How to achieve Windows Server SNMP v3 Security Compliance

Technology world keep changing, so do security compliance requirement. More and more enterprise customer required to migrated from existing SNMP v2 to SNMP v3 monitoring for server.

Since Windows doesn’t support SNMPv3 inherently (that is, you will encounter SNMP v3 agent issue matter);SNMP is actually being depreciated in Windows server 2012; you’ll need a 3rd party solution.

For the quick how to, following the rest of the topic to get it supported.

1. First, you need to decide which 3rd party solution to go about. Below listed three.

3rd Party Solutions:

• MG-SOFT – Commercial
• SNMP-Informant – Commercial
• Net-SNMP – Open Source

For the above two commercial 3rd party and  one Open Source solutions, E-SPIN can supply if required, as part of the project bundled, or add on after post project basis (together with implementation, configuration, testing and commissioning), just let us know, we have our commercial team, follow with technical team to assist you.

Once the SNMP v3 agent portion is resolved.

Then you can configure your existing Network Management System (NMS) or System Management System (SMS) to support Windows Server SNMP v3 Monitoring.

Below is one of the example you can use for reference:

WhatsUp Gold (WUG) configuration how to.

Add SNMPv3 protocol credentials:

1. From the main menu of the WhatsConnected console, select Configure > Protocol Settings/Credentials. The Protocol Settings/Credentials dialog appears.
2. Click New.
3. Select SNMPv3, then click OK. The protocol properties dialog appears.
4. Enter a Name for the set of SNMPv3 credentials.
5. Enter the Username that is configured for the SNMP agent. This username is included in every SNMP packet in the authentication header. An SNMP device, upon reception of a packet, uses this username to look for configured authentication and encryption parameters and applies them to the received message.
6. Optionally, enter the Context needed to identify specific SNMP instances on your network.
7. If required, select the Protocol used for Authentication. Additionally, enter thePassword used for authentication.
8. If supported, select the Protocol used for Encryption. Additionally, enter the Password used for encryption.
9. Increase or decrease the SNMP Timeout. This setting is dependent on the latency and load on your network devices. Longer timeouts can cause discovery to slow down. However, if the network is experiencing a lot of network traffic, a longer timeout is recommended. A default of 1000 milliseconds is recommended for small to medium size networks. Note: If you are discovering across a WAN link, allow for a longer timeout.
10. Increase or decrease the SNMP Retry count. This setting is dependent on the latency and load on your network devices. More retries allow for SNMP failures or heavy network loads. However, more retries slow down the discovery process. One or two retries is recommended for small to medium size networks.

Then Done. Your Windows Server is right now running under SNMP v3 for the latest security compliance.

Read Full Post »

5 Top Factors that Impact Application Performance

Graph credit Extrahop

What are the main factors that can contradict with your application performance? What drives you to find solution with Application Performance Management (APM)?

This 5 top factors list will cover the impacts of the application, to the surrounding and the network, to the people behind those applications. All of these factors should be considered when managing application performance to tackle the issue quickly.

1. APPLICATION COMPLEXITY

Application complexity is one of the biggest factors impacting application performance. Today’s services and applications, specifically  those conveyed via the Web, are a montage of components that come from various places such as data center, cloud, and third-party.  Multiple moving parts must be execute in the manner to provide a great experience for end-user, while the customer or employee looking at a browser window sees a single application. Maybe the app server and Web server are doing fine, but  user experience will suffer if the database is staggering. Being able to measure and keep tabs on all those moving parts is the test and requires an APM tool that can provide a view into the performance of all the parts, not just individual components.

2. APPLICATION DESIGN

Performance goals need to be characterized when applications are specified, in parallel with the information of the environment the applications will run in. A number of times improvement is left out and applications are monitored, analyzed and being repair after released into production. This never works as well as when performance is one of the key goals of the application design before a line of code is written.

In addition, the factor too affects application performance today which poorly optimized code and infrastructure, such as sub-optimal SQL queries and poorly configured network infrastructure. All of these problems can be hard to cater, and the emphasis on DevOps processes can cause multiply quickly by increasing the rate of change in the data center. Hence, it is important to capably tool the data center to monitor and report on all aspects of a deployed application using code level instrumentation, EURT and network performance tools, and traditional IT infrastructure monitoring solutions.

3. APPLICATION TESTING

Nowadays, applications are generally developed in simulation labs with no performance test on live networks. Before applications are displayed, transport in highly distributed network architectures today should be monitored and optimized. Fault testing of the application in the live production environment impacts performance. Tied to that is for developers and testers to have a clear understanding of the non-functional performance criteria.

4. THE NETWORK

The network on which the application is used impacts performance greatly, in particular for mobile and cloud. Inconsistent bandwidth, high jitters  increased latency and packet loss all work to decrease application performance. While it might not be able to  cloud networks or control mobile, by building and apps test with these network conditions in mind the issue can be comprehend. Before the network impacts are felt by users, this will gives organizations the opportunity to optimize app performance .

