This document provides an overview and demonstration of Sterling Computers' CrossWatch solution for providing cross domain situational awareness using SolarWinds products. CrossWatch allows Orion servers running in different security domains to push monitoring data to a centralized Enterprise Operations Console, giving operations staff a single dashboard view of the status of IT assets across multiple domains. The demonstration shows how CrossWatch adapts the EOC's "pull" model to a cross-domain "push" model, caching and formatting data from low domain Orion servers for display in the high domain EOC.

1. Cross Domain Solutions for SolarWinds®
from Sterling Computers
Presented By:
Ed Bender
SolarWinds Worldwide, LLC
Senior Federal SE Manager
ed.bender@solarwinds.com
410-286-3060 (office)
Ben Chernicoff
Sterling Computers Corp.
Software Architect
Ben.Chernicoff@sterlingcomputers.com
503-926-6513(office)
VIEW AND NAVIGATE STATUS OF NETWORKS ON A SINGLE SCREEN

2. Agenda
• Need for Cross Domain Solution
• SolarWinds Overview
• Orion® Solution Overview and Demonstration
• Orion Architecture and Scalability
• SolarWinds Enterprise Operations Console (EOC) Demonstration
• Sterling Computers’ Cross Domain Solution
• Questions and Answers
2

3. Need for Cross Domain Solution (CDS)
for SolarWinds Deployments
3
© 2015 SOLARWINDS WORLDWIDE, LLC. ALL RIGHTS RESERVED

4. CDS for NIPR, SIPR, JWICS and More
© 2015 SOLARWINDS WORLDWIDE, LLC. ALL RIGHTS RESERVED 4
USE CASES SUPPORTED BY A CROSS DOMAIN SOLUTION
• Enterprise operations staff that manage enterprise assets in multiple security domains
desire to have a single operations console showing the status of all assets within all
domains
• Networks in different security domains are not directly connected through ordinary
means leading to each network having an independent network monitoring infrastructure
• Each network uses one or more SolarWinds Orion servers to poll the assets that are
being monitored; SolarWinds Enterprise Operations Console (EOC) aggregates
Orion servers to provide a single dashboard view of multiple Orions servers, but it
can’t reach across to Orion servers running in another security domain
• EOC uses a “pull” model to communicate with Orion; that doesn’t work with one-way-
transfer Cross Domain Solutions and the protocol is not supported by existing two-
way-transfer CDSs.

5. SolarWinds
Overview
5© 2015 SOLARWINDS WORLDWIDE, LLC. ALL RIGHTS RESERVED

6. SolarWinds Federal
• Provide enterprise-class network, systems, security, virtualization, and
storage resource management software that is powerful, easy-to-use, and
affordable
• Over 425 of the Fortune 500
• 35% of the Global 2000
• Businesses of ALL Sizes in 170
Countries
• Every branch of DOD and virtually
every Civilian and Intelligence agency
• Founded – 1999
• Headquarters – Austin, TX
• Federal Office – Herndon, VA
• Worldwide Offices – 11
• Employees – 1,800+
• Customers – Over 150,000+ worldwide
• Revenue – $428.7 million 2014
© 2015 SOLARWINDS WORLDWIDE, LLC. ALL RIGHTS RESERVED 6
GOVERNMENT CUSTOMERS
THE BASICS - WHO

7. Our Vision
© 2015 SOLARWINDS WORLDWIDE, LLC. ALL RIGHTS RESERVED. 7
• Regardless of where the
applications and underlying
infrastructure are deployed
• Regardless of where our
management tools need to
be deployed
• While continuing to take a
user-centric approach –
only buy what you need,
when you need it
Manage All Things IT…
MANAGE ALL THINGS IT IN A HYBRID WORLD

8. Use Case: Troubleshooting IT & App Performance
© 2015 SOLARWINDS WORLDWIDE, LLC. ALL RIGHTS RESERVED. 8
My app is
really slow!
Is it the app?
Is it the
network?
Is it the
database?
Is it the server?
Is it a VM?
Is it the storage?
monitor, alert, troubleshoot and resolve
Our products:
Make the invisible, visible

