IT monitoring system – Operation
Once you set up an IT development and management environment, it can be difficult to keep everything under control. IT monitoring systems come in handy, specifically designed to keep the entire system monitored.
The monitoring system of an ICT infrastructure allows you to report any anomalies that may occur within the components of the IT network. In this world, it is easy to predict and resolve problems before they can cause a service outage.
Monitoring system in practice
In the practice of an IT operator, the monitoring system is the equivalent of a dashboard for a motorist.
Modern cars have sensors and controls for every measurable value in the car. Thanks to a sensor system and a central computer for signal management, any failure or malfunction is signaled immediately. When a certain warning light comes on, or the sound of a certain buzzer sounds, the driver knows that something is not working as it should. In this way serious problems can also be avoided.
A monitoring system works with the same intentions. A set of software components, installed on the various machines connected together in the infrastructure, controls the correct operation by measuring certain parameters. The result is that a system collapses and stops functioning due to malfunctions that have gone unnoticed.
How an IT monitoring system works
Perche’ il sistema di monitoraggio funzioni correttamente, e’ necessario installare sulle macchine dei software agent. Queste applicazioni, disponibili per ogni tipo di sistema operativo, tengono sotto controllo i parametri della macchine e inviano le informazioni a un software che e’ preposto per la raccolta. Questo, chiamato server, dopo la raccolta dei dati inviati dagli agenti, mostra i risultati dei rilevamenti attraverso della grafica per renderli facili da consultare.
I componenti del sistema di monitoraggio comunicano tra di loro in modo sicuro. Nel sistema offerto dalla Secure Online Desktop (SOD), Zabbix, questo avviene accettando solo connessioni da IP autorizzati. Con il sistema di monitoring di SOD, inoltre, e’ possibile anche un controllo agent-less, cioe’ senza il bisogno di installare alcun software agent sulle macchine controllate.
La risposta semplice alla domanda e’: per prevenire interruzioni di servizio e danni fisici alle macchine fisiche, seppur queste potrebbero essere di competenza esclusiva del provider. La salute delle architetture IT utilizzate per fornire un servizio ai clienti, e’ importante quanto il servizio stesso.
Il segreto e’ avere tutte le risorse sotto controllo. Questo include l’hardware cosi’ come il software utilizzato.
In particolare e’ bene tenere a mente che molti fattori entrano in gioco quando parliamo di efficienza di un sistema. Per esempio il carico di lavoro di un server, i suoi tempi di risposta e le performance dei database coinvolti possono influenzare l’esperienza dell’utente finale.
Strategia d’uso di un sistema di IT monitoring
After installing the software needed to collect and process data on the machines involved, it is time to prepare a solid system control strategy.
The steps are not many, but all fundamental for maintaining the effectiveness of the control high.
1) Data collection
In the first step it is necessary to verify that the data are: available, collected and usable for subsequent analysis.
Obviously, the first thing to do is to collect data. If you don’t have the data, it can’t be analyzed. Make sure that the data collected is usable and relevant to achieving your goals.
2) Identification of the parameters
In the second step, thanks to a first analysis of the systems, the “normal” performances are identified for the machines and applications involved.
By setting the monitoring on the application performance level for each metric, you can compare the performance of the infrastructure in real time, having a basis of comparison to identify possible anomalies.
3) Alarm levels
The time has come to identify what the parameter alarm levels are and consequently which thresholds to set before receiving a malfunction warning. The approach is possible in two ways: it is based on generic statistical thresholds or on the deviation of the basic services analyzed in step 2.
It is not easy to decide which approach to use. To avoid triggering a disproportionate number of warnings, you should be able to specify what the acceptable deviation is for each metric.
4) Data analysis
Finally, the data must be analyzed to verify that the decisions made in the previous steps are always valid and that the systems are operating efficiently.
A proactive analysis is essential to always keep the architectures involved in order. This ensures that future problems that can negatively impact customer services are avoided.
An efficient and well-structured monitoring system is an indispensable prerogative for IT infrastructures.
On the market there are various possibilities to implement this service to your system. SOD offers a web control console through Zabbix, an enterprise solution for system monitoring.
Give yourself the advantage of improving the quality of your services without sacrificing operating costs.
