messages received from
NTP servers and peers
o NET0899 - The router must use its loopback or OOB management interface address as
the source address when originating NTP traffic
Looking at Network Time Protocol (NTP)
22. © 2016 SOLARWINDS WORLDWIDE, LLC. ALL RIGHTS RESERVED.
• NTP Servers
o Primary 1.1.1.1
o Secondary 2.2.2.2
o Each have an associated
Key
Router-3#
!
!
ntp server 1.1.1.1 key 1
ntp server 2.2.2.2 key 2
WORK THROUGH THE ISSUES …
23. © 2016 SOLARWINDS WORLDWIDE, LLC. ALL RIGHTS RESERVED.
• NTP Servers
o Authentication for each key
using MD5
o Keys are trusted
Router-3#
!
!
Ntp authentication-key 1 md5 MyFirstKey
Ntp authentication-key 2 md5 MySecondKey
Ntp trusted-key 1
Ntp trusted-key 2
ntp server 1.1.1.1 key 1
ntp server 2.2.2.2 key 2
WORK THROUGH THE ISSUES …
24. © 2016 SOLARWINDS WORLDWIDE, LLC. ALL RIGHTS RESERVED.
• NTP Servers
o Source Interface defined
Router-3#
!
!
Ntp authentication-key 1 md5 MyFirstKey
Ntp authentication-key 2 md5 MySecondKey
Ntp trusted-key 1
Ntp trusted-key 2
Ntp source Loopback0
ntp server 1.1.1.1 key 1
ntp server 2.2.2.2 key 2
WORK THROUGH THE ISSUES …
25. © 2016 SOLARWINDS WORLDWIDE, LLC. ALL RIGHTS RESERVED.
• NTP Policy Review
o Filters on Custom Properties
o Rules selected for auditing
WORK THROUGH THE ISSUES …
26. © 2016 SOLARWINDS WORLDWIDE, LLC. ALL RIGHTS RESERVED.
• NTP Report Review
o Policies Selected
WORK THROUGH THE ISSUES …
27. © 2016 SOLARWINDS WORLDWIDE, LLC. ALL RIGHTS RESERVED.
• Procedure
o If you have modified your device configuration – Download new config
o If you have modified the rule/policy/report – Update Reports
PUTTING IT ALL TOGETHER …
28. © 2016 SOLARWINDS WORLDWIDE, LLC. ALL RIGHTS RESERVED.
• Results
o If the columns are blank, you have met the conditions of your rules and are
considered compliant.
o If findings still persist then repeat process.
• It gets easier after you have completed a couple.
READY FOR YOUR NEXT CCRI OR SAV!
29. © 2016 SOLARWINDS WORLDWIDE, LLC. ALL RIGHTS RESERVED.
• Results
o If you policy does not show up on the
Site Audit Page, then there are no
findings present.
o YOU ARE READY!!!
READY FOR YOUR NEXT CCRI OR SAV!
30. SOLARWINDS® COMPLIANCE FEATURES
• Automate patching of Microsoft® and 3rd party
applications to improve compliance
• Schedule patches for minimum downtime
• Inventory software and physical components per
server or workstation
Patch Manager
• Inventory network device configurations, assess
configurations for compliance, and automate
change and configuration management
• Implement configuration of security controls and
assure their effectiveness
• Produce FISMA and STIGS reports from
configuration templates
• Produce audit documentation and reports
Network Configuration Manager
• Configure correlation rules to help assure
effectiveness of security controls
• Real-time and continuous monitoring of security
controls
• Produce FISMA and STIGS compliance reports from
templates
• Supports STIG requirements for configuration
auditing, log analysis and broader network security
• Tracks and report suspicious activities/attacks to
provide auditing support
Log & Event Manager
• Trend utilization for capacity planning
• Track multicast or firewall port discards
• Monitor network health and availability
• Identify protocol latency delays
• Produce audit documentation and reports
Network Performance Monitor
© 2016 SOLARWINDS WORLDWIDE, LLC. ALL RIGHTS RESERVED.
