SAP Monitoring

SAP Monitoring

A typical SAP deployment is usually a sprawling, complex system and is one of the most critical applications an enterprise relies on to keep the business functioning, with it interacting with production, sales, dispatch, HR and other areas of the business.

Monitoring the performance and availability of SAP is therefore key.  Proactive monitoring may allow minor issues to be resolved before they become major issues.  SAP provide a number of tools such as Solution Manager and CCMS which can be used to monitor the platform.  It is however, worth considering the wider picture when it comes to selecting the right tool for this particular job.

Why should I consider a third-party tool?  I have the tools from the vendor, why do I need something else?

As an independent IT reseller and consultancy specialising in security, monitoring and management, these are common questions posed to KedronUK.  At first glance, it’s a sensible question as who should understand the intricacies and key performance indicators of an application better than the producer of that application?

Answering a question with a question doesn’t always provide an answer, but in this case, is a logical response.  What other IT resources does your SAP environment depend on?  For an on-premise environment this will undoubtedly cover storage and virtualisation stacks, networking and more.  Given one of the benefits of virtualisation is to share those expensive hardware resources and make better use of them, a SAP performance issue could actually be caused by another unrelated application which lives in the same infrastructure.  In a modern hybrid cloud / on-premise environment, dependencies will reach out further to include providers such as Microsoft Azure or Amazon AWS.

So, whilst the vendor’s own tools may seem the wise choice, monitoring the wider IT environment brings more visibility.  The phrase “knowledge is power” is commonly but possibly incorrectly attributed to Sir Francis Bacon back in 1597 (I’ll admit I had to look that fact up!) but regardless of when it was first said, it still rings true today. 

The eG Enterprise Suite is application aware, so can monitor the key SAP applications / services such as HANA, ABAP, Business One and NetWeaver to name but a few.  The monitoring of each application includes multiple tests at multiple layers.  As an example, when eG Enterprise monitors an ABAP Server instance, it reports on layers such as SAP Basis, Workload, Work Processes, Gateway and User Sessions.  Alongside this, eG Enterprise can also monitor the wider IT infrastructure such as a VMware vSphere virtualisation environment which may underpin SAP.  Unifying that visibility into a single place not only delivers that sort after knowledge but can also improve productivity for the IT team by reducing the number of tools they need to interact with.

A full list of the platforms and technologies supported by eG Enterprise can be found at:

https://www.eginnovations.com/it-monitoring/technologies

Another common issue we tackle with customers at KedronUK is the dreaded “alert cannon”.  As soon as somebody has the rule in their e-mail client to automatically move e-mail alerts from a monitoring system to a sub-folder as the messages are clogging up their Inbox, it’s arguable the monitoring is no longer doing the right job.  The eG Enterprise Suite capabilities include event correlation and analytics which make use of modern AI/ML techniques to reduce the noise and target something that really matters to an IT team – Root Cause Analysis (RCA).  I’ve never met anyone in IT who doesn’t want to resolve an issue as quickly as possible (we all want to look good, right?) so having a holistic view of your infrastructure with quick and easy RCA drill-down is essential.

Expanding on the previous example of an unrelated application impacting SAP performance, a lot of time, and therefore money, can be saved if your monitoring can indicate that whilst your SAP database server is suffering from poor disk performance, the real underlying problem is a run-away process on another VM, which shares the same virtualisation host and storage array, consuming all the storage I/O.

To understand more about the correlation and analytics functionality of eG Enterprise, I’d recommend reading John Worthington’s blog post:

https://www.eginnovations.com/blog/what-is-event-correlation/

    Chris Booth

    Chris Booth

    Solutions Architect

    Listens to your problems, then identifies the best tools and products to build solutions.

    Call us today on 01782 752 369
    KedronUK, Kern House, Stone Business Park, Stone, Staffordshire ST15 0TL

    Why Cloud apps need next-gen APM

    Why Cloud apps need next-gen APM

    Many businesses have a desire to move away from complex, difficult to support legacy applications.  Actually achieving that is far harder than just putting it into a strategy document, though!

    In the case of Tipico, the Maltese gaming and betting business, they had 160 servers supporting a three-tier Java application. With so many servers involved, it’s only natural that despite the very best intentions, different parts of the application stack end up on different Java or other library version. This all adds up to more complexity and thus Mean Time To Resolution (MTTR) for any issues.

    Tipico transitioned their platform to be orchestrated by Kubernetes (K8s), all run using components of Amazon Web Services. Their infrastructure is now purely infrastructure as code and Cloud based.

    Moving your key application(s) to microservices running on a Cloud platform doesn’t just involve deciding on which provider is the most cost effective, has the best geographical presence to suit your customer base or offers the right services for your applications. If Kubernetes has the ability to shrink or grow the number of nodes or pods running your application, how do you monitor it?  Just including your monitoring agent in your base server build image doesn’t work anymore.