5. PEAK USAGE

How the application will be used? How many people will continuously use it and for what kind? This will affect application performance as well as give corresponding application architecture and its scaling assumptions that go into its design and deployment. This lack of understanding actual user transactions and performance itself can stir the performance during the critical peak usage period. Applications should be able to cater during peak usage to deliver better user experience. It should be able to downshift to preserve resources when demand is low. To make this thing work, , at a minimum APM technology should provide a governor or feedback loop to the app regarding end user experience and internal app/infra operations.

You may also be interested in:

1. Does Application Performance Management (APM) Critical To Network Health?

2. Competencies in Application Performance Monitor (APM) Solutions

3. E-SPIN Cascade Pilot PE (formerly Cace Pilot) Technical Live Demo video

4. E-SPIN Cascade Pilot PE (formerly Cace Pilot) Technical Overview Video

5. The Silent Killer: Downtime

Read Full Post »

Competencies in Application Performance Monitor (APM) Solutions

Illustration credit Larry Dragich

Contrasting capabilities is a vital part of  evaluation when we appraise application performance monitoring (APM) solutions. However it can create deceives.  There are many features that provide by application performance monitoring solutions which is not a crucial part for the user. Frequently the solutions are expensive, complex, and hard to implement in what we want. Though sometimes there are not high priority in which the features included in the affordable products. The most important thing is how nearly each solutions can fits your needs rather than determine by cost and features of a product.

What are your goals? Before you explore particular capabilities in solutions you are assess to, here are some of the priority you need to clarify with:

Goal	Priority
Ensuring the availability and performance of critical applications
Gain visibility over the entire IT service  that supports an application
Reducing user complaints
Improving MTTR time
Improving reporting (out of the box and customizable)
Eliminating alert overload and time spent unnecessarily on low-priority issues
Meeting SLA goals
Controlling IT costs
Other:

The steps:

1. Identify your highest priorities

2. Map highest priorities to specific product capabilities

3. Select better solution

For example, if improving MTTR time is the highest priority, you should look for monitoring products with strong capabilities:

• Monitoring, alerting and reporting on an application’s entire IT service
• Allowing you to define critical application dependencies so you can find the root cause quickly
• Presenting one unified dashboard so you can see problems quickly and drill down to the root cause
• Letting you customize automated actions in response to specific conditions so issues can be detected and repairs made without delay
• Providing out-of-the-box reports so you can easily track metrics such as MTTR rates over time

For reducing user complaints as a top priority, you’d need the first four of the above capabilities plus end user monitoring to alert and report on user experience’s effect of web application performance.

This exercise gives a better position to find a solution of documenting your prioritized goals and mapping them to product capabilities to prevent dissapointment.

Read Full Post »

Whatsup Gold Application Performance Management (APM) Insights

Graphic Illustration of Whatsup Gold Application Performance Management

Dear readers,

As mention on the thread Application Performance Management (APM) trend, challenges and solution, the advantage is greater perspective into the nature of performance problems, and in how to utilize the data information that will let the users earn access to accept benefits for instance like improving software quality. The advantages that gain interest to stakeholders will change as the organization evolve in the use of performance information. The points to realizing the benefits of APM are to get the clear view of the applicability and limitations of the various tools as well as suitable processes to fully utilize the information. With this perspective, it will gain all of the APM benefits. A tool which being use poorly or not proper will give a lot of difficulties in getting full value.

As old saying “time is money” by Benjamin Franklin, an application downtime arguably gives both of the headache; time and money. Based on the graphic illustration above, 80% of Managers reported that an application downtime cost exceeds $50000 per hour and surely the employee productivity will be decrease greatly. Simply monitoring in production alone will not heavily impact the number of incidents. With introduction of Whatsup Gold APM earlier, either during user-acceptance testing or stress tests, in order to provide chances to tackle performance issues prior to the production utilization. APM visibility has its greatest impact. The users can get insights of the problem, get to detect problems before operational. Furthermore, the users too will get to validate the performance monitoring configuration (dashboards, reports, alert thresholds) that the operations team depends on.

E-SPIN is a WhatsUp Gold (by Ipswitch) value-added regional partner for end to end enterprise network, server, application management products, software and services. As an solution integrator, E-SPIN provide best of breed solutions WhatsUp Gold product. Establishing partnerships with E-SPIN is valuable to your organizationfor ensuring you have the right combination of resources to meet project requirements and operations.

You may also be interested in:

1. Bring Your Own Device (BYOD) Trend, Security and Management Challenges and Solutions

2. Security Information and Event Management (SIEM) – trend, challenges and solutions

3. Protect Business From Cyber Attacks

4. Security Information and Event Management (SIEM)

5. Take Care in Handling the Results of Your Web Application Testing

Read Full Post »