- Zero-Day attack: what they are and how to defend yourself with SOCaaS
- Monitoring system, an overview
- Data Exfiltration: defense against data theft
- Install a Let’s Encrypt certificate on Debian based machine
- WastedLocker: Next generation ransomware
- Protecting a site in WordPress: security package
- Critical ransomware: examples of successful attacks
- Secure Online Desktop Social Initiatives
- Backup as a Service (2)
- Cloud Conference (3)
- Cloud CRM (1)
- Cloud Server/VPS (20)
- Conferenza Cloud (4)
- ICT Monitoring (4)
- Log Management (2)
- News (16)
- ownCloud (4)
- Privacy (6)
- Secure Online Desktop (14)
- Security (6)
- Web Hosting (12)
- Deloitte & Touche Buys Threat-Hunting Firm January 25, 2021Root9B (R9B) offers threat hunting and other managed security services.
- Small Security Teams Have Big Security Fears, CISOs Report January 25, 2021Researchers poll security leaders who are tasked with protecting large organizations but have a small presence and budget.
- How to Better Secure Your Microsoft 365 Environment January 25, 2021Security experts offer Microsoft 365 security guidance as more attackers target enterprise cloud environments.
- 2020's COVID Accelerated Digitalization Demands Stronger Cybersecurity in 2021 January 25, 2021As critical infrastructure faces increasing and sophisticated attacks, these trends will enable the energy sector to shore up its cybersecurity defenses.
- Comparing Different AI Approaches to Email Security January 25, 2021Get to know the difference between "supervised" and "unsupervised" machine learning.
- Intel Confirms Unauthorized Access of Earnings-Related Data January 22, 2021News likely contributed to slide of over 9% in chipmaker's stock at one point Friday.
- Speed of Digital Transformation May Lead to Greater App Vulnerabilities January 22, 2021The fastest-moving industries are struggling to produce secure code, according to AppSec experts.
- How Cybersecurity Newbs Can Start Out on the Right Foot January 22, 2021Cybersecurity experts share their savvy tips and useful resources for infosec hopefuls.
- Why North Korea Excels in Cybercrime January 22, 2021North Korea is laser-focused on boosting its cyber capabilities, and it's doing a remarkable job of it.
- DreamBus, FreakOut Botnets Pose New Threat to Linux Systems January 21, 2021Researchers from Zscaler and Check Point describe botnets as designed for DDoS attacks, cryptocurrency mining, and other malicious purposes.
- Backdoor.Win32.Hupigon.adef / Remote Stack Buffer Overflow January 22, 2021Posted by malvuln on Jan 22Discovery / credits: Malvuln - malvuln.com (c) 2021 Original source: https://malvuln.com/advisory/c8f55ce7bbec784a97d7bfc6d7b1931f.txt Contact: malvuln13 () gmail com Media: twitter.com/malvuln Threat: Backdoor.Win32.Hupigon.adef Vulnerability: Remote Stack Buffer Overflow Description: Backdoor Hupigon (Cracked by bartchen) bartchen () vip sina com, listens on TCP ports 8001,8002,8003,8004 and 8005. Sending a large contaminated HTTP POST request...
- Backdoor.Win32.Xel / Remote Authentication Buffer Overflow January 22, 2021Posted by malvuln on Jan 22Discovery / credits: Malvuln - malvuln.com (c) 2021 Original source: https://malvuln.com/advisory/3648c68bfe395fb9980ae547d881572c.txt Contact: malvuln13 () gmail com Media: twitter.com/malvuln Threat: Backdoor.Win32.Xel Vulnerability: Remote Authentication Buffer Overflow Description: Xel listens on TCP port 8023 and requires authentication good for them!, upon connecting you are greeted with a password prompt: XeL TROJAN based […]
- Backdoor.Win32.Verify.f / Missing Authentication January 22, 2021Posted by malvuln on Jan 22Discovery / credits: Malvuln - malvuln.com (c) 2021 Original source: https://malvuln.com/advisory/119cd00c48678d63ec07762a7ff08ac7.txt Contact: malvuln13 () gmail com Media: twitter.com/malvuln Threat: Backdoor.Win32.Verify.f Vulnerability: Missing Authentication Description: Backdoor.Win32.Verify by pMK, yet another self-hating backdoor as it lacks authentication granting access to whoever can reach the infected system. This malware listens on...
