monitoring Alessandro Stesi

How to have your computer network under control

monitoring

In recent years we have witnessed a rapid evolution of information infrastructures that have become increasingly complex and heterogeneous. The introduction of virtualization, thanks to the economic savings and its simplicity, has encouraged the increase in the number of servers divided then by functions and roles. Technologies like the Cloud have allowed to extend the company boundaries, just think of the hybrid Cloud or the public Cloud where previously physical servers that were physically present in the company have evolved in virtual instances in executions on more Datacenter also geographically distributed on the globe. Last but not least, the IoT (Internet of Things) has contributed to enrich the network of devices on the network and that it is necessary to manage.

 

The age of check-lists

Not many years ago, the system operators had sufficient check-lists, regularly performed according to work procedures, to monitor the company server pool and thus ensure the correct functioning of all the IT components, with particular attention to the business critical systems. Today this approach, as well as expensive, would be ineffective, mainly because of how the company infrastructure has evolved. The manual controls would become not only numerous but also unmanageable and with an inherently high degree of error. Moreover, in this scenario, it is not possible to guarantee a correct timeliness in the identification of a problem or in the management of a breakdown.

 

Automated monitoring

 

The evolution of the IT model has introduced the need to introduce new ways of controlling the network that are automated or semi-automated, distributed and above all pro-active / reactive. In fact, solutions have been developed capable of managing an increasingly high, heterogeneous and distributed number of network devices. The new monitoring systems are also able to set the frequency of the measurements based on the metrics observed, increasing it for those values ​​in continuous change that it is necessary to observe therefore continuously and decreasing it for the more static ones. For example, disk space occupation in some environments may vary less than the network bandwidth. This precaution allows to optimize the resources of the monitoring avoiding to measure continuously less dynamic variables.

The evolutions of these monitoring systems have also made it possible to collect data centrally with the possibility of comparing different metrics to each other thus obtaining the composed metrics. Not merely measuring a single metric but comparing its value in relation to another (even different systems) has extended the concept of monitoring.

 

Item and Trigger

In the systems world or systems monitoring applications there are two basic concepts such as Item and Trigger. The first, Item, represent the metrics or the value (numeric, Boolean, textual) measured or to be measured (eg cluster status, CPU usage, disk usage, etc) while the seconds, Triggers, are the thresholds that you want to apply to a certain Item to check its value. For example, you may need to set two Triggers to monitor the volume occupation of a SAN by receiving a first notification if this exceeds 80% of the maximum capacity and a second in the case of 90%. This modular feature (Item and Trigger) allows for example to simply monitor the trend of a given metric (eg data center band) without necessarily applying a triggger to the measurement or allows to apply more thresholds to the same item to monitor the change in value reporting the change with different actions based on the triggers.

 

Actions

Upon the occurrence of a certain condition identified by the triggers, it is possible to perform a specific action such as sending an email, a text message, a VoIP call or running a program. For example, you could monitor a log file (item log file equal to catalina.log) and upon the occurrence of a certain condition (trigger that verifies the presence of a certain pattern) restart the relative application. In addition to being automated, actions can also be manual, leaving the monitoring system operator the possibility to apply them when it is deemed most appropriate.

 

Solution for monitoring the IT infrastructure

The Secure Online Desktop provides its customers with two monitoring services:

   ◊ IT monitoring service: This service is a complete solution for monitoring the customer’s IT infrastructure without needing to install additional hardware. The solution involves the use of a Cloud management console and a set of specific software agents that our staff will install.

   ◊ Managed monitoring service: This service is an add-on to the Cloud Server service that plans to monitor the Cloud servers that the customer buys.

 

[btnsx id=”2931″]

Useful links:

