ToolboxNew Products for IT Pros
Greg Steen
Monitor Network Systems
ActiveXperts Network Monitor
When you're a systems administrator, it's best to know when something goes wrong before your users start popping up out of their cubicles like a group of startled prairie dogs. Service monitoring is a key tool for proactively managing your infrastructure. ActiveXperts Network Monitor is a robust solution that includes a number of different checks that can span both your LAN/WAN and your Windows®, Novell, and *NIX servers to ensure you know about problems before your users notify you.
ActiveXperts Network Monitor is a Windows-based application that runs as a service on the machine you have designated as your monitoring station—the base operating system on this machine can be Windows 2000, Windows Server® 2003, Windows XP, or Windows Vista®. After installation, a quick configuration wizard guides you through setting up e-mail notifications, SMS notifications, and the default scan frequency or failure threshold. You can also add a set of sample checks that you can use as examples in your configuration. This is very helpful in getting you off the block running and shows you the basics of how you can configure the different features of the application to suit your environment's needs.
The application is split into three separate components: The Network Monitor Engine is the Windows service that continually runs your monitoring tasks; The Network Monitor Manager is a Windows application that allows you to see current monitor activity, view task results, and make changes to your configuration. A Web interface gives you read-only access to the tasks and task results.
In addition to running the monitoring checks, the Network Monitor Engine also handles notifications, result-triggered actions, and logging for the application. The monitoring engine is multithreaded, allowing it to scale to your environment. The service does not require an endpoint agent to run its monitoring checks, but this does mean you will have to supply administrative credentials to monitor remote Windows servers or workstations. Fortunately, you can specify multiple sets of credentials so monitoring across different domains and security contexts won't require a single, all-powerful account for your monitoring solution to run.
You'll probably spend most of your time in the Network Monitor Manager, which gives you granular control over all the features, configuration settings, and functionality. Here, you can organize your monitoring tasks into a tree folder structure, helping you locate and identify items faster in large environments as well as filter the current UI view to get a quick look at a set of monitoring tasks.
Adding a new monitoring check is simple. Network Monitor includes almost 40 built-in checks, including IP and protocol checks (such as ICMP, LDAP, SMTP, and HTTP), Windows checks (such as CPU, process, memory, and terminal server checks), ODBC connectivity, Oracle TnsPing, OLEDB query-based database checks, Novell membership checks, and *NIX RSH checks. In addition, you can monitor environmental details (such as temperature, humidity, and wetness) using a SensaTronics environmental monitor on your network.
The application supports custom VBScript and Remote Shell scripts, enabling you to tailor monitoring tasks. Included with the app is a set of VBScript templates for monitoring various services, such as antivirus, Microsoft® ISA Server, and XML query, so you don't have to start from scratch when creating custom monitoring tasks.
You can set the check frequency and failure threshold for each task, and you can schedule checks to run at a specified day and time for those cases when you need, for example, to verify the results of some other running process like a log archival task or IIS application pool reset. You can also specify executable, script, and batch jobs to run when a check fails or recovers, as well as cause a reboot or restart a specified service. Finally, the Web interface gives you an XSL-translated view of XML result data. The stylesheets can be easily tailored to create a custom view for your Network Operations Center (NOC) or mobile device, and since the data is in XML, you can easily retrieve it for use in another application or aggregate system.
Price: Starts at $395 direct for a five-server license.
ActiveXperts Network Monitor includes sample checks to get you started(Click the image for a larger view)
Book Review
Windows Vista Resource Kit
microsoft.com/mspress/books/9536.aspx
As more and more organizations are starting to integrate Windows Vista clients into their infrastructure, IT pros need to be up to speed on the tools available in the new operating system. The newly published Windows Vista Resource Kit (Microsoft Press®, 2007) covers much of the information and tools you will need to successfully implement Windows Vista clients in the enterprise—everything from automating installation and volume activation, to desktop management and maintenance, to using IPv6 networking and remote assistance. In addition to its 1,568 pages, this book also includes a support DVD that contains more than 100 scripts for administration and deployment, a set of debugging tools, the Solution Accelerator for Business Desktop Deployment (BDD), and other useful items.
