This documentation is archived and is not being maintained.
Toolbox New Products for IT Professionals
Greg Steen is a technology professional, entrepreneur, and enthusiast. He is always on the hunt for new tools and methods to help make operations and development easier for IT professionals.
© 2008 Microsoft Corporation and CMP Media, LLC. All rights reserved; reproduction in part or in whole without permission is prohibited.
System and network administrators always seem to be looking for a better monitoring solution. By better, I mean more stable, more cost-effective, more scalable, and loaded with more features. NETIKUS.NET aims to deliver a better monitoring solution with the latest version of Event Sentry. The application allows you to track most of your vital stats, such as event log entries, disk space, performance, services, installations, and processes. The result is a product well worth considering for your toolbox.
Event Sentry uses a Welcome Wizard to get you up to speed quickly; it gives you a quick overview of the application’s terminology and feature-set, and provides the suggested steps for implementing the monitoring solution in your environment. Event Sentry allows you to divide your monitored systems into different computer groups and specify actions based upon membership to those groups. This is helpful in larger deployments where, for example, you may want to define different monitoring tasks for different departments or handle monitoring of internal application servers differently than Web-servers.
Monitoring services are defined as packages within the application and you can easily assign packages to individual systems, groups, or all monitored systems. The packages are further divided into three groups: filter packages (which are event log filters used to specify which events to process), health packages (which represent system health monitoring tasks, such as status and disk space), and tracking packages (which are for events that are monitored over time). Event Sentry even supports an environmental monitor for measuring the temperature and humidity around your machines as well.
Event Sentry provides numerous types of notification, with support for e-mail, databases, Syslog, SNMP traps, text files, and executable scripts and applications. EventSentry also has Web reporting features that let you easily share event log data, tracking data, performance indicators, and service information, which can be viewed with a standard Web browser. You can provide a custom search URL for linking unknown events to, for instance, MyEventlog.com, the Microsoft Knowledge Base, or a custom reference you may have already put together.
The tracking packages require a database for gathering and aggregating data; the application supports both MySQL and MS-SQL. EventSentry includes one default tracking package that tracks all processes, logon/logoff events, and print jobs tracked by the filter packages. The application also includes a default set of filter packages, and additional packages are available from the Event Sentry Web site.
The default filter packages are varied, with event log filters that cover antivirus notifications, database events, Exchange events, various hardware issues, and so on. A particularly handy feature that is fairly new to Event Sentry is the Sarbanes-Oxley filter. This filter deals with a number of the event audits that are required to comply with the Sarbanes-Oxley legislation.
The system health packages monitor the general health of your servers. Event Sentry includes default settings for monitoring disk space, system resources (CPU and memory performance), and applications and services.
The Remote Update feature allows you to install or update the client agents on your computer groups from a remote host. Remote installation of the client agent does require you to have both the default administrative share (ADMIN$) enabled and the Remote Registry Service running on your host system—and this may not be an option for all infrastructures.
Event Sentry’s included monitoring packages are customizable and some tailoring of the defaults settings is necessary for handling your needs. The result is a feature-rich yet flexible product that can get you monitoring without breaking the bank.
Price: Based on number of hosts. Starts at $69.00 (direct) for one full license.
Windows Server 2003 Security Cookbook
The Windows Server 2003 Security Cookbook (O’Reilly Media, December 2005) provides effective and to the point "recipes" for enhancing the security of your Windows Server™ 2003 boxes. In typical O’Reilly cookbook fashion, the book is not intended as the be-all and end-all authority of security precautions. Rather, it delineates solutions to specific security concerns.
Each chapter covers a specific technology, from TCP/IP to Group Policy objects to patch management. The book begins with a chapter on "System Preparation and Administration," covering tasks like renaming the Administrator account and encrypting the Security Accounts Manager (SAM). This chapter also discusses the importance of creating a secure original build that can be deployed across the enterprise and the steps to take to ensure that first build is secure.
In the "Encrypting File System" chapter, the book makes a good point regarding Active Directory® traffic, noting that not all of this traffic is encrypted and that you should be sensitive to what kinds of data you are storing in the Active Directory database. While Windows Server 2003 defaults to enabling encryption, it is better to ensure it is in place for all communications on your infrastructure, rather than assuming encryption is on. The book follows that commentary with the steps to take to encrypt Lightweight Directory Access Protocol (LDAP) traffic with secure sockets layer (SSL) or Transport Layer Security (TLS) and digital signing.
In the section on "Group Policy," the book covers such useful items as configuring password policies and assigning user rights. This is a good chapter to use in tandem with the recipes found in the "User and Computer Accounts" section, which gives you steps on how to set user expiration, determine logon hours, and troubleshoot account lockout issues.
Moving up the application stack, the book then covers DNS, File and Print Server security, and IPSec considerations. The chapter on IIS shows you how to configure HTTP and FTP authentication, restrict client access based on IP address or an access control list (ACL), and configure certificate authentication.
