Monitoring Enterprise Vault Server: What You Need to Know

Symantec’s Enterprise Vault allows you to archive all types of data and then access and search it all through a single interface. It’s great for maintaining legal compliance, enabling e-discovery and reducing your storage costs. However, it doesn’t do you any good at all – in fact, it can wreak havoc on end users’ ability to access archived files – if it’s not running properly. Proper monitoring is therefore vital.

Key Things to Monitor

Start with the core tests to ensure that the following items are all up and running:

• SQL Server (because if SQL goes down, Enterprise Vault goes down with it)
• Enterprise Vault Server
• Enterprise Vault Directory Service
• Enterprise Vault Indexing Service
• Enterprise Vault Admin Service
• Enterprise Vault Storage Service
• Enterprise Vault Shopping Service
• Microsoft Message Queuing Service
• IIS (Internet Information Service) 

Next, add additional tests to monitor the following:

• Available Storage Space for SQL Server – You’ll want to keep disc utilization below 80%.
• Available Storage Space for Enterprise Vault’s Indexing and Storage Services – Once again, if the disc reaches 80% it’s time to take action.
• Queue Size within Microsoft Message Queuing Service – You should receive an alert if the queue goes over an acceptable limit for your environment.
• IIS Transactions – Within IIS you should set a transactions-based monitor on the Enterprise Vault default web page, to ensure the system is able to process transactions.
• JRNL Queue – The Exchange journal mailboxes should be continuously processed and emptied by the Enterprise Vault service. Growth in the size of the Exchange journal mailbox indicates a problem within Enterprise Vault.

Monitoring Enterprise Vault is fairly straight-forward. If you keep your eye on the above factors, your Enterprise Vault system will run smoothly and reliably.

Aaron Geer

Coyote Creek Loves iPad – and FaceTime!

In mid-December we deployed iPad 2s here at Coyote Creek. Everyone on our staff was thrilled to get one and felt as though they had received an early holiday gift. I recently had a chance to check in with our engineers to ask how our iPad deployment is going. Here’s what I learned.

The running joke was that everyone’s kids and spouses are loving the iPads at least as much as our employees are. They’re playing games, watching movies and downloading books. Which is fine with me. One of the goals of our iPad deployment was to achieve a morale boost – and we clearly got it!

Of course, another goal was to boost productivity, which is also happening. But it took a number of conversations before I heard of a business use for the iPads that surprised me: the use of FaceTime, the video chat application that is built in to the device. Here’s what happened…

One of our engineers was on site at a new Coyote Creek client’s office when he had a quick question for one of our other engineers. Although we have regular chat set up inside Coyote Creek, our engineer did not yet have access to the client’s network. So he fired up his iPad and used FaceTime to have an impromptu video chat with his colleague. Not only did the two people get to see each other, they were also able to have a teleconference on the fly. They quickly discussed the question – in more detail than if the chat had been typed – and resolved the problem. Both thought it was cool, and both liked the fact that the problem was solved in a matter of minutes.

Leave it to Coyote Creek’s engineers to discover this kind of functionality and creatively make use of it! FaceTime has turned out to be a “hidden gem” in our iPad deployment. Now that I know the capability is there I’m going to try to drive its use more.

So, if you need a last minute Valentine’s Gift that the whole family will enjoy, maybe stop off at the Apple Store after work!

Mike Faster, President 

Splash ID, Enterprise Password Locker

As I mentioned last month in my post on My Favorite iPad 2 Apps for the Enterprise, I use SplashID – an enterprise password locker – to securely store all of my passwords and then synchronize them across all of my devices. SplashID isn’t “just” an iPad 2 app – there are also versions for your PC, Mac, Android and other IOS devices.

Ease of Use – Once you log in to SplashID (with a unique password that you will have to remember, and that had better be a good one), you gain access to all of your other logins and passwords to every password-protected application and website that you use. From there, you can generally enjoy one-click logins to whatever it is you need to access.Here’s why I’m such a big SplashID fan:

If, for example, I want to log in to my bank account, I simply go to Splash ID and click on my bank account. SplashID will open a browser window, go straight to my bank’s URL and populate the login and password fields. If I want to access a site or application that doesn’t support SplashID (or programs like it), I can cut and paste the login and password out of SplashID manually.