9. Product Mission: Enable IT & DevOps pros to proactively and reactively monitor, alert, troubleshoot and
resolve issues quickly
Product Principles: Fast (accessible immediately), Easy (best in class UX) and Affordable (starting
price for agencies of all sizes)
What We Offer Today
© 2015 SOLARWINDS WORLDWIDE, LLC. ALL RIGHTS RESERVED. 9
Network
Management
Performance
Configuration
IP Address
VoIP
Systems and
App Management
Servers & Apps
Virtualization
Storage
Database
Management
Database
Performance
Tools
Remote
Troubleshooting
Web Help Desk®
Topology
Mapping
Security
Management
Log & Event
Patch
Configuration
• SQL®
• Oracle®
• DB2®
• Sybase®
• AWS®
Device Tracking Secure File
Transfer
Web
Performance
BUILDING TOWARD OUR VISION

10. SolarWinds Product Portfolio
© 2015 SOLARWINDS WORLDWIDE, LLC. ALL RIGHTS RESERVED. 10
ACROSS THE IT ENTERPRISE
WEB HELP DESK/WHD *FREE* ALERT CENTRAL
SERVER & APPLICATION MONITOR/SAM
VIRTUALIZATION MANAGER/VMAN
STORAGE RESOURCE MONITOR/SRM
WEB PERFORMANCE MONITOR/WPM
DATABASE PERFORMANCE ANALYZER/DPA
NETWORK PERF MONITOR/NPM
NETWORK TRAFFIC ANALYZER/NTA
NETWORK CONFIG MANAGER/NCM
IP ADDRESS MANAGER/IPAM
VOIP & NTWK QUALITY MGR/VNQM USER DEVICE TRACKER/UDT
LOG & EVENT MANAGER/LEM
SERV-U® MFT SERVER/SERV-U PATCH MANAGER/PATCH
ENGINEER’S TOOLSET/ETS
NETWORK TOPOLOGY MAPPER/NTM
KIWI SYSLOG®
CATTOOLS®
TOOLS
MOBILE ADMIN®
DAMEWARE® REMOTE SUPPORT/DRS
ENTERPRISE OPERATIONS CONSOLE/EOC
SYSTEMS MGMT
NETWORK MGMT SECURITY MGMT
DATABASE MGMT
CROSS-PRODUCT VISIBILITY
TOOLS

11. Orion Solution
Overview
11© 2015 SOLARWINDS WORLDWIDE, LLC. ALL RIGHTS RESERVED

12. SolarWinds Orion Product Suite
• Network Performance Monitor
• NetFlow Traffic Analyzer
• Network Configuration Manager
• IP Address Manager
• User Device Tracker
• VoIP and Network Quality Manager
• Server & Application Monitor
• Web Performance Monitor
• Storage Resource Monitor – new
• Integrated Products
– Virtualization Manager
– Database Performance Analyzer – new
– Patch Manager
– Engineer’s Toolset
© 2015 SOLARWINDS WORLDWIDE, LLC. ALL RIGHTS RESERVED 12
COMPREHENSIVE PLATFORM FOR IT INFRASTRUCTURE VISIBILITY

13. SolarWinds Orion Product Suite
© 2015 SOLARWINDS WORLDWIDE, LLC. ALL RIGHTS RESERVED 13
ORION WEB CONSOLE

14. The Orion Core Architecture
• Orion Core Functional Architecture
– Information Service – web console
– Alerting Engine
– Reporting Engine
– Network Atlas – Mapping
– Scheduled Device Discovery
– Database
• Orion Core Hardware Requirements
– Application Server
– Database Server
– Flow Storage Server – optional
– VMAN Application Server - optional
– Polling Engines – optional
– Web Server – optional
© 2015 SOLARWINDS WORLDWIDE, LLC. ALL RIGHTS RESERVED 14
• Additional Details
– Orion components can be installed stand alone and
establish their own Core
– All or combinations of products can install on a single
Core
– There are NINE Orion Core products
– Four more SolarWinds products can integrate with an
Orion Core installation
– The Orion Core offers visibility to IT infrastructure with
the capabilities of up to 14 products in a single intuitive
and customizable web console
– This greatly simplifies hardware requirements and
sustainment of monitoring and management tools
– Improves operational efficiency with a single pane of
glass and lowers total cost of ownership vs. point
products
THE PLATFORM FOR INFRASTRUCTURE MONITORING & MANAGEMENT

