SolarWinds Federal & Government SE Webinar: Technical Update & Demo of New Features - August 2015

FEDERAL WEBINARTECHNICAL UPDATE & DEMO OF NEW FEATURES

OMAR RAFIK, SR. FEDERAL [email protected] 703-386-2626ANDY WONG, FEDERAL [email protected] 703-386-2610

mailto:[email protected]


2

• SNEAK PEEK: Log and Event Manager (LEM) v6.2 • Kiwi Syslog® Server v9.5• SolarWinds® Product Support for Smart / PIV Card Authentication

• Orion® products• Web Help Desk® (WHD) Support• DameWare® - dual role support on smart cards

• SNEAK PEEK: Database Performance Analyzer v9.5 • Orion Scalability with Distributed Architecture

TODAY’S AGENDA

© 2015 SOLARWINDS WORLDWIDE, LLC. ALL RIGHTS RESERVED.

3

Log & Event Manager (LEM) v6.2 SNEAK PEEK

OMAR RAFIK- SR. FEDERAL SE


4

• Protect against known bad actors with an integrated Threat Intelligence Feed• Automatic Connector Updates• LEM Virtual appliance details inside the LEM console

LOG & EVENT MANAGER (LEM) V6.2 SNEAK PEEK


5

Retrieve periodic updates from a secure threat feed data source• LEM Threat Feed v1 – emergingthreats.net• Retrieve list of bad IPs• Store data updates in a local DB on the manager• No offline solution in v1

Tag alerts that contain “threat” IP addresses• Applies to limited number of alert fields that contain:

• SourceMachine• DestinationMachine• PeerIdentity• Machine

• Applies to limited number of alerts• Alerts that will have the new “IsThreat” field

OOB Content to get users up and running (Rule Templates etc.)

THREAT INTELLIGENCE FEEDHOW IT WORKS


https://rules.emergingthreats.net/fwrules/emerging-Block-IPs.txt

https://cp.solarwinds.com/x/fCBFB



6

THREAT INTELLIGENCE FEEDHOW TO USE IT


7

THREAT INTELLIGENCE FEEDCONFIGURATION

• manager.conf properties can be used to change:• Daily schedule update time• Scheduled update frequency• Initial delay time (in minutes) for first failure reattempt• Maximum number of minutes for last delay retry

• #Threat Feeds• # Cron expressions info:

http://quartz-scheduler.org/api/2.2.1/org/quartz/CronTrigger.html• com.solarwinds.lem.threatfeeds.quartz.cronExpression = 0 14 3 * * ?• # Delay Trigger configuration on Threat Feeds update reattempts• com.solarwinds.lem.threatfeeds.initial.delay.in.minutes = 5• com.solarwinds.lem.threatfeeds.max.retry.minutes = 90


8

AUTOMATIC CONNECTOR UPGRADESHOW IT WORKS

• The manager appliance checks if an update is available once a day, via the internet• Connector package is downloaded from SolarWinds repository (Akamai®)• Connectors are then deployed on the appliance and connectors are updated• Process is similar as the sensortoolupgrade command in the cmc, but it is done

without the user needing to manually download the package• Process can also be invoked manually

• Offline LEM• sensortoolupgrade is still there in cmc• Buddy Drop• Turn off auto updates, apply BD, verify, turn back on• Auto/Manual update will overwrite BD


9

AUTOMATIC CONNECTOR UPDATESHOW TO USE IT


10© 2015 SOLARWINDS WORLDWIDE, LLC. ALL RIGHTS RESERVED.

AUTOMATIC CONNECTOR UPDATESSUCCESSFUL IMPLEMENTATION

• Version displayed in InternalInfo event

11

VIRTUAL APPLIANCE DETAILS IN MANAGER

HOW IT WORKS

• Viewsysinfo info (partial) in LEM console• Detect VMware®, Hyper-V® and SIM host• Blank if ‘Other’ or undetectable• Currently, just like viewsysinfo, only VMware shows CPU and MEM reservations


12

VIRTUAL APPLIANCE DETAILS IN MANAGER

HOW TO USE IT• Shows up now in the appliance area where there used to be a picture and information


13

• Closer look at the information

VIRTUAL APPLIANCE DETAILS IN MANAGERHOW TO USE IT


14

• Settings are not the minimum then it shows in red

VIRTUAL APPLIANCE DETAILS IN MANAGERHOW TO USE IT


15

DEMO OF NEW KEY FEATURESLog & Event Manager (LEM) v6.2


16

Kiwi Syslog Server v9.5OMAR RAFIK SR. FEDERAL SE


17

• SNMPv3 Trap support• Proper SNMP trap forwarding (retaining source address for IPv4)• Allow TrapVarBinds elements in output• Integration with Papertrail™ for storing and analyzing logs in the cloud• IPv6 support• Email report customization• Ability to create more than 5 web console users

KIWI SYSLOG SERVER V9.5NEW FEATURES


18

• IPv6 and SNMPv3 support

KIWI SYSLOG SERVER V9.5IPV6 AND SNMPV3 SUPPORT


19

KIWI SYSLOG SERVER V9.5PROPER SNMP TRAP FORWARDING


20

KIWI SYSLOG SERVER V9.5EMAIL REPORT CUSTOMIZATION


21

KIWI SYSLOG SERVER V9.5LOGGING TO PAPERTRAIL


22

DEMO OF NEW KEY FEATURESKiwi Syslog Server 9.5


23

Smart / Personal Identity Verification (PIV) Card Support


ANDY WONG- FEDERAL SE

24

• SolarWinds Product Support for Smart Card Authentication on Orion Products• Network Performance Monitor, NetFlow Traffic Analyzer, Network Configuration Manager, User Device

