Apex Lab
 |
Welcome to the Apex Solution Partners Lab. Here we'll explain in more technical detail what we do behind the scenes to provide the services we offer. We will explore, without getting into the inessential details, the structureand thinking that builds our strategies and solutions. Click the links below to jump to what you're most interested in.
Network Monitoring Remote Support Desktop Support Virtualization |
Network Monitoring
Monitoring and Alerting
Need a Han? No, I'll do it Solo
Almost Limitless Reporting
Anti-Virus, Spam Control and Backup Imaging
The network monitoring tools we use are very extensive. The backbone of the operation is based on the Kaseya engine. A small local agent is installed on each client that reports back to the Apex Central Command (ACC), where the data is processed. It is, by definition, a pure client->server structure.
The communication is internet or VPN based and we must have an external connection for this to work. The great thing about the agent is the minimal resources it takes on the local system. From our experience, the agent is robust and eats only 2-10 MB of RAM on our client systems.
Monitoring and Alerting
The local agent can monitor any process or threshold that the client deems necessary. We make suggestions of course (we do set up the basic monitoring by default which would consist of connectivity, disk space, RAM usage, critical processes based on the responsibilities of the machine) but its really what the client feels is imperative. We write small scripts to add the unique monitoring thresholds and then we set up the alert process. We can also monitor the Event Viewer for certain events and react on those.
When the agent sees a threshold has been hit, it reports back to the ACC. The ACC then follows the client specific protocol on what to do next. In an emergency, for instance, it starts calling cell phones of the Apex engineers. If it is a proactive alert, an email is sent to the engineering group, who respond and react to the problem.
Need a Han? No, I'll do it Solo
The agent can be programmed to handle some things on its own. This can be effective if the process is simple and can save the time it would take an engineer to be altered and respond. For instance, the agent can be programmed to restart processes and/or machines if a certain situation arises.
The agent can also install patches, perform disk defrags or run other maintenance scripts. Its a robust scheduler with fail-safes built in.
We were and still are amazed at what we can report on using this system. From license and registry keys to mobo numbers and specifications (slots used and available), RAM usage, disk space, installed programs, bandwidth usage, ... it goes on and on.
When we have to get something out of the ordinary, we have to write a script. The script is created on the server, which then instructs the agent to run it and report back the findings. This was very useful in the following scenario:
A client reports that someone may have installed a viral piece of malware. After investigating, we find that there is a common registry key that the malware creates. So, we create a script to scan all the machines for the specified registry key. We schedule the execution of the script and wait for the results. A few minutes later we have solid idea on how much this virus had spread, if at all. From there, we can use basic removal utilities to get the client back to normal.
Hardware and software inventory is also very valuable to the client, all from the agent. We can create scripts to scan for anything out of the ordinary. Mostly though our general reports give the client enough information to know what exactly they have in the company.
Anti-Virus, Spam Control and Backup Imaging
"We're small, but we're strong!" The local agents, as mentioned above, are tiny in size and order very little at the Resource Drive-Thru. However, they can perform some monumental tasks that can save a client money and simplify the application infrastructure.
Anti-Virus, Spam Scanning- The agents grab the latest definitions from the ACC and do real-time scanning on the local system. This allows the client to remove any other AV application that may take up more resources and helpdesk time. The agents can be told to ask the ACC for definitions at unique intervals. If the agent is offline (the computer is turned off) at the scheduled check-in, it will check in when the ACC connection has been re-established.
Backup Imaging- The agent can back up files or take a snapshot of the machine and send it anywhere it can connect to. Sometimes we upload the data offsite or we can send it to a file server in-house. The restores are bare-metal and if everything goes right we can usually restore a machine or server in less than an hour. The backups can be "point-in-time" snapshots depending upon the critical nature of the machine.
Our Remote Support is accomplished in one of two ways. We can use the installed local agent (detailed in the Network Monitoring section) or the GoTo Assist platform. Both require an internet connection to function and are remote control.
We can also use either platform to remote into network equipment using Putty, Telnet or a web interface. Of course, we'll need to get into a PC first, then use secondary tools to access what we need to.
The agent connection is always on (or should be) and is a quick way to get to the local machine. It has the basic functionality of a remote control session with security controls in place so the user can allow or disallow a connection, or stop the session at any time.
The GoTo Assist has more functionality and is web based. So, we'll need at least one browser working. Firefox 3.x and Internet Explorer 6.0+ are supported. We can access files, chat and draw on a screen with GoTo Assist so sometimes its the better choice. They both come with the remote support package so the client doesn't have to make a choice.
Desktop Support
Our desktop support plan is unique as we use the same proactive monitoring as we do for servers. This is a client option, but we prefer to have the agent installed as it will help us with the following:
1. Inventory- We can see all the software and hardware which gives us a very detailed inventory report. It also allows us to give the client a list of machines that can be upgraded in certain areas without being onsite to open up the box and see whats in it. For instance, if the client wanted to add memory, we could what is installed and how many memory slots were available.
2. Proactive Monitoring- Allowing us to see disk space available, monitor the event log and defrag the drives will keep the machine alive longer and functioning at higher level. We can monitor and build scripts for almost anything that is important to the user.
The agent is very small (2MB) and takes up only 2-10 MB of RAM so it doesn't inhibit the performance of the client station. It does rely on an internet connection to function as it reports back to the Apex Command Center (ACC). More details of the agent are provided in the Network Monitoring section of this page.
Virtualization
Virtualization projects are becoming more the norm for us. We have a VMware showcase page here. We also will use Hyper-V in all Microsoft shops if it looks like the ROI will be higher. Both offer their own advantages depending upon the client and the need for a 3 or 4-9 uptime solution.
In order for us to provide redundancy at a high level we need the following minimum infrastructure in place: 2 hosts, a SAN, GB switches. We can get fancy with file replication (on and off-site) and Vmotion over the WAN (although this is still in testing) if needed. Mostly though, the SMB's that are jumping to this, we need the main three listed above.
We also have begun seeing requests for VDI (Virtual Desktop) infrastructures. VMware and Microsoft handle these in their own way. They're basically client->server connections that boot the OS in the server environment and show the output at the client. Companies like this idea as it allow them to run older machines without worrying about the local resources.
ROI determination: We use a simple formula for this and its mostly soft ROI, meaning the client will see it eventually over time and/or the productivity and production increases will be difficult to determine in hard numbers. Mainly, we want to take the mission critical systems and make them redundant, focusing more on business continuity than disaster recovery.
Here's an example, if the client determines that the loss of one application for one day will cost the company $10,000 in lost revenue (sales, employee productivity, opportunities) and the cost of the project is $10,000 then the first time our business continuity plan kicks in, the client has broken even. When the performance of the application gets better in the virtual environment because of resource allocation and optimization the client is again earning the money back, but its more under the surface.
Testing and Optimization- We will setup a test virtual environment
with the applications and a separate network for the client to access. We usually just hang a virtual network off the client's main physical infrastructure and lock it down by VLANs in the router or in the VMware interface. Hyper-V has the same type of structure with internal VLANs.
We can work on the optimization in the test network and use VMs accessed by the client through the VLANs to give them a real experience of what it will be like.
We also use the conversion and analysis tools from each vendor to determine what machines can be virtualized (some can't) and how many resources each machine will take in the Virtual environment. This allows us to determine the cost and size of any new hardware that is needed.