15. SolarWinds Orion
Demonstration
15© 2015 SOLARWINDS WORLDWIDE, LLC. ALL RIGHTS RESERVED
IT MANAGEMENT TOOLS THAT SCALE FOR THE ENTERPRISE

16. Orion Architecture
and Scalability
16© 2015 SOLARWINDS WORLDWIDE, LLC. ALL RIGHTS RESERVED

17. The Orion Core Architecture
© 2015 SOLARWINDS WORLDWIDE, LLC. ALL RIGHTS RESERVED 17
CORE PRODUCTS AND PRIMARY INTEGRATIONS
NPM
Interfaces, Wireless,
Virtualization, UCS…
ORION CORE
Primary Polling Engine and Common Services:
Nodes, Volumes, Alerts, Events, Reports, Discovery, Syslogs, Traps, Maps, API
Orion
Core DB
IPAM
IP add.
Mgmt.
NTA
IP Flows
PRIMARY WEB SERVER
SAM
Servers and
Applications
MORE
Network - Servers
Applications
Storage
ADDITIONAL POLLING ENGINE +
NCM
Config.
Mgmt.
NetSec
UDT
Port
Monitor.
NetSec
VNQM
VoIP
Monitor
WPM
Web
Monitor
VMAN
Virtual
Infra.
Monitor
SRM
Storag
Monitor
Patch
Update
Mgmt.
SysSec
Toolset
Real-time
Trouble
Shooting
Flow
Storage
DB
Network - Servers
Applications
Storage
DPA
DB
Perf.

18. SolarWinds Orion Simple Deployment
© 2015 SOLARWINDS WORLDWIDE, LLC. ALL RIGHTS RESERVED. 18
Scales to:
• 12,000 Network Elements
• 20,000 Server/Application
Elements
• 50,000 Flows Per Second
• 20+ Concurrent Users
One or more Orion products
installed on Orion Server:
NPM, NTA, NCM, UDT,
IPAM, VNQM, SAM, SRM,
WPM, Patch, Tools, VMAN
Web Browser:
Internet Explorer®,
Firefox®, Chrome™
NTA Flow Storage
Database (FSDB)*
MS SQL Server®
IT devices and apps
being monitored
(switches, routers,
servers, hosts, SANs,
apps, websites)
SolarWinds
Orion Server
*Only needed if NTA is installed
on Orion Server
SIMPLEST
DEPLOYMENT
SCENARIO

19. Orion Data Collection with Additional Polling Engine
© 2015 SOLARWINDS WORLDWIDE, LLC. ALL RIGHTS RESERVED. 19
This Configuration with
multiple Additional Polling
Engines can Scale to:
• 100,000 Network Elements
• 150,000 Server/Application
Elements
• 300,000 Flows Per Second
• 20+ concurrent users (Can
scale higher with
Additional Web Servers)
SolarWinds
Orion Server
MS SQL
Server
NTA Flow Storage
Database (FSDB)
Polling
Engine
Up to 75 additional polling
engines can be installed locally
and/or remotely
IT devices and apps
being monitored by additional
polling engine in a remote office
MONITOR AND
MANAGE MORE IT
DEVICES