ICT Services

FAQ

News

Demo online

New Cloud Server video – Create your Public Cloud

Cloud servers

Cloud Products and Services

VPS Metered – Cloud location

Demo Cloud Servers

Share


RSS

More Articles…

Categories …

Tags

RSS darkreading

RSS Full Disclosure

  • SEC Consult SA-20240220-0 :: Multiple Stored Cross-Site Scripting Vulnerabilities in OpenOLAT (Frentix GmbH) February 21, 2024
    Posted by SEC Consult Vulnerability Lab, Research via Fulldisclosure on Feb 20SEC Consult Vulnerability Lab Security Advisory < 20240220-0 > ======================================================================= title: Multiple Stored Cross-Site Scripting Vulnerabilities product: OpenOLAT (Frentix GmbH) vulnerable version:
  • Re: Buffer Overflow in graphviz via via a crafted config6a file February 21, 2024
    Posted by Matthew Fernandez on Feb 20The fix for this ended up landing in Graphviz 10.0.1, available at https://graphviz.org/download/. Details of this CVE (CVE-2023-46045) are now published, but the CPEs are incomplete. For those who track such things, the affected range is [2.36.0, 10.0.1).
  • CVE-2024-24681: Insecure AES key in Yealink Configuration Encrypt Tool February 21, 2024
    Posted by Jeroen J.A.W. Hermans via Fulldisclosure on Feb 20CloudAware Security Advisory CVE-2024-24681: Insecure AES key in Yealink Configuration Encrypt Tool ======================================================================== Summary ======================================================================== A single, vendorwide, hardcoded AES key in the configuration tool used to encrypt provisioning documents was leaked leading to a compromise of confidentiality of provisioning documents....
  • Microsoft Windows Defender / Backdoor:JS/Relvelshe.A / Detection Mitigation Bypass February 21, 2024
    Posted by hyp3rlinx on Feb 20[+] Credits: John Page (aka hyp3rlinx) [+] Website: hyp3rlinx.altervista.org [+] Source: https://hyp3rlinx.altervista.org/advisories/Windows_Defender_Backdoor_JS.Relvelshe.A_Detection_Mitigation_Bypass.txt [+] twitter.com/hyp3rlinx [+] ISR: ApparitionSec [Vendor] www.microsoft.com [Product] Windows Defender [Vulnerability Type] Detection Mitigation Bypass Backdoor:JS/Relvelshe.A [CVE Reference] N/A [Security Issue] Back in 2022 I released a...
  • Microsoft Windows Defender / VBScript Detection Bypass February 21, 2024
    Posted by hyp3rlinx on Feb 20[+] Credits: John Page (aka hyp3rlinx) [+] Website: hyp3rlinx.altervista.org [+] Source: https://hyp3rlinx.altervista.org/advisories/MICROSOFT_WINDOWS_DEFENDER_VBSCRIPT_TROJAN_MITIGATION_BYPASS.txt [+] twitter.com/hyp3rlinx [+] ISR: ApparitionSec [Vendor] www.microsoft.com [Product] Windows Defender [Vulnerability Type] Windows Defender VBScript Detection Mitigation Bypass TrojanWin32Powessere.G [CVE Reference] N/A [Security Issue]...
  • Microsoft Windows Defender / Trojan.Win32/Powessere.G / Detection Mitigation Bypass Part 3 February 21, 2024
    Posted by hyp3rlinx on Feb 20[+] Credits: John Page (aka hyp3rlinx) [+] Website: hyp3rlinx.altervista.org [+] Source: https://hyp3rlinx.altervista.org/advisories/MICROSOFT_WINDOWS_DEFENDER_TROJAN.WIN32.POWESSERE.G_MITIGATION_BYPASS_PART_3.txt [+] twitter.com/hyp3rlinx [+] ISR: ApparitionSec [Vendor] www.microsoft.com [Product] Windows Defender [Vulnerability Type] Windows Defender Detection Mitigation Bypass TrojanWin32Powessere.G [CVE Reference] N/A [Security Issue]...
  • 44CON 2024 September 18th - 20th CFP February 15, 2024
    Posted by Florent Daigniere via Fulldisclosure on Feb 1544CON is the UK&apos;s largest combined annual Security Conference and Training event. Taking place 18,19,20 of September at the Novotel London West near Hammersmith, London. We will have a fully dedicated conference facility, including catering, private bar, amazing coffee and a daily Gin O’Clock break.         _  […]
  • SEC Consult SA-20240212-0 :: Multiple Stored Cross-Site Scripting vulnerabilities in Statamic CMS February 14, 2024
    Posted by SEC Consult Vulnerability Lab, Research via Fulldisclosure on Feb 13SEC Consult Vulnerability Lab Security Advisory < 20240212-0 > ======================================================================= title: Multiple Stored Cross-Site Scripting vulnerabilities product: Statamic CMS vulnerable version: =3.4.17 CVE number: CVE-2024-24570 impact: high homepage: https://statamic.com/...
  • Stored XSS and RCE - adaptcmsv3.0.3 February 14, 2024
    Posted by Andrey Stoykov on Feb 13# Exploit Title: Stored XSS and RCE - adaptcmsv3.0.3 # Date: 02/2024 # Exploit Author: Andrey Stoykov # Version: 3.0.3 # Tested on: Ubuntu 22.04 # Blog: http://msecureltd.blogspot.com *Description* - It was found that adaptcms v3.0.3 was vulnerable to stored cross site scripting - Also the application allowed the […]
  • OXAS-ADV-2023-0007: OX App Suite Security Advisory February 14, 2024
    Posted by Martin Heiland via Fulldisclosure on Feb 13Dear subscribers, We&apos;re sharing our latest advisory with you and like to thank everyone who contributed in finding and solving those vulnerabilities. Feel free to join our bug bounty programs for OX App Suite, Dovecot and PowerDNS at YesWeHack. This advisory has also been published at https://documentation.open-xchange.com/appsuite/security/advisories/html/2023/oxas-adv-2023-0007.html. […]

Customers

Newsletter

{subscription_form_1}