• Unique, Highly Secure Passwords – Prior to using this type of program I used the same passwords for multiple applications and websites. Although I knew this was a risky practice, I found it impossible to memorize different passwords for each use. Now I let SplashID create my passwords for me, knowing that these passwords are completely random and therefore much stronger than passwords that I would be capable of remembering on my own. Each application or site is given its own unique password, limiting my exposure in case any one of these sites is ever compromised by a password-stealing hack.

• Synchronization through my LAN – While most password lockers offer synchronization by sending everything up through the cloud and then back down again, SplashID synchronizes through the wireless of my local area network. This feels more comfortable and secure to me.

How do you manage your passwords? What is your experience with SplashID or other password locker programs? Leave your thoughts below.

Mike Faster, President 

What’s New in Exchange 2010 SP2

Over the past month we’ve been testing Exchange 2010’s recently released Service Pack 2 both in our labs and with some of our customers. Along with the usual collection of bug fixes and security updates, there are two new features that we think will be of interest to system engineers:

1. New Address Book Policies Capabilities – In the past, a user that was on Exchange had access to the entire Global Address List (GAL) in Exchange and Outlook. SP2 enables you to segregate the GAL – such as by division, department or company – and then limit the access of specified groups of users to specified segments of the list.

2. OWA Cross-Site Silent Redirection – Prior to the release of SP2, when a user attempted to use Outlook Web Access (OWA) to get to their email, they sometimes were given a URL link that had to be clicked in order to reach the appropriate client access server. Not only did this create an extra step for the user, it also often resulted in calls to IT from confused users who thought that there was something wrong with the webmail system. With SP2 this redirection happens automatically, saving time for both the users and the engineers who used to field these calls.

At this point we are still testing SP2. If anything else of interest turns up in our testing, we’ll be sure to let you know!

Kevin Szady, Co-founder and Director Technical Services 

 

The Top Items to Monitor in SharePoint

As with all applications, if you want to keep your SharePoint system in top condition, you must monitor its performance and take action as needed. Here are the top items that you need to keep an eye on to ensure your SharePoint performs as expected.

Monitoring the web services side of SharePoint

The most important items to monitor on the web services side of SharePoint all relate to server performance. You need to monitor:

• The number of connections to the web server at any given time.How many people are hitting the site at once? Too many requests will overwhelm the server and make it slow to respond. Monitoring this and watching the trends will help you determine when it’s time to upgrade to faster or additional servers. A sudden spike can also indicate a denial of service attack – which of course requires immediate action on your part.
• The average number of connections to the web server throughout the day. By tracking the number of concurrent connections that the server has you’ll be able to see growth trends over time and keep tabs on how much use the SharePoint server is getting.
• The server’s actual response time. An acceptable response time is 50 requests per second. There are a variety of issues that can cause response time to slow. If the response time is less than 50 requests per second you’ll need to do an analysis to determine the cause, and then take action as appropriate.

Monitoring the SQL server side of SharePoint

Because SharePoint’s data is all stored within SQL server, monitoring SQL is critical. Be sure to monitor:

• The number of transactions per second being handled by the database. Microsoft recommends keeping this below an average of 100 transactions per second. Anything above this will overwhelm the SQL server, which will then slow down elsewhere to compensate. There are a variety of things that can cause this number to spike, so if it goes above 100 an analysis will have to be done to determine the cause.
• The number of user connections to the SQL server. This tells you how many people are going through SharePoint to access SQL. Not only is this important to know for security reasons, it also helps you determine if you have enough horsepower on the server to handle the requests that are coming through.
• The amount of server memory available. The total server memory available in SQL Server Memory Manager should be at least 200 KB. If it drops below this, SQL’s input/output performance will be negatively impacted until you add more memory to the system. 

What issues have you seen in SharePoint monitoring? Leave your comments below.

Mohan Reddy

Lessons Learned from My Recent VMware SRM Installations

I recently completed a few installations of SRM, VMware’s Site Recovery Manager. SRM is a program that enables failovers of multiple virtual machines (VMs) from your primary site to your recovery site. Based on my experience with SRM I have some insights that I’d like to share.