20. Enterprise Operations Console (EOC) with Multiple Orion Servers
© 2015 SOLARWINDS WORLDWIDE, LLC. ALL RIGHTS RESERVED. 20
This Configuration with
multiple Orion instances
with Additional Polling
Engines can Scale to:
• 75 Orion instances
• 1,000,000 total Elements
(Network,
Server/Application)
Orion
Server
Orion
Server
Orion
Server
SolarWinds
Enterprise
Operations Console
Web Browser:
Internet Explorer,
Firefox, Chrome Up to 75 remote and/or
local Orion Servers can
be monitored by a single
EOC
EOC collects, displays and alerts
on real-time operational status
of all IT devices monitored by all
Orion Servers
MS SQL
Server
AUTOMATED HIGH
LEVEL SITUATIONAL
AWARENESS

21. SolarWinds EOC
Demonstration
21© 2015 SOLARWINDS WORLDWIDE, LLC. ALL RIGHTS RESERVED

22. Sterling Computers’
CrossWatch for SolarWinds
22

23. CrossWatch for SolarWinds Deployment Architecture
EOC
Multi-Level
User Experience
Orion
Server
Low Side
High Side
HTTP
SOAP
CrossWatch
SmartXD SWIS SWIS
XML
SOAP
CrossWatch
SmartXD
SWIS
XML
Orion
Server
One Way
CDS
CrossWatch adds cross domain aware components into the
SolarWinds deployment to provide a multi-level monitoring capability

24. What is SmartXD?
• A cross-domain guard abstraction layer that simplifies building multi-
level applications and capabilities
• It’s NOT a guard!
– Utilizes existing approved cross domain transfer solutions
– Tightly integrates with: AFRL ISSE, NSA Cloud Security Gateway, BAE XTS Guard,
and Tresys XD Bridge
– Generically supports any streaming TCP/IP, FTP, or other file-transfer based guard
• XML messages are transferred across the guard
– XML message are defined by a strict XML schema, which can be installed on the guard
and used to validate messages in transit
• Platform independent; i.e. runs on Windows, Linux, Solaris, etc.
• Written in Java and runs in Apache Tomcat
• Common Core of other products in this briefing

25. What is CrossWatch?
• CrossWatch is a type of store-and-forward system that adapts the “pull” model used by
the EOC into a cross-domain “push” model where results are pushed from a low domain to
a high domain
• CrossWatch on the low domain implements the SolarWinds Information Service (SWIS)
protocol and executes SWIS queries on a periodic basis against the low-side Orion server;
these results are sent to SmartXD where they are formatted and packaged into well defined
XML messages that are suitable for cross domain transfer. The messages are then
transmitted to the guard
• On the high side the messages are received and processed by SmartXD and forwarded
to CrossWatch where they are cached; the high side EOC polls CrossWatch and the results
are delivered; to the EOC, the high-side CrossWatch component appears to be the
low-side Orion server
• Some EOC queries include time ranges, so CrossWatch contains algorithms to correctly
match the results cached from the low side Orion to the queries executed by the high side
EOC
• CrossWatch also handles conditions such as missed polling intervals (for example, if
either the EOC or Orion go down, or the cross domain transfer rejects a payload), and
insures the cache does not grow without bound

26. CrossWatch and EOC Example Screen
Data retrieved from the EOC handler will display within the EOC as usual
Orion Instances from
multiple domains

27. EOC Behavior
• On some pages EOC has hyperlinks that would normally redirect the user to the Orion
server; direct linking to a low-side Orion doesn’t work in the same way in a low-to-high only
cross domain deployment
• The EOC handler implements a proxy web server that will return a web page stating that
the Orion server is located in a different network and what the user must do to that network
to access that Orion server; likewise, operations in the EOC that perform on-demand
operations to Orion, such as reports and alert acknowledgements will not work. More
sophisticated behavior is possible in a two-way-transfer scenario
• Sterling has technology that will allow the high side EOC to directly launch web pages in
the low side Orion server; the high side EOC handler intercepts the web page redirect and
relays a small control message through a two-way cross domain solution to the low side
Orion handler; the low side Orion handler then opens the correct web page on the local
Orion server; again, this transfer is covered later
• If the user has a cross domain access solution (multi-level desktop) such as AFRL
SecureView at the site, the result is that the low side Orion web page opens on the same
screen as the high side EOC; everything would work just like it does within a single
network; a screen shot of this is on the next slide