Tracker, Server & Application Monitor, Web Performance Monitor, VoIP & Network Quality Manager, IP Address Manager, Storage Resource Monitor, Virtualization Manager, and Database Performance Analyzer

• Configure the Orion database to allow SSL:

• Configure Orion Website


SMART / PIV CARD SUPPORTFEATURE UPDATE

25

• SolarWinds Product Support for Smart Card Authentication on Web Help Desk• Configure Web Help Desk 12.2 for Windows® Authentication Functional Framework Light Edition

(WAFFLE) and Tomcat® 7.0• Configure Web Help Desk for servlet authentication



26

• SolarWinds Product Support for Smart Card Authentication on DameWare



27

Database Performance Analyzer v9.5


SNEAK PEEKANDY WONG - FEDERAL SE

28

DATABASE PERFORMANCE ANALYZER V9.5

DPA features and functionality are now available for MySQL®

• Wait Time Analysis• New SQL Tuning Advisors• Metrics updates• Reports and Alerts• Orion integration and more!

Monitor MySQL on physical servers, virtualized environments or running on Amazon EC2® or RDS instances in the Cloud.

Compatible with most distributions of MySQL 5.6 and later (officially supports MySQL 5.6 community version and Percona® 5.6).

Release Candidate is available now to current DPA customers. GA will be announced soon.

MYSQL SUPPORT


29

DATABASE PERFORMANCE ANALYZER V9.5MYSQL


30

DATABASE PERFORMANCE ANALYZER V9.5MYSQL IN ORION


31

Orion Scalability with Distributed Architecture


FEATURESANDY WONG - FEDERAL SE


SIMPLEST DEPLOYMENT SCENARIOScales to:• 12,000 Network Elements• 20,000 Server/Application

Elements• 50,000 Flows Per Second• 20+ Concurrent Users

SOLARWINDS ORION SIMPLE DEPLOYMENT

One or more Orion products installed on Orion Server: NPM, NTA, NCM, UDT, IPAM, VNQM, SAM, SRM, WPM, Patch, FSM,

Tools, VMAN

Web Browser: Internet

Explorer®, Firefox®, Chrome®

NTA Flow Storage Database (FSDB)*

MS SQL Server

IT devices and apps being monitored

(switches, routers, servers, hosts, SANs,

apps, websites)

SolarWinds Orion Server

*Only needed if NTA is installed on Orion Server


MONITOR AND MANAGE MORE IT DEVICESThis Configuration with multiple Additional Polling Engines can Scale to:• 100,000 Network Elements• 150,000

Server/Application Elements

• 300,000 Flows Per Second• 20+ concurrent users (Can

scale higher with Additional Web Servers)

ORION DATA COLLECTION WITH ADDITIONAL POLLING ENGINE


MS SQL Server

NTA Flow Storage Database (FSDB)

Polling Engine

Up to 75 additional polling engines can be installed locally

and/or remotely

IT devices and apps being monitored by additional

polling engine in a remote office


AUTOMATED HIGH LEVEL SITUATIONAL AWARENESSThis Configuration with multiple Orion instances with Additional Polling Engines can Scale to:• 75 Orion instances• 1,000,000 total Elements

(Network, Server/Application)

ENTERPRISE OPERATIONS CONSOLE (EOC) WITH MULTIPLE ORION SERVERS

Orion Server

Orion Server

Orion Server

SolarWinds Enterprise Operations Console

Web Browser: Internet Explorer, Firefox, Chrome Up to 75 remote and/or

local Orion Servers can be monitored by a single

EOC

EOC collects, displays and alerts on real-time operational status

of all IT devices monitored by all Orion Servers

MS SQLServer


SUPPORTS MORE CONCURRENT WEB USERSThis Configuration Scales to:• 40 concurrent users:

o 20+ on Orion Servero 20+ on Additional

Web Server

ORION SCALING TO MORE CONCURRENT USERS WITH ADDITIONAL WEB SERVER

MS SQL Server

Additional Web Server


Web Browser: Internet Explorer, Firefox, Chrome

NTA Flow Storage Database (FSDB)

IT devices and apps

being monitored

36

Q&ACONTACT US

CALL: 877-946-3751

EMAIL: [email protected]

EMAIL OUR GOVERNMENT RESELLER DLT: [email protected]




37

• Watch a short demo video: http://www.solarwinds.com/sedemo

• Download a free trial: http://www.solarwinds.com/downloads/

• Visit our Federal website: http://www.solarwinds.com/federal

• Call the SolarWinds Federal sales team: 877-946-3751

• Email federal sales: [email protected]

• Email our Government Reseller DLT®: [email protected]

• Follow us on LinkedIn® : https://www.linkedin.com/company/solarwinds-government

MORE ON SOLARWINDS


http://www.solarwinds.com/sedemo

http://www.solarwinds.com/downloads/

http://www.solarwinds.com/federal



https://www.linkedin.com/company/solarwinds-government

38

THANK YOU!SEE YOU NEXT TIME!!

The SOLARWINDS and SOLARWINDS & Design marks are the exclusive property of SolarWinds Worldwide, LLC and its affiliates, are registered with the U.S. Patent and Trademark Office, and may be registered or pending registration in other countries. All other SolarWinds trademarks, service marks, and logos may be common law marks, registered or pending registration in the United States or in other countries. Amazon Web Services, the Powered by Amazon Web Services logo and Amazon EC2 Marketplace, are trademarks of Amazon.com, Inc. or its affiliates in the United States and/or other countries. Also referenced at http://aws.amazon.com. All other trademarks mentioned herein are used for identification purposes only and may be or are trademarks or registered trademarks of their respective companies


Technology

SolarWinds Federal & Government SE Webinar: Technical Update & Demo of New Features - August 2015