Beginning with an overview of the new features found in Windows Vista, the book gives special attention to security enhancements, such as User Account Control (UAC), BitLocker drive encryption, and Data Execution Prevention (DEP). It also discusses the concept of service hardening and kernel patch protection. From there, it moves on to deploying Windows, exploring the numerous tools you have at your disposal to help automate the process. For example, the book looks at configuring a Windows PE 2.0 pre-installation and recovery environment, and it delves into the BDD 2007, which gives guidance on planning and deploying Windows Vista in the enterprise. In addition, there are best practices for creating and configuring disk images, and an informative discussion about how to migrate user data using Windows Easy Transfer and the User State Migration Tool.
The book then gets into the details of managing the desktop environment via group policy, diving into the new XML-based administrative template files (ADMX). It also covers managing disks and file systems, and looks at the new ReadyBoost and BitLocker enhancements in Windows Vista. It explains how Previous Versions, Shadow Copies, and disk quotas work, and then the book even goes on to explore how you can deploy and manage Windows Meeting Space in Workgroups, Domains, and adhoc wireless environments.
The Desktop Maintenance section of the book covers tasks, Windows Error Reporting, performance monitoring, and Windows Eventing. It also looks at how you can utilize Remote Assistance at your help desk. The discussion then progresses to cover software updates, the Background Intelligent Transfer Service (BITS), and Windows Update, as well as auditing tools.
The Networking section details how Windows Firewall works and explains the new enhancements to the networking stack. It also investigates using Remote Desktop and VPN connections to configure remote users and networks.
Finally, the book gives you good coverage on troubleshooting problems ranging from booting to the network, to driver errors, to device issues. At times, there is a slight undercurrent of marketing lingo, but it is by no means 1,500+ pages of fluff. This is an in-depth, comprehensive look at Windows Vista, its tools, and management of the OS.
Price: $59.99 direct.
Analyze HTTP Traffic
Charles Web Debugging Proxy
Considering the abundance of HTTP-based communication among applications and among your workstations, servers, and the Internet, a good HTTP traffic analyzer is an incredibly useful tool for system administrators. It can help you identify proxy issues, security concerns, connectivity errors, configuration problems, and troubles with inter-application communication. One tool I quite like is Karl von Randow's Java-based application, the Charles Web Debugging Proxy.
As with other debugging proxies, the application sets itself as the "man-in-the-middle" of sorts—it sits between endpoint applications, intercepting and interpreting the traffic it sees. Thanks to this configuration, the application also allows you to view encrypted HTTPS traffic in its plain text decrypted form. The UI has a well-organized view of the recorded session, giving you a wealth of information from the basic requests for pages, images, scripts, and stylesheets to the nitty-gritty details of size, latency, and timing. You can also see what cookies are being sent and received on each request and what they contain; you can even choose to block cookies all together.
You can troubleshoot request caching issues with the Charles Web Debugging Proxy by verifying last modified dates on 304 Not Modified responses or by choosing to disable caching by removing cache-related headers from the pertinent requests and responses as they travel through the application. In fact, using the application's rewrite settings, you can define a set of rules that rewrite a number of HTTP headers or body content as the requests and responses pass through the application. Or you could even use the application's DNS spoofing settings to override the IP address of a host, allowing you to test requests to items that may not be registered in DNS. This is great for testing, for instance, a new Web server to ensure it is listening and responding correctly to the host header before it goes live.
You can also use the tool to debug AJAX requests and responses and look at the raw XML data within the response. Within the UI, you can even see the raw request and response data in the text to help spot any strange headers.