28. Multi-level CrossWatch UX using CDS Access
Solution

29. CrossWatch for SolarWinds
Demonstration

30. CDS for NIPR, SIPR, JWICS and More
• Better situational awareness of IT across the enterprise
– Many missions depend on fully operational IT systems in multiple security domains
(e.g. NIPR, SIPR, JWICS)
– Senior leadership wants to see the status of all their critical IT systems without having
to look at two or three separate reports or dashboards
• For “IT dashboard watchers” this can add up to significant time savings
• Status of all IT in support of a mission needs to be displayed on one dashboard and map
• More efficient utilization of enterprise IT operations staff
– IT operators need to track status of different networks by looking at different screens in
the Network Operations Center
– Consolidating IT status across all security domains into a single screen allows smaller
IT staff to track operational status across more of the IT Enterprise
• Less “swiveling” between multiple monitors to keep track of multiple networks simultaneously
• More time available to resolve issues and less time just looking for what the status is
© 2015 SOLARWINDS WORLDWIDE, LLC. ALL RIGHTS RESERVED 30
USE CASES SUPPORTED BY A CROSS DOMAIN SOLUTION

31. Thank You
QUESTIONS?
© 2015 SOLARWINDS WORLDWIDE, LLC. ALL RIGHTS RESERVED

32. Contact Information
© 2015 SOLARWINDS WORLDWIDE, LLC. ALL RIGHTS RESERVED. 32
LET US KNOW HOW WE CAN HELP YOU
DLT
Phone: 800-262-4DLT (4358)
Email: solarwinds@dlt.com
Web: www.dlt.com/brands/solarwinds
SolarWinds Federal
Phone: 877-946-3751
Email: federalsales@solarwinds.com
Web: http://www.solarwinds.com/federal
Sterling Computers
Phone: 877-242-4000
Email: smartxd@sterlingcomputers.com
Web: www.sterlingcomputers.com

33. Additional Resources
DLT
• Follow us on Twitter: https://twitter.com/DLTSolutions
• Follow us on LinkedIn®: https://www.linkedin.com/company/dlt-solutions
• Subscribe to Technically Speaking by clicking here
SolarWinds
• Watch a short demo video: http://www.solarwinds.com/sedemo
• Download a free trial: http://www.solarwinds.com/downloads/
• Download our Scalability whitepaper by clicking here
• Download our Cybersecurity Survey Summary by clicking here
• Visit our thwack® government group: https://thwack.solarwinds.com/groups/federal-and-government
• Follow us on LinkedIn®: https://www.linkedin.com/company/solarwinds-government
Sterling
• Download:
– CrossWatch Overview: http://www.sterlingcomputers.com/crosswatchoverview.pdf
– CrossWatch CONOPS: http://www.sterlingcomputers.com/CrossWatchCONOPS.pdf
– SmartXD Overview: http://www.sterlingcomputers.com/smartxdoverview.pdf
– SmartXD CONOPS: http://www.sterlingcomputers.com/smartxdwhitepaper.pdf
• Follow us on LinkedIn®: https://www.linkedin.com/company/sterling-computers
© 2015 SOLARWINDS WORLDWIDE, LLC. ALL RIGHTS RESERVED. 33
LET US KNOW HOW WE CAN HELP YOU

34. 34

35. © 2015 SOLARWINDS WORLDWIDE, LLC. ALL RIGHTS RESERVED.
The SOLARWINDS and SOLARWINDS & Design marks are the exclusive property of SolarWinds Worldwide,
LLC, and its affiliates, are registered with the U.S. Patent and Trademark Office, and may be registered or
pending registration in other countries. All other SolarWinds trademarks, service marks, and logos may be
common law marks, registered or pending registration in the United States or in other countries. All other
trademarks mentioned herein are used for identification purposes only and may be or are trademarks or
registered trademarks of their respective companies.