30
31. • Review our NIST FISMA/RMF compliance blog:
https://thwack.solarwinds.com/community/solarwinds-community/product-
blog/blog/2015/08/01/fisma-nist-800-53-compliance-with-solarwinds-products
• Review our DISA STIGS compliance blog: https://thwack.solarwinds.com/community/solarwinds-
community/product-blog/blog/2011/09/07/disa-stig-compliance-with-log-event-manager
• Watch a Federal Security Compliance video:
http://www.solarwinds.com/resources/videos/solarwinds-federal-security-compliance.html
• Download a SIEM whitepaper:
http://www.solarwinds.com/resources/whitepaper/siem-speeds-time-to-resolution.html
• Download a Continuous Monitoring whitepaper:
http://go.solarwinds.com/fedcyberWP?=70150000000Plgf
COMPLIANCE RESOURCES
Let us know how we can help you
© 2016 SOLARWINDS WORLDWIDE, LLC. ALL RIGHTS RESERVED.
31
33. • SolarWinds Orion Platform architecture
• Scaling for the enterprise
o Simple deployment
o Additional Polling Engines (APE)
o Additional Orion Servers
o Automation
• High Availability (new release)
• SSH on web based terminal (Orion Platform 2016.2.100)
SCALABILITY AND ARCHITECTURE
© 2016 SOLARWINDS WORLDWIDE, LLC. ALL RIGHTS RESERVED.
33
34. SOLARWINDS ORION PLATFORM ARCHITECTURE
Logical view of our platform architecture
ORION PLATFORM
Primary Web Server, Main Polling Engine and Common Services:
Nodes, Volumes, Alerts, Events, Reports, Discovery, Syslogs, Traps, Maps, API
NTA
IP flows
NPM
interfaces, wireless,
virtualization, UCS…
NCM
configuration
management
network
security
IPAM
IP address
management
UDT
port monitoring
network security
VNQM
VoIP monitoring
SAM
server &
application
monitoring
WPM
web application
performance
monitoring
SRM
storage monitoring
& capacity
planning
Toolset
real-time trouble
shooting
VMAN
virtual
infrastructure
monitoring
PM
patch update
management
network security
DPA
database
performance
monitoring
Flow
Storage DB
34© 2016 SOLARWINDS WORLDWIDE, LLC. ALL RIGHTS RESERVED.
Optional - ADDITIONAL
POLLING ENGINE
Optional - ADDITIONAL
WEB SERVER
Optional – AGENTS
Optional - HIGH
AVAILABILITY
PRIMARY
WEB SERVER
Orion DB
More Network, Servers,
Applications,
Storage
Network, Servers,
Applications,
Storage
35. 35© 2016 SOLARWINDS WORLDWIDE, LLC. ALL RIGHTS RESERVED.
Simplest deployment
scenario
Scales to:
• 12,000 Network Elements
• 20,000 Server/Application
Elements
• 50,000 Flows Per Second
• 20+ Concurrent Users
SOLARWINDS SIMPLE ORION PLATFORM DEPLOYMENT
One or more Orion products
installed on Orion Server:
NPM, NTA, NCM, UDT, IPAM,
VNQM, SAM, SRM, WPM,
Patch, Tools, VMAN
Web Browser:
Internet Explorer,
Firefox, Chrome
NTA Flow Storage
Database (FSDB)*
SQL Server
IT devices and apps being
monitored (switches,
routers, servers, hosts,
SANs, apps, websites)
SolarWinds Orion
Server
*Only needed if NTA is installed
on Orion Server
36. 36© 2016 SOLARWINDS WORLDWIDE, LLC. ALL RIGHTS RESERVED.
Monitor and manage
more IT devices
This Configuration with
multiple Additional Polling
Engines can Scale to:
• 100,000 Network Elements
• 150,000 Server/Application
Elements
• 300,000 Flows Per Second
• 20+ concurrent users (Can
scale higher with Additional
Web Servers)
ORION DATA COLLECTION WITH APE
SolarWinds Orion
Server
SQL Server
NTA Flow
Storage Database
Polling
Engine
Up to 25 additional polling
engines can be installed locally
and/or remotely
IT devices and apps
being monitored by
additional polling engine
in a remote office
37. 37© 2016 SOLARWINDS WORLDWIDE, LLC. ALL RIGHTS RESERVED.