• Understand that “Automated Disaster Recovery Process” is a misnomer. Because VMware’s documentation says that SRM is “automated,” many people expect it to automatically (a) notice that you have a failure at your primary site and (b) get all your VMs up and running at your recovery site. All by itself. In reality, before SRM will do anything you need to create a recovery plan, put it in place, notice that you have a failure at your primary site, and launch the system. What’s “automated” is the plan execution once you say “go.”

• Start by prioritizing your VMs. It’s important to have all of your ducks in a row before you engage the SRM product. When you execute a recovery plan you probably won’t have the resources at your recovery site to bring all of your VMs up at once. Having a tiered service approach – where you have determined in advance which VMs are most important and which are not – ensures that your primary/high level VMs get top priority. Putting all of the servers for each high priority service in one protected storage group is also a good idea.

• Make sure you have the proper storage replication adapters. Your storage devices are constantly replicating data from your primary site to your recovery site.SRM needs storage replication adapters in place at both sites, so it can tell the storage system to stop replicating (or attempting to replicate) data so that you can bring those VMs up at the recovery site. However, depending on the vendor, there can be different versions of storage replication adapters for different supported hardware platforms. The time to make sure you have the right ones in place is long before a disaster occurs.

• Use TCP/IP addresses for the storage appliances that are housing the VMs. Don’t just use common fully qualified domain name resolution, as this can cause naming issue problems when coordinating the back-end with the storage devices and lead to issues with the new Reprotect option if you’re using theSRM 5.0.

• Upgrade to SRM 5.0 if you want to simplify fail-backs. SRM 4.1 employs a unidirectional process. If you want to fail back to your primary site once the disaster is resolved, you have to set everything up again in the other direction. With SRM 5.0 this isn’t necessary, as 5.0 allows for a bidirectional process. It can automatically reverse the flow, allowing you to easily take the systems that you failed over to your recovery site and move them back to your primary site. This is a huge time saver.

Need help with your next VMwareSRMinstallation? Give us a call. We’re here for you.

Brett Atwell

The Escalation Process: Getting Issues Resolved

It’s nine o’clockin the morning and the phones are lighting up in the IT department. The email system is down, and everyone from the President to the Receptionist is calling to say there’s a problem. Of course, thanks to their monitoring system, IT had already noticed that something was wrong – but the calls are providing immediate feedback regarding how widespread the problem is. Because email is a mission-critical system at this company, if the Tier 1 engineer cannot quickly fix the problem, the organization’s formal escalation process will kick in.

What is an Escalation Process?

An escalation process is a formal process for addressing IT issues and problems when they arise. All IT departments should have a written escalation process in place, with the entire IT staff trained on its use. The process assigns priority levels to different types of issues, delegates responsibilities to specific personnel, and defines how much time personnel at different support levels will spend attempting to fix a given issue before the problem is “escalated” to the person or people at the next support tier.

The Components of an Escalation Plan

A formal Escalation Plan needs to address each of the following items:

• Support Personnel – A clearly defined tier of support personnel, including each person’s name, title, contact information and expertise.
• Service Priorities – A chart listing all of the services provided or managed by IT, with each ranked on importance level based on the number and type of people affected by the service. For example, mission-critical services like email might be designated “P1,” while less important services such as a particular printer might be designated “P3” or “P4.” For more information about categorizing services and issues into priority levels, see our article on Best Practices for Configuring Your Network Monitoring System.
• Response Times – For each priority level, a definition of how much time the personnel at a given support tier can spend trying to fix the problem before it is escalated to the next tier.
• Communication Standards – Standards for how frequently the IT department will communicate with affected users during the problem resolution process regarding the issue’s status.