The tool provides two very nice data layouts that really give you insight into the data transaction: the Summary table and the Chart table. The Summary table lets you quickly scan the request/response data, showing the header size, body size, response time, response code, MIME type, and resource. The Chart table, on the other hand, provides a graphical lifecycle timeline that shows where the request/response data occurred in the sequence and how long the transaction took.
You can save your recording sessions for later replay and analysis. This can be useful for capturing that tricky request/response flow that causes sporadic communication errors; once you have it, you can reproduce it. You can even import HTTP trace files into a new session as well as export the current session to CSV or HTTP trace format.
For request simulations at lower bandwidths—for example, trying to figure out why a request fails on a 56k modem line but not on your corporate network—the application provides a throttling feature that lets you choose from a set of common presets or define a new preset based on four throttle points: bandwidth, percent utilization, round-trip latency, and Maximum Transition Unit. You can also configure the debugging proxy to act as a reverse proxy or port-forwarder, in effect binding a local port to a remote endpoint (and port) so all traffic sent to that port is redirected to the remote address.
Price: Starts at $50 direct for a single-user license.
Charles Web Debugging Proxy analyzes HTTP traffic(Click the image for a larger view)
Clean Up Unnecessary Files
Wise Disk Cleaner 2
A hard disk is sort of like a home—things accumulate there over time, things that you don't really need to keep. Every now and again, it is a good idea to take a little time to do some serious weeding out of the clutter. There are a few standard methods for cleaning up a hard disk with built-in Windows tools, such as the system tool, Disk Cleanup, and the search functionality. But sometimes, a quick and easy-to-use utility is the way to go—especially when you can get it for free. One such tool is Wise Disk Cleaner 2, which searches your hard disks for the pesky files gathering dust that can be safely removed from your system.
One thing I really like about this tool is that it presents all the files that it finds right in front of you in the UI, making it easy to spot any potential problems. Another nice feature, it lets you easily add additional file patterns to check for and remove. Wise Disk Cleaner will also wipe your temporary Internet files if you want, and you can choose to retain cookies so you won't lose site preferences that may be stored within it. You can also remove Windows Update uninstall files, as well as clear the Windows Update source, recent file list, and the Windows and user temp folders. You can even auto-run the application, setting your preference to either delete the items permanently or just move them to your Recycle Bin. The application logs its activities for later review as well—not bad for a free tool.
Price: Free.
Wise Disk Cleaner 2 finds files that you can safely delete(Click the image for a larger view)
Manage Network Devices
iReasoning Networks MIB Browser Personal Edition
ireasoning.com/mibbrowser.shtml
If you have any Simple Network Management Protocol (SNMP)-enabled network devices, applications, or systems in your infrastructure, iReasoning Networks MIB Browser allows you to load a set of Management Information Base (MIB) files and browse through the hierarchical structure through a view much like that in Windows Explorer. Here, you can see the details of the selected object, including the object identifier (OID), syntax, read/write access, and description.
You can easily issue an SNMP request to retrieve data from a network device via the UI. Simply type in the IP address of the device, select the MIB object, and click Go. If needed, you can also set the port, SNMP request version, and read and write community strings. Making changes to an agent is just as simple (assuming your device allows for this). Just select the OID, the data type, and the value, and then click OK. In addition, there is a built-in Trap Sender and Trap Receiver utility that lets you issue traps and watch trap activity (to which you can apply filters to make the device in question easier to see).
iReasoning Networks MIB Browser Personal Edition is free, but it doesn't support SNMPv3 and is limited to loading five MIBs simultaneously. You might want to consider the Professional Edition (at $269 direct per license), which includes additional features and supports SNMPv3, network discovery, and device comparison.
Price: Free.
iReasoning Networks MIB Browser(Click the image for a larger view)
Greg Steen is a technology professional and enthusiast who's on the hunt for tools and methods to help make operational and development tasks easier for the IT professional.
© 2008 Microsoft Corporation and CMP Media, LLC. All rights reserved; reproduction in part or in whole without permission is prohibited.