Automated high-level
situational awareness
This Configuration with
multiple Orion instances with
Additional Polling Engines
can Scale to:
• 75 Orion instances
• 1,000,000 total Elements
(Network,
Server/Application)
ENTERPRISE OPERATIONS CONSOLE (EOC)
WITH MULTIPLE ORION SERVERS
Orion
Server
Orion
Server
Orion
Server
SolarWinds Enterprise
Operations Console
Web Browser: Internet
Explorer, Firefox,
Chrome
Up to 75 remote and/or
local Orion Servers can be
monitored by an EOC
EOC collects, displays and
alerts on real-time
operational status of all IT
devices monitored by all
Orion Servers
SQL
Server
38. SCALING THROUGH AUTOMATION
• Automation will assist you with controlling admin costs
• Scalability is often limited by the ability to automate routine tasks like manual
configuration tasks; raw performance or hardware infrastructure costs may be a
lesser challenge
• Automate and integrate with the Orion platform API
• Query alert, configuration, and performance data
• Set custom properties and other configurations
• Acknowledge alerts and un-manage nodes
• And so on…
© 2016 SOLARWINDS WORLDWIDE, LLC. ALL RIGHTS RESERVED.
38
39. 39© 2016 SOLARWINDS WORLDWIDE, LLC. ALL RIGHTS RESERVED.
Monitor and manage
with High Availability
• Automatic failover
• Main Polling Engines
• Additional Polling Engines
• HA Pools with virtual IP
addresses
• Instant notification and alerting
• Customizable rules
• Real-time monitoring
ORION PLATFORM WITH HIGH AVAILABILITY (HA)
SQL ServerStandby
Additional
Polling
Engines
Standby
Orion
Servers
Active
Orion
Servers
Active
Additional
Polling
Engines
Heartbeat
Server Pool #1
Server Pool #2
Heartbeat
41. • Watch an NPM 12 demo: http://www.solarwinds.com/resources/videos/solarwinds-npm-your-complete-network-monitoring-solution.html
• Visit our Federal website: http://www.solarwinds.com/federal
• Call the SolarWinds Federal sales team: 877-946-3751
• Email federal sales: federalsales@solarwinds.com
• Download our Scalability whitepaper: http://www.solarwinds.com/resources/whitepaper/orion-scalability-tech-tip.html
• Visit our THWACK® government group: http://thwack.com/government
• Follow us on LinkedIn®: https://www.linkedin.com/company/solarwinds-government
ADDITIONAL RESOURCES
Let us know how we can help you
© 2016 SOLARWINDS WORLDWIDE, LLC. ALL RIGHTS RESERVED.
41
42. SolarWinds, SolarWinds & Design, Orion, and Thwack are the exclusive property of SolarWinds Worldwide,
LLC or its affiliates, are registered with the U.S. Patent and Trademark Office, and may be registered or
pending registration in other countries. All other SolarWinds trademarks, service marks, and logos may be
common law marks or are registered or pending registration. All other trademarks mentioned herein are
used for identification purposes only and are trademarks of (and may be registered trademarks) of their
respective companies.
© 2016 SOLARWINDS WORLDWIDE, LLC. ALL RIGHTS RESERVED.
Hinweis der Redaktion Welcome (15)
Network Performance Monitor 12.0 Discussion and Demo (30)
Server & Application Monitor 6.3 Discussion and Demo (20)
Log & Event Manager Discussion and Demo (30)
Compliance and SolarWinds (30)
Architecture and High Availability Discussion (30)
Wrap-up and Q&A (15)
[201 slide] [201 slide]
Affectionately been referred to as the "AppStack". The Application Stack, or "AppStack" for short, is a term used to describe all the various moving parts that make up today's complex application delivery infrastructure. This begins at the bottom with the backend storage arrays where data is housed, through the various different virtualization layers, up to the server that hosts the application, until finally we reach the application itself. The AppStack Environment View shown below accompanies the SAM 6.2, VMAN 6.2, and SRM 6.0 beta releases. [201 slide] [Mark cut integration bullets, as we won’t have time to cover.] This is a logical view of the platform architecture, with web services on the top and devices and pollers on the bottom.
There are 9 products fully integrated into the Orion Platform (formerly known as “Orion Core”); the products on the right side are integrated, but to a lesser degree.
The Orion Platform comes with any/all of the products and includes the Primary Web Server, Main Polling Engine as well as Common Services.
Additional users can be supported by adding additional web servers [refer to light blue box, upper right]
Additional devices can be supported by adding additional polling engines [refer to light blue box, middle bottom]
There are also high availability options.
We’ll shift over to more of a physical architecture as we explore scaling your SolarWinds solution. We are simplifying the Orion Server instances on the bottom of slide; Orion Servers require a SQL Server, and potentially a NetFlow Storage Database. please note that the following sections are hidden in the appendix, in case you need them-
Recommended Practices for SolarWinds Infrastructure
Integration Options