A nice approach, the book provides numerous methods to achieve the solution to a specific security issue. It typically denotes GUI, Common Language Infrastructure (CLI), and VBScript methods so you can choose the one that best fits your skills and needs.
Overall, the Windows Server 2003 Security Cookbook is a good quick reference for your bookshelf. It doesn’t provide the nuts and bolts of infrastructure security, but it does deliver a handy resource for finding and implementing security measures in your Windows Server 2003 deployments.
Price: $49.95 (list).
Encrypt Your Data
Security is a concern for everyone, but it’s especially important for IT professionals, since their responsibilities often affect entire organizations and numerous users. Everyone in your IT structure—from desktop support technicians to the CIO—has knowledge and access to critical data that is vital to your company. Protection of that data is paramount for both corporate and personal integrity. Dekart’s Private Disk can help you prevent sensitive data from being accessed.
Private Disk lets you create virtual encrypted disks on top of your Windows® folder structure. The virtual disks are strongly encrypted files that contain a virtual disk image, which can be formatted as NTFS, FAT, or FAT32. The virtual disks are encrypted using 256-bit Advanced Encryption Standard (AES) and Secure Hash Algorithm (SHA-512) generated secret cryptographic keys. Dekart’s cryptographic libraries have been certified by the National Institute of Standards and Technology (NIST) for their compliance to SHA-256, SHA-384, and SHA-512.
The application supports virtual disks of up to 4TB—you’ll most likely run out of physical space before you hit the limit. Virtual disks are password-protected and Private Disk includes a quality meter to ensure you don’t provide a weak password, essentially undermining all the security measures offered by the application.
In case you forget the password, Private Disk offers a brute force recovery/attack feature. Of course, if you follow all the best practices when creating a password, this feature won’t be of much help in recovering a strong password. It does, however, provide a great way to test the strength of your current password.
You can back up your virtual disk to a compressed, encrypted, password-protected copy of the disk. In addition, you can set your virtual disks to connect automatically at start-up and have the application automatically disconnect virtual drives after a specified amount of time; this is a great safety measure for when you go to lunch and forget to lock your desktop.
As a default, Private Disk places an icon in your system tray, letting you manage virtual disks on your workstation or server. But one of its greatest strengths is its portability. The company’s Web site provides a short set of instructions for dumping a newly created virtual disk to portable media, such as a USB key drive or DVD, along with the application’s key files to make a portable encrypted disk. This sort of feature is very handy for desktop-to-datacenter support—you can keep all your important data on the virtual drive and have it at your fingertips.
Price: $45.00 (direct) for a single license for personal or business use. Volume discounts and student pricing are available.
Create Help Files
Creating help files doesn’t have to be time-consuming (or costly). Fly Sky Software’s Fly Help is an easy to use authoring tool that simplifies the creation, editing, and conversion of HTML Help (CHM) and browser-based Web help files. Converting existing HTML files into a CHM file is as simple as dragging files onto your help book.
Converting existing CHM files into a navigable HTML page set is also simple. This is great for quickly putting existing help onto the Web. The interface also allows quick edits of content and titles of CHM files. You can use either the embedded WYSIWYG HTML editor or launch an external editor from within the application. Your help file index can be created manually (by adding keywords) or automatically (based on the table of contents).
The CHM explorer allows you to navigate through existing help files. Shockwave Flash movies (.swf files) can be quickly incorporated by simply dragging and dropping the content onto your help file. The app automatically generates a display wrapper and incorporates the HTML page into your book.
Price: $99.95 (direct) for a single license.
Locate Network Problems
In some respects, big network problems are easier to manage than those pesky intermittent issues. Sure, quickly resolving a big issue might cause some elevated stress levels, but isolating the problem is a breeze. ("Hey, check out that smoking router over there!") The nagging connection issues, on the other hand, can be difficult to isolate and may linger, taunting you. Nessoft’s PingPlotter Pro can help put an end to these annoyances.
The application is essentially ping and tracert wrapped in a GUI that allows you to monitor routes over time. This is especially useful when, for example, you are trying to prove to your ISP that its network (not yours) is the root of the problem. (There’s nothing like a big red line on a graph to make the point.)
The Pro edition ties in with Microsoft® Outlook®, letting you easily send e-mails of your sample set and graphs.
The application, which allows you to trace monitor multiple hosts concurrently, can run either in the system tray or as a Windows service, making it truly useful for long-term monitoring. In case your monitoring server is in a remote location, PingPlotter includes a built-in Web server (it also supports IIS) so you can access reports and graphs through a Web browser.
You can set up alert thresholds to notify you of potential connectivity events. These are based on latency and packet loss for a number of targets on your network or the network path to your destination address. The Pro version supports multiple types of notification, including support for sending e-mail, launching an executable, logging the event to a file, and popping up a dialog. I quite like the feature that auto-saves captured data and images at specified intervals. You can also set the application to ignore specified route changes if you aren’t concerned with a normally oscillating route.
Price: $149.95 (direct) for a single license.