 |
Remote Systems Management by Scot Smailes
As a network administrator, do you spend countless hours reviewing all of your server and network device logs and statistics for indications of potential problems? Or is that something that has remained on your “to-do” list for a while but somehow manages to get overlooked.
There is a wealth of information in the logs, and SNMP alerts of most network equipment, including servers, workstations, switches, routers, firewalls, etc., that can be used to diagnose a potential problem before it develops into something that costs your company money. And while you may not have the time to continuously review this information, there are software packages available that will do just that, and inform you when a problem is detected.
Regardless of whether you’re just to busy during the day, are out of the office, or have a remote site that doesn’t get the attention it deserves, these software packages will continuously monitor your systems.
There are many different types of applications available, ranging in price and functionality. However, most do share some common attributes, such as:
- Definable Thresholds for Alert Generation
- Pager Notification
- Email Notification
- Configurable Polling Intervals
The following examples are geared toward the small to medium size business with varying levels of monitoring and management.
HealthMonitor (http://healthmonitor.sourceforge.net)
HealthMonitor is an open source freeware utility that provides a very basic level of Windows Server monitoring. The application runs as a service on the server you wish to monitor and provides configurable monitoring thresholds for disk, CPU, and memory utilization as well as service status, and event log filtering. Custom monitoring capabilities can be defined through user generated scripts in CMD, BAT or VBscript format. HealthMonitor can maintain a log of events, and generate email, SMS, or custom script notifications. The fact that the software can only monitor a Windows Station that it is installed on limits its usefulness to small environments or possibly to critical workstations. Additionally, being an open source project, there is little support available.
What’s Up (http://www.ipswitch.com/Products/WhatsUp/professional/index.html)
Expanding on the success of their award winning network monitoring package What’s Up Gold, IpSwitch now offers three different versions of the What’s Up product line—Professional, FT Premium, and Small Business. The Professional version is a feature rich package allowing for monitoring of IP, TCP, and UPD traffic, Windows Event Logs and Services, SNMP Traps, as well as network resource and device interfaces. This package can monitor an unlimited number of devices without the installation of any software on the remote systems, and the web console provides an intuitive management interface that is OS independent. Another useful tool included is the Network Topology Identification feature which can save time during the initial setup of the application, and automates the process of adding new devices. The graphical map generated provides an easy to read interface for quickly identifying problem devices. In addition to the real-time monitoring and alerting, What’s Up Professional provides real-time and historical reporting for analyzing availability, health and performance statistics of all monitored devices.
Microsoft Operations Manager (MOM) (http://www.microsoft.com/mom/default.mspx)
Microsoft recently released its second generation network monitoring solution with MOM2005. The offering comes in two versions, the full version, MOM2005, and a scaled down version, MOM2005 Workgroup Edition. The application is geared toward a Microsoft centric network, but does have the ability to monitor third party applications and devices through custom Management Packs. The ability for vendors to create management packs that plug directly into the MOM framework provides the flexibility and scalability for the application to function in just about any environment. Since the management packs define the monitoring capabilities it is therefore dependent upon the manufacturer to provide useful counters. With that said, the Management Packs provided by Microsoft for their various server applications, such as Exchange, SQL, and Active Directory, offer a wide variety of monitoring parameters ranging from resource utilization, event logs, services, and numerous performance counters.
In most situations, any servers to be monitored will require the installation of a monitoring agent. The agent provides a secure communication channel between the client and the MOM server for transmission of the monitoring rules. Agentless monitoring is supported in a LAN environment but it is limited in functionality. The full version of MOM2005 uses an SQL2000 database, and can therefore take advantage of the SQL reporting capabilities. Unfortunately this is not available in the Workgroup edition, due to the use of the MSDE backend.
So now you’re out of the office and you receive an alert. It doesn’t appear to be critical so you don’t want to have to go to the office, but you don’t want to let it go until morning. How do you connect to your office network securely to check on the status of your systems?
Once again there are many options available, and depending on your needs, there may not be any one solution that will suffice.
The IPSec VPN has become a standard for secure remote access communications. The IPSec standard provides a secure tunnel through the Internet using various encryption algorithms to secure the data flow between the two VPN end points. The combination of broadband Internet access with an IPSec VPN provides a high-speed, secure connection to your network.
If VPN technology is not available to you, or is not an option, there are other methods of communication that will allow you to see and control your remote servers and devices. One method is a basic modem to dial directly into your network, with a server running the Remote Access Server. Most would think it might be faster to drive to the office than to connect via dial-up but there are several technologies available today that allow for remote control of a system over very low bandwidth connections. Once you have control of a system at the office, you can then connect to other resources on the network at LAN speeds from that system.
Regardless of the connection method, ultimately you will want to see the problem system and in the case of a Windows Server this usually means getting to a desktop environment. Fortunately Microsoft has included this capability in their newer operating systems. In Server 2000 it was referred to as Terminal Services in Remote Administration Mode, where as in Server 2003 and Windows XP it is Remote Desktop. Regardless of the name, they all utilize Microsoft’s proprietary Remote Desktop Protocol (RDP) to transmit keyboard and mouse clicks one way, and screen shots the other, allowing for remote control of a system with very low bandwidth requirements.
RDP provides a virtual desktop environment, which means you’re not actually seeing what is on the monitor at the office. If you happen to have an application that runs in the foreground on your server, you will need Another connection method to be able to view this interface. A few examples of remote control software that will allow connectivity to the actual console of the server include:
VNC (http://www.realvnc.com/)
VNC is a freeware remote control application that allows connection from a client that has the VNCViewer application or through a web interface. The feature list and screen refresh rate are lacking when compared to other commercially available remote control solutions but for strictly allowing remote control it is more than adequate.
pcAnywhere (http://www.symantec.com/pcAnywhere/)
Symantec’s pcAnywhere has been a market leader in remote control software for many years. The latest versions have added support for Linux, and enhanced security, using AES 256-bit encryption. This application also provides some additional features such as file transfers and multiple protocol support, including dial-in, which can be useful in certain situations.
Some newer technologies circumvent the remote access requirements by providing remote control of your systems through a web portal. The installation of an agent on your systems establishes a connection with the web portal, thereby initiating the connection and eliminating the need to open any ports on your firewall. Once the agent is installed, you access the system by logging into the portal.
As with any remote access/control solution security is of primary importance. While an IPSec VPN will offer a more secure environment, the web portal offerings are relatively secure using SSL encryption for the data stream. However, the login to the web site is still based on a simple username and password. Currently, http://www.LogMeIn.com offers a free solution that is limited to remote control, while http://www.GoToMyPc.com offers a competitive product to the pay options.
If you would like more information on how you can take advantage of some of these solutions, or have another product in mind that you think deserves our attention, please contact us at (860) 678.3530 or email .
|
|