The Escalation Process in Action

To see how all of this works, let’s get back to our email outage example…

The escalation process usually starts with a user notification, monitoring alert or service outage. In this case it was all three! At the first level of support the responsibility is to identify the issue’s severity and priority level, and to attempt to resolve the issue in an efficient manner. Our Tier 1 support person determined that the email outage is a P1 issue, which means that he’s got about 5 to 10 minutes to solve the problem. He checks to see if he can get into email (he can not), checks if the problem is company-wide (it is), and checks for connectivity to the email servers (not there). He determines that he can log in to the mail server, but the email database won’t start. He is now out of time, so he escalates the issue to the Tier 2 person, letting this person know the issue status and what he has done so far towards resolving it. He also communicates the issue status with the end users, as per the Escalation Plan.

Based on the written Escalation Plan, the Tier 2 support person might have 20 to 30 minutes to resolve the problem. In this example, the Tier 2 person uses up all of his time getting the email database to start – only to discover that the issue still isn’t resolved. It’s time to escalate the issue to the Tier 3 support personnel.

The Tier 3 support person determines that the email database itself has been corrupted. He makes a temporary switch over to the disaster recovery site, which gets the company’s email back online, and then fixes the corrupted database. If the Tier 3 person could not fix the problem within the allotted time, the next step would have been to escalate the issue to the product vendor’s support team.

Are All Escalation Plans the Same?

No, but they are similar. What usually differs is each organization’s priorities, response times, communication commitments, and so forth. The important thing, though, is to have a plan in place.

Mohan Reddy

What’s Ahead in 2012? Predictions for SaaS, Mobile Computing and Microsoft

With the New Year upon us, it’s time for me to get out my crystal ball and make my annual prognostications regarding what we can expect in the IT world this year. Here’s what I see …

Projects for Q1 will be constrained. The floods inThailand have resulted in a shortage of hard disc drives; IT departments will need to plan around this. Since disc drives are a big part of what they ship, many of the of big IT providers (including Intel and HP) are already giving profit warnings for Q1.

Hybrid architectures utilizing SaaS will grow in popularity. Now that people have had a few years to figure out how to integrate and manage different SaaS applications with on-premise applications, we’re seeing more IT groups doing so. As this hybrid model continues to mature, I expect to see even more enterprises moving in this direction.

The SaaS space will see more consolidation. As SaaS and hybrid models become more popular, I also expect to see further consolidation in the SaaS space. We have already watched as HP acquired Autonomy,SAP acquired SuccessFactors and Oracle – the loudest antagonist for SaaS – acquired RightNow. Watch for additional SaaS acquisitions in 2012.

The challenges with managing mobile computing will multiply. The explosion in the use of mobile devices (especially iPhones and iPads) will continue to cause headaches for IT managers. What policies need to be set at the enterprise level for their use? How do you create a support model for sanctioned applications? And what do you do about the unsanctioned applications that may create some conflict or instability on the devices?

Mobile and cloud-based storage’s security issues will have to be addressed. One of the main drivers of cloud-based storage is the explosion of mobile devices. People want to be able to seamlessly move and use data, regardless of which device they happen to be using. While services such as DropBox and Box.net have done a great job of meeting this need, they have also made it extremely easy to put sensitive data in the cloud without proper protection. In 2012 enterprises are going to have to give significant thought to architectures that will protect intellectual property wherever it is stored.

Microsoft will become increasingly irrelevant on the desk top. Every day people around the world pull out their Android or iPad and get a reminder that the Windows operating system is not the only game in town. There are other ways to browse the web, do word processing or look at a spreadsheet, and there are useful apps for doing these things that don’t cost hundreds of dollars.

The core of the issue here is that Microsoft just doesn’t seem to “get” the sea change that’s taking place around them, and they don’t seem to be doing anything strategically to get in the game. Instead, they’re working hard to protect their Windows monopoly, and they’re distracting themselves trying to make a market for Windows phones, when that market is already owned by others. Oddly enough, they now find themselves in a position like Apple, in that the “best” technology may not win. Although their telephone software may turn out to be superior, no one cares because the numbers are all on Android and IOS.

Mike Faster, President 

Free Mobile Devices Support: Ask your Kid

Lately we’ve been talking a lot about mobile devices and how to manage iPads, iPhones, Androids, etc. at the enterprise scale. How do you secure and protect your organization’s intellectual property when it resides on these devices? How do you establish password standards? Etc., etc.

