WhitePaper Avanade ViewX Technology Avanade s Unified Communication and Collaboration Managed Services technology platform is made up of two parts: ViewX for monitoring, alerting, reporting and visualization, and SecureX for management and remediation. This whitepaper details ViewX. For more information on SecureX, please consult the SecureX whitepaper. 2013 Avanade Inc. All rights reserved.
Introduction In today s round-the-clock business environment, IT staffs are often stretched thin, with much of their time spent on the routine maintenance of enterprise-class communication systems like Microsoft Lync, Exchange and SharePoint. Avanade s unique monitoring and management technology was developed to provide a better messaging, collaboration and unified communications solution at a lower cost, so IT professionals can refocus on activities that support more strategic business initiatives. ViewX enables Avanade to collect tens of millions of data points per day from thousands of customer servers deployed around the world. This data is analyzed by patented technology to detect anomalies and predict failures in complex unified communications and collaboration systems such as Microsoft Exchange, Lync and SharePoint as well as their core dependencies (e.g., Windows Server, Active Directory, Load Balancers, Direct Attached Storage, Storage Area Networks, and Network Switches). Avanade NOC engineers use ViewX to identify potential issues and to monitor and report on system health, giving customers a clear view of their system s operation. This same data is used to report on performance, utilization and trending to help customers plan for the future. How it works Avanade s patented ViewX technology offers a unique and cutting-edge approach to data collection and predictive analysis. The following overview illustrates how the system comes together to work for the customer. Step 1: Deployment First, an Avanade engineer runs a patented Avanade application on the servers in the customer s datacenter to detect what monitoring packages are required based each server s configuration. They then install the monitoring service (a Windows service) and a set of applicationspecific packages on the appropriate servers. These packages collect system data using various public APIs and protocols such as PowerShell, PerfMon and WMI, as well as many custom data providers, and send that data to Avanade. Most ViewX deployments may be executed remotely from the Avanade NOC, while some of the larger and more complex customer environments may require onsite deployment. The overall deployment process is rapid and non-invasive and leaves a very small footprint so that Lync, Exchange and SharePoint system can continue to run with minimal disturbance to the operating environment. Step 2: Data Gathering Once the agents have been deployed, Avanade engineers execute a set of monitoring packages that tell the agents exactly what to collect (in a manner similar to anti-virus definitions files). Packages contain queries that come in two categories: some collect data about the topology and content of a system such as the layout of mailbox databases in an Exchange server while others gather performance data about the items in that topology, such as the number of bytes read per second from a particular disk drive. User or Daily packages run once a day, typically about 2 AM local time, to collect long-running and large data sets, such as the per-mailbox statistics on an Exchange server. This data is used for monthly reports and daily trend analysis. Every server has the ComputerOnly package installed as well as additional packages depending on the server s role. For instance, an Exchange package instructs the agent to collect data reflecting the health of the Exchange server, while an Active Directory package tells the agent to collect information on the domain controller. There are dozens of different packages, each running independently and at varying intervals to avoid interfering with one another. The above image represents a basic deployment for an Exchange server. 2013 Avanade Inc. All rights reserved. 1
The agents continuously ship large amounts of compressed, XML-encoded data back to Avanade on a queuing mechanism tunneled through HTTPS, so that a server with no other monitoring agents on it needs only an outbound connection to transmit the information. The connection is highly secure, meeting FIPS 140-2 encryption standards. In addition to the monitoring data collected directly from the systems, ViewX also uses a unique synthetic transaction approach that carries out an actual enduser simulation, such as sending email or initiating a voice call. This simulation creates a total end-toend scenario that is difficult to reproduce with any standard monitoring package. In the case of email, for example, ViewX sends an email outside the customer network (to a reflector server located at Avanade) and then back again. The resulting round-trip time is then measured. The results of this constant set of synthetic transactions are also bundled into the data packets being sent to Avanade and form a valuable part of the overall system performance being analyzed by the Avanade NOC teams. Step 3: Continuous Proactive Monitoring The managed service component of ViewX 24x7x365 monitoring of customer environments by experienced technicians is what sets Avanade apart and is the biggest asset for customer organizations. From the Avanade NOC, a team of Exchange, SharePoint, Lync, Active Directory and MDM professionals perform real-time analysis and interpretation of system data from a customer s environment to identify and resolve issues before they can affect availability or performance. The ViewX Case Management System ties ViewX alerts to a trouble ticket process. Avanade NOC engineers then work to track trouble tickets through to resolution. The ViewX Case Management System directly integrates with Avanade SecureX, which allows for detailed management and intervention by Avanade NOC engineers on customer systems. Security ViewX is built around a well-architected web of security, layered at the base level by Active Directory. Avanade has gone to great lengths to ensure that all aspects of the ViewX data collection, transport and storage processes are fully secure, and collect only anonymous server data, with no visibility into customer email content or other business-related data. The following groupings provide an overview of the security layers. Data Collection The customer assigns Avanade a single user account with the appropriate level of administrative permissions. This account is then used to run the Avanade Install Tools which set up the monitoring service and application-specific packages. The monitoring service subsequently runs the Avanade packages on all of the appropriate local machines. Any additional accounts required for synthetic transactions may be automatically generated. Client-side certificates are used on each machine where an agent is installed. All data is encrypted using these certificates before being sent back to