    A next-generation APM tool which automatically and continuously discovers your infrastructure and application is the key. Tipico’s evaluation of the APM market determined that Instana was the best fit for their infrastructure.

    Instana’s ability to create ‘Application Perspectives’ is great for DevOps teams, where different teams are focused on different parts of the application.  Does a team working on the payments microservice really need to know how the login microservice is performing? Application Perspectives let teams filter out the noise, letting them focus on the metrics of the services they are responsible for.

    A DevOps mindset (Continuous Improvement/Continuous Development or CI/CD) also means regular code releases to add features or fix bugs. Instana’s API provides an easy method to further integrate the CI/CD pipeline and monitoring. A simple curl call can notify Instana of a release, which is then visible in Instana UI as a ‘release marker’. This means developers and support teams can both immediately correlate any radical changes in performance or stability against the release.

    Normally, a blog post needs a conclusion. In this case though, I think two statistics from the Tipico case study stand out to really show the success of the project:

    • 3x increase in the number of deployments per month
    • 10x improvement in MTTR
    Chris Booth

    Chris Booth

    Solutions Architect

    Listens to your problems, then identifies the best tools and products to build solutions.

    Call us today on 01782 752 369
    KedronUK, Kern House, Stone Business Park, Stone, Staffordshire ST15 0TL

    ExtraHop Remote Working

    ExtraHop Remote Working

    Saying this year has been strange is, obviously, something of an understatement. Back in January I don’t expect anyone at Zoom expected their brand to become a genuine household name by now. IT professionals will have been exceptionally busy not just supporting business transformation from office to home working, but helping friends and families keep in touch.  There’s no escape once you are the go-to technical guru in your extended family!  I’ve ended up giving advice on Zoom / Skype meetings for school governors in Liverpool and helping a nephew build his first gaming PC (all socially distanced of course!).

    Whilst family quizzes on Zoom and Skype sessions with grandparents have been essential for beating the boredom and retaining a degree of contact, they are also just two of the things which might be impacting on business remote access.  Are those family calls routing across a corporate connection as somebody forgot to disconnect their VPN into the office?  Visibility at protocol level can help identify gremlins such as retransmission timeouts and zero windows.  Likewise, analysis can help identify traffic destinations – if we don’t use Zoom in the business, why is it transiting my network?  A combination of these metrics can also aid help desks who, by default, now troubleshoot home broadband connections.  Is a user’s poor virtual desktop or application experience down to an issue in the datacentre or because they are competing for bandwidth with Netflix, Disney+ and Fortnite on their home WiFi?

    Utilisation Metrics can provide critical information on capacity and associated bottlenecks.  If more capacity is needed, then you have hard facts to backup a business case for an upgrade.  On the other hand, if things are running smoothly, you can provide information to management to show previous investment has been money well spent and any considerations of reducing bandwidth to save money would impact on productivity.

    Another impact of the current business climate is that budgets are being scrutinised more then ever now, so any new IT project must offer the highest amount of value to the business.  Thus, a platform such as ExtraHop Reveal(x), which builds on ExtraHop’s experience in Performance Analytics but adds industry leading Security Detection and Response becomes much more attractive.

    The rush to home working in the UK led to a shortage of laptops and PCs.  To stay productive, some staff have been using their own home computing equipment.  Home networks and PCs are notorious for being a security nightmare, with unpatched routers, unsupported OSes, outdated AV and the like.  It is more important then ever to watch the activities of these devices when they are connected to a corporate Network.

    VPN policies may have been relaxed but even so, some events represent actionable findings.  If a member of UK staff connects to the VPN from a North American IP address, are they perhaps using a commercial VPN service to access a US streaming service which has geo-location restrictions?  Or is it an attacker making use of compromised credentials?  Similarly, should a user be connected to the VPN from two different countries at the same time?

    Further insight into Network traffic, obtained through Reveal(x)’s ability to decode over 50 Enterprise protocols, can also enhance Network Security.  If there is a sudden spike in Active Directory accounts being locked out, is this a sign of a brute force attack in progress?  By linking Security Detections, Reveal(x) can present alerts using the MITRE ATT&CK framework, enabling a responder to understand if the lockouts are user error or part of a more dangerous attack.

    In summary, ExtraHop Reveal(x) can play an important part in assisting businesses to cope with the “new normal”.  Reveal(x) can help Operation and Security teams gain valuable insight into their Domains, with a wide range of off-the-shelf and custom integrations ensuring it is not just another siloed tool.  Take a look at ExtraHop’s Datasheet to find out tips for ensuring the availability and securing of remote access.

    Chris Booth

    Chris Booth

    Solutions Architect

    Listens to your problems, then identifies the best tools and products to build solutions.

    Call us today on 01782 752 369
    KedronUK, Kern House, Stone Business Park, Stone, Staffordshire ST15 0TL

    Who monitors the monitoring and manages the management?

    Who monitors the monitoring and manages the management?