But what about all those niggling little “day to day” issues? Learning to navigate the features of a mobile device is not always easy. Where can you turn when you have questions about how to use the device itself? Perhaps you want to change the ring tone or background color. Maybe you need some tutoring on the “basics,” such as how to send a text or snap a photo. Where do you go for this type of support? Sure you could go online or plow through a manual, but chances are you’re in a rush and looking for a faster solution. If this is the case, I recommend you do what I do: ask your kid.

Kids spend more time on mobile devices than any other class of people. They know how to make those cosmetic or annoying problems go away. It doesn’t matter if they don’t have a device like yours (chances are one of their friends does) or if they’ve never encountered this problem before. Chances are your kids will be able to intuitively figure it out. Kids just seem to know more about this stuff than we do.

Think your kid is too young to be of help? Think again. Last month at a family holiday party one of the guests was showing everyone else how her two-and-a-half-year-old grandson knew how to find the photos on her iPhone. As everyone watched she handed him the phone, he pushed the correct icon and then laughed happily at all of the photos of himself and his sisters.

Like I said, if you need help with your mobile device, the fastest and easiest thing to do is to simply ask your kid!

Mike Faster, President 

My Favorite iPad 2 Apps for the Enterprise

Like many of you, I am the proud owner of a variety of devices, including an iPad 2. While the iPad 2 can be entertaining, I’m getting even more value by integrating it into my work life. Here are my favorite apps for helping me do so.

“Mail” and “Calendar” – These are the native email and calendaring applications that Apple provides with the iPad 2, and they’re very well done. In fact, they’re arguably easier to use than Outlook. What do I like most about these applications? The fact that they allow me to consolidate accounts.

With the calendar app, for example, I get one consolidated view of multiple calendars that are hosted on separate Exchange servers (for example, my calendar on Coyote Creek’s server, and my calendar that’s hosted on one of our client’s servers). I could never do this with Outlook, which will not allow you to connect to two different Exchange servers and have them open in one application.

Likewise, the mail application allows me to combine my multiple accounts into one mail application with separate inboxes. Plus, the iPad 2 has a built-in VPN, which ensures that connections to my internal network are secure.

RDP Lite – This free RDP (Remote Desktop Protocol) client essentially enables me to turn my iPad 2 into a traveling desktop computer. If I leave my laptop or PC running back at my office, RDP Lite lets me connect to that computer, get a screen on my iPad 2 that exactly mirrors that computer’s screen, and then do all of the Windows things from the iPad 2 that I want (even if the Windows apps are hosted on a Windows server).

The only downside to this app is that the iPad 2 doesn’t use a mouse. When I’m on the iPad 2 connected to my server I have to remember to use my fingers to do the scrolling or clicking – which is hard to do since the screen looks just like my screen back at the office. But then when I return to the office and sit down to use my desktop computer, I find myself tapping the screen in frustration, forgetting that I need to switch back over to the mouse!

QuickOffice – This paid application lets me open, read, and edit Microsoft Office documents on my iPad 2, whether they came in as email attachments, were downloaded from my file server via VPN, or were pulled down from my cloud-based storage.

Dropbox – Speaking of cloud-based storage, this is what I’m using. Dropbox provides a highly encrypted connection between any of my devices and the cloud. As a result, all of my documents can be easily and securely accessed and edited from any of my devices (including laptop, iPad 2 and Droid). When I save a file from one device, it’s instantly synchronized to all of the other devices. I also find that Dropbox is great for sharing documents with others, as it allows me to give selected people specific and secure access to any of my folders. Dropbox is fast and easy to set up, simple to use, and elegant in its simplicity – and the 2GB of storage that’s provided free is plenty for my needs.

SplashID – Are you having trouble keeping track of all of your passwords? I was. With over 50 different passwords – many of which need to be changed frequently – I was struggling. Now I’m using SplashID, a paid app that is a secure password manager for all of your devices.

SplashID works by installing an encrypted database on each of my devices. Then, as I change or update my passwords on one device, it synchronizes the changes to all of my other devices. Simple!

All in all, I’m thrilled with the way my iPad 2 is helping me improve my productivity, increasing my effectiveness when I’m out at client sites.

Mike Faster, President