Avanade. Data Transport ViewX uses Microsoft Message Queueing (MSMQ) over an HTTPS transport, packaging the ViewX data and sending it reliably between the customer premises and the Avanade NOC. The data packets are sent out over SSL port 443. Because of the use of MSMQ, the system is buffered against network delays or errors, allowing data to queue up (and never get lost) on the local machines and still be transported back to Avanade. Further, the ViewX data is unreadable while in transport because it s compressed, signed and encrypted before being sent from the customer servers. Data Storage Once received in the Avanade NOC, the ViewX data is stored in a distributed manner across two different repositories: the ViewX monitoring database and the ViewX data caching service. In all cases, the data is stored as individual packet uploads. Each of these repositories has its own individual level of security access restrictions: the basic level is AD, the next layer is security groups (SQL monitoring access), and then within those security groups there are unique ViewX security roles assigned. Finally, it s important to note that even should all of these security layers be penetrated, there is no personally identifiable information (PII) collected by ViewX across the entire data set. Connections to Avanade SecureX The ViewX Case Management System is directly integrated with SecureX, the Avanade management solution. All AD and ViewX group permissions also apply to SecureX so that only approved NOC technicians have access to the environment. All SecureX sessions are also directly logged into the appropriate ViewX case. 2013 Avanade Inc. All rights reserved. 2
Key Features & Benefits Migration Preparation Users looking to upgrade to the latest version of Exchange, SharePoint or Lync can take advantage of the monitoring capabilities of ViewX to collect data on their current down-level Microsoft installation in order to ensure a smooth, optimized deployment process. Virtualization ViewX introduces an innovative new method for monitoring the Host system (physical server) as well as the Guest (virtual) servers operating within a virtual environment. Monitoring Efficiencies Rapid alerts allow Avanade NOC technicians to identify and address issues before they cause problems with system operations. Help Desk Integration Avanade can optionally integrate ViewX alerts with customer trouble ticketing/helpdesk systems to ensure timely and systematic feedback to IT departments. Full System Monitoring Comprehensive overviews of application health and performance, including real-time analysis of Exchange queues, network topology, Active Directory, cluster resources, mail storage, direct-attached and storage area networks, and mobile devices, including BES (Blackberry Enterprise Server), and limited Windows Mobile and iphone statistics. Query Coverage Avanade is continually improving and refining its monitoring packages: new data points are added, providers for new devices or applications are developed and new rules are written regularly. Alert History Extensive alert and event logs allow ViewX users to perform rootcause analysis on any issue. This allows Avanade to clearly see what types of problems have jeopardized system availability, when they occurred and what Avanade technicians did to resolve them. Forecasting Avanade constantly monitors system data to help customers identify trends and prepare for upcoming budgeting and resource needs such as disk space growth before they develop into limitations. Task Scheduler Monitoring packages are scheduled and launched independently of the Windows Task Scheduler by the monitoring service. This ensures there is no potential conflict with customer-scheduled tasks and that all processes launched by the agent are cleaned up after run-time. Error Reporting All monitoring errors are immediately sent back to the Avanade NOC where they are reviewed by Operations and Engineering staff to quickly resolve any issues. The ViewX CIO Dashboard provides a graphical enterprise view of the health and performance of customers private cloudbased systems. This tool aggregates and distills the millions of data points gathered each day by ViewX into a single up-tothe minute view that maps the status of customer systems and key performance indicators. Transparency Avanade has developed a Customer Dashboard that provides a summary view into the status and health of all managed services. In addition, this interface can be used to access monthly reports as well as create, view and approve change control requests. The Dashboard will Provide a top-set view of dashboard metrics relating to each system being monitored Provide a location from which to access and download pre-configured PDF reports on a monthly basis Provide views of top Severity 1 alerts relating to the system being worked at any given moment by the Avanade NOC Allow access to topline systems info either from the office or a mobile device 2013 Avanade Inc. All rights reserved. 3
System Requirements Operating Systems Windows Server 2003 (x86 or x64) Standard and Enterprise; Windows Server 2008 Standard, Enterprise and Datacenter; and Windows Server 2008 R2 Standard, Enterprise and Datacenter. Server Pre-requisites Minimum 2 cores;.net Version 3.5 SP1; Microsoft Message Queuing (MSMQ), non-ad integrated; Windows PowerShell 2.0 Memory Usage 100 MB Certificates Avanade-issued SSL certificates ensure that customer data is coming from said customer and is secure during transport. Permissions ViewX runs under the LocalSystem account. Accounts that are used to run individual monitoring packages must have Logon as a Batch Job persmissions and are started by the ViewX Monitoring Service as child processes CPU Most queries are not computationally expensive, using on average 4% processor time, although they can spike for very brief periods to 100% of a single core. Since ViewX s performance is highly dependent on a properly configured server and servers that are underprovisioned for their role may see degraded performance due to agents contending for limited resources Avanade proactively assesses all servers at deployment to prevent potential issues. About Avanade Avanade provides business technology solutions and managed services that connect insight, innovation and expertise in Microsoft technologies to help customers realize results. Our people have helped thousands of organizations in all industries improve business agility, employee productivity and customer loyalty. Additional information can be found at www.avanade.com. 2013 Avanade Inc. All rights reserved. The Avanade name and logo are registered trademarks in the US and other countries. Other brand and product names are trademarks of their of their respective owners. North America Seattle Phone +1 206 239 5600 America@avanade.com South America Sao Paulo Phone +55 (11) 5188 3000 LatinAmerica@avanade.com Africa Pretoria Phone +27 12 622 4400 SouthAfrica@avanade.com Asia-Pacific Singapore Phone +65 6592 2133 AsiaPac@avanade.com Europe London Phone +44 0 20 7025 1000 Europe@avanade.com