- Backdoor.Win32.Onalf / Missing Authentication January 22, 2021Posted by malvuln on Jan 22Discovery / credits: Malvuln - malvuln.com (c) 2021 Original source: https://malvuln.com/advisory/ba815d409cd714c0eac010b5970f6408.txt Contact: malvuln13 () gmail com Media: twitter.com/malvuln Threat: Backdoor.Win32.Onalf Vulnerability: Missing Authentication Description: WinRemoteShell (Onalf) listens for commands on TCP port 2020. Interestingly, it will only start listening once it can connect outbound to SMTP port 25. Not much […]
- Backdoor.Win32.WinShell.30 / Remote Stack Buffer Overflow / Missing Authentication January 22, 2021Posted by malvuln on Jan 22Discovery / credits: Malvuln - malvuln.com (c) 2021 Original source: https://malvuln.com/advisory/56a2b135c8d35561ea5b04694155eb77.txt Contact: malvuln13 () gmail com Media: twitter.com/malvuln Threat: Backdoor.Win32.WinShell.30 Vulnerability: Remote Stack Buffer Overflow / Missing Authentication Description: WinShell.30 listens on TCP port 5277 for commands. Attackers or responders who can reach the infected host can trigger a buffer […]
- Backdoor.Win32.Zxman / Missing Authentication January 22, 2021Posted by malvuln on Jan 22Discovery / credits: Malvuln - malvuln.com (c) 2021 Original source: https://malvuln.com/advisory/6b2a9304d1c7a63365db0f9fd12d39b0.txt Contact: malvuln13 () gmail com Media: twitter.com/malvuln Threat: Backdoor.Win32.Zxman Vulnerability: Missing Authentication Description: Backdoor.Win32.Zxman by Zx-man listens on TCP port 2048 for commands. However, anyone who can reach the infected host can take control as there is no authentication […]
- Backdoor.Win32.Whisper.b / Remote Stack Corruption January 22, 2021Posted by malvuln on Jan 22Discovery / credits: Malvuln - malvuln.com (c) 2021 Original source: https://malvuln.com/advisory/a0edb91f62c8c083ec35b32a922168d1.txt Contact: malvuln13 () gmail com Media: twitter.com/malvuln Threat: Backdoor.Win32.Whisper.b Vulnerability: Remote Stack Corruption Description: Whisper.b listens on TCP port 113 and connects to port 6667, deletes itself drops executable named rundll32.exe in Windows\System dir. The malware is prone to […]
- Backdoor.Win32.Whirlpool.10 / Remote Stack Buffer Overflow January 22, 2021Posted by malvuln on Jan 22Discovery / credits: Malvuln - malvuln.com (c) 2021 Original source: https://malvuln.com/advisory/bf0682b674ef23cf8ba0deeaf546f422.txt Contact: malvuln13 () gmail com Media: twitter.com/malvuln Threat: Backdoor.Win32.Whirlpool.10 Vulnerability: Remote Stack Buffer Overflow Description: Whirlpool listens on UDP Datagram ports 8848 and 8864. Sending a 192 byte payload to port 8864 triggers a stack buffer overflow overwriting both […]
- Backdoor.Win32.Zombam.geq / Remote Buffer Overflow January 22, 2021Posted by malvuln on Jan 22Discovery / credits: Malvuln - malvuln.com (c) 2021 Original source: https://malvuln.com/advisory/fd14cc7f025f49a3e08b4169d44a774e.txt Contact: malvuln13 () gmail com Media: twitter.com/malvuln Threat: Backdoor.Win32.Zombam.geq Vulnerability: Remote Buffer Overflow Description: Zombam.geq listens for connections on TCP port 80 and trys connect to SMTP port 25. By sending a HTTP GET request of about 2000 bytes […]
- [REVIVE-SA-2021-001] Revive Adserver Vulnerabilities January 22, 2021Posted by Matteo Beccati via Fulldisclosure on Jan 22======================================================================== Revive Adserver Security Advisory REVIVE-SA-2021-001 ------------------------------------------------------------------------ https://www.revive-adserver.com/security/revive-sa-2021-001 ------------------------------------------------------------------------ CVE-IDs: CVE-2021-22871, CVE-2021-22872, CVE-2021-22873 Date:...
Tempo di lettura: 4 minIl ransomware viene comunemente portato a segno con una e-mail che inganna gli utenti a fida… https://t.co/ms7ZTSxw2t
Ransomware commonly comes up with an email that tricks users into trusting a malicious file. Many of the most recen… https://t.co/wIarD0ojXT
Tempo di lettura: 5 minSul web sono disponibili moltissime applicazioni open source che permettono di gestire le pi… https://t.co/SjCg383iEF
On the web there are many open source applications that allow you to manage the most various situations. It is comm… https://t.co/e5OZvRPAqm
Tempo di lettura: 4 minLa pratica dello shadow IT e' l'utilizzo di sistemi informatici, dispositivi, software, appl… https://t.co/9wQPtvqemG