    Chris Booth, Solution Architect at KedronUK, considers how organisations and enterprises can get the most out of their Network Monitoring/Management System.

    As an enterprise management consultancy, we might be biased, but we believe that for large or enterprise-size organisations, network monitoring is critical. A Network Management/Monitoring System (NMS) needs to provide functions such as pro-active altering, metrics to aid troubleshooting (e.g. root cause analysis), configuration management and reporting. When considering what tool to purchase, important factors such as functionality, cost and scalability will often drive the decision-making process.

    However, it is important to also consider who will monitor and manage the NMS. This could be in the form of general administration and day-to-day support to ensure it is available and performing as expected. There is little point in having an NMS which isn’t working properly and thus unable to deliver timely alerts about infrastructure problems – the initial investment in the NMS has effectively been wasted. 

    The NMS might also have some form of High Availability (HA), so data replication and integrity need to be monitored so that it can correctly fail-over to an alternative DC when needed. On a more irregular basis, this could be upgraded to the NMS and it’s supporting infrastructure (e.g. an SQL database back-end). To answer the title of this post, the answer is KedronUK’s Technical Team. 

    We monitor and manage the NMS for a number of our customers, removing this workload from the IT operations team and making use of our extensive product knowledge. 

    We know that to ensure a smooth upgrade, a particular version upgrade needs to be staged via an intermediate point release. In fact, we monitor the products we provide to our customers with the same products! Each service/support package is bespoke to the customer’s requirements, but typically includes system governance and our Technical Team holding regular calls to offer advice on best practice or to discuss any open support tickets. A contracted package from KedronUK helps fix the TCO and maximise the ROI for the NMS.

    The quality of the data in the NMS can also become a challenge. When multiple team members can add, edit or remove devices, the adherence to standards can become somewhat variable. For instance, when a new network switch is on-boarded, is it named correctly and tagged with a location to help identify the datacentre, rack or office location? 

    In response to this, KedronUK has developed a bespoke web portal which integrates with the NMS tools we offer such as Infosim StableNet and SolarWinds. The portal provides data validation rules and drop-down choices to remove free-form text input and the impact that has on the data. Role-Based Access Control (RBAC) is also supported, allowing a junior team member to onboard but not delete devices. Thus, administrative tasks can be controlled, ensuring the NMS data is meeting the defined standards.

    For more information, contact us here.

     

    Chris Booth, Solution Architect at KedronUK, considers how organisations and enterprises can get the most out of their Network Monitoring/Management System.

    As an enterprise management consultancy, we might be biased, but we believe that for large or enterprise-size organisations, network monitoring is critical. A Network Management/Monitoring System (NMS) needs to provide functions such as pro-active altering, metrics to aid troubleshooting (e.g. root cause analysis), configuration management and reporting. When considering what tool to purchase, important factors such as functionality, cost and scalability will often drive the decision-making process.

    However, it is important to also consider who will monitor and manage the NMS. This could be in the form of general administration and day-to-day support to ensure it is available and performing as expected. There is little point in having an NMS which isn’t working properly and thus unable to deliver timely alerts about infrastructure problems – the initial investment in the NMS has effectively been wasted. 

    The NMS might also have some form of High Availability (HA), so data replication and integrity need to be monitored so that it can correctly fail-over to an alternative DC when needed. On a more irregular basis, this could be upgraded to the NMS and it’s supporting infrastructure (e.g. an SQL database back-end). To answer the title of this post, the answer is KedronUK’s Technical Team. 

    We monitor and manage the NMS for a number of our customers, removing this workload from the IT operations team and making use of our extensive product knowledge. 

    We know that to ensure a smooth upgrade, a particular version upgrade needs to be staged via an intermediate point release. In fact, we monitor the products we provide to our customers with the same products! Each service/support package is bespoke to the customer’s requirements, but typically includes system governance and our Technical Team holding regular calls to offer advice on best practice or to discuss any open support tickets. A contracted package from KedronUK helps fix the TCO and maximise the ROI for the NMS.

    The quality of the data in the NMS can also become a challenge. When multiple team members can add, edit or remove devices, the adherence to standards can become somewhat variable. For instance, when a new network switch is on-boarded, is it named correctly and tagged with a location to help identify the datacentre, rack or office location? 

    In response to this, KedronUK has developed a bespoke web portal which integrates with the NMS tools we offer such as Infosim StableNet and SolarWinds. The portal provides data validation rules and drop-down choices to remove free-form text input and the impact that has on the data. Role-Based Access Control (RBAC) is also supported, allowing a junior team member to onboard but not delete devices. Thus, administrative tasks can be controlled, ensuring the NMS data is meeting the defined standards.

    For more information, contact us here.

     

    Chris Booth

    Chris Booth

    Solutions Architect

    Listens to your problems, then identifies the best tools and products to build solutions.

    Call us today on 01782 752 369
    KedronUK, Kern House, Stone Business Park, Stone, Staffordshire ST15 0TL