Loading ...

Category: Monitoring

RMM Automation: Synology Resource Monitoring

As our business continues to focus on providing white labeled Tier 3 IT support services, RMM as a service, and co-managed IT services this blog will be highlighting tips for Synology resource monitoring. We have developed best practices for alerting on a Synology device for resources like CPU, Memory, and Disk Usage. When these Synology resource monitoring alerts are consistently triggered it show that the device is over utilized or if they remain triggered for long periods of time then it shows there is an issue on the device itself. We also setup weekly Storage Reports to get an accurate view of the changes and growth going on with client storage.

Setup Notifications

Make sure that Notifications are setup on the Synology first

  1. Open Control Panel
  2. Click on Notifications
    • Check enable email notifications
    • Choose Service Provider
    • Login to Gmail or use Custom SMTP server for Office 365 as the sender
    • Change Subject to indicate name of device
    • Add recipient email (Best to use one that ties into a PSA or RMM)
    • Click Apply
    • Send a Test Email

Setup Synology Resource Monitoring

  1. Open Resource Monitor app
    1. Click on Performance Alarm to the left
    2. Click on Rules tab
    3. Click Create
    4. Create the following Rules one by one
      1. Volume Critical
        1.  Select which volume [create multiple rules if more than one volume]
        2. Select Disk I/O utilization
        3. Greater than 90%
        4. Level Critical
      2. Volume Warning
        1.  Select which volume [create multiple rules if more than one volume]
        2. Select Disk I/O utilization
        3. Greater than 75%
        4. Level Warning
      3. System Memory Critical
        1. Memory Usage
        2. Greater than 90%
        3. Level Critical
      4. System Memory Warning
        1. Memory Usage
        2. Greater than 75%
        3. Level Warning
      5. System CPU Critical
        1. CPU Usage
        2. Greater than 90%
        3. Level Critical
      6. System CPU Warning
        1. CPU Usage
        2. Greater than 75%
        3. Level Warning
    5. Click Settings and check box to Enable usage history then click Save

Setup Storage Reports

  1. Open Storage Analyzer
    1. Select new location
    2. Create new shared folder named Log Files – hide from network
    3. Go back to Storage Analyzer and select new folder
    4. Set volume usage data to be collected Daily at 2am 
    5. Create report task
      1. Send to email (Best to use one that ties into a PSA)
      2. Generate reports at Monday 4am
      3. Keep 60 reports then click Next
      4. Select report items
        1. Volume Usage
        2. Shared Folders
        3. Potential Duplicate Files
        4. Large Files
        5. Least Recently Modified Files then click Next
      5. Analyze all folders then click Next
      6. Leave duplicate file defaults then click Next
      7. Click Done
    6. Close App

Once this is setup you will start getting email alerts sent to you or better yet your PSA / RMM for ticket creation and review.

If your company is a MSP or wants to become one and automation just seems out of reach, then contact us to run your RMM for you.

Zero Trust – Endpoint Security

Endpoint Security - Clackamas, OR

This is the sixth in a series about the concept of Zero Trust, which means in the IT sense that you trust nothing and always verify everything surrounding and connected to your network. Today’s discussion will be on endpoint security. 

Endpoint Security

Endpoint security is a fancy term used to describe how the computers on the network are protected. This used to be done by antivirus but due to the complexity of the attacks hackers are using to compromise networks these days, the definition has expanded greatly. This now includes things like Enhanced Detection & Response software, Security Operations Centers, DNS Filtering, employee train and more. Here are some questions that you should be asking yourself:

  • Are your endpoints protected by antivirus or enhanced detection & response?
  • Is website traffic being monitored? Restricted?
  • Are your employees being trained in cyber security?
  • Are computer logs being monitored for malicious activity?
  • Would unusual or suspicious activity on a computer be noticed? Alerted on?
  • Do you have security permissions set on all file shares?
  • Do you have least privileged access configured on those shares?
  • Do you keep track of what software is installed on all workstations?
  • Do you block access to unauthorized software?
  • Are files encrypted on servers and workstations?
  • Are your mobile devices managed? Can you wipe them remotely?
  • Are USB ports blocking removeable storage devices?
  • Are endpoints set to automatically log-out?

If your company is going to use full disk encryption or has compliance requirements that you need consulting for, then contact us for assistance.

Change is HERE! for Farmhouse Networking

As we work on finishing our 5th year in business, Farmhouse Networking continues to enhance its offering to our clients and improve the way we do business. Each one of these changes is carefully researched and painstakingly implemented to make sure that impact on end-user experience is minimally invasive. Here is a list of the major changes taking place now:

What Changes?

New Customer Documentation: We have been using a new document management system to securely store information about our clients networks, create standard operating procedures on how we specifically care for individual clients, and keep track of passwords for all the things that need securing. This will keep our staff and backup techs apprised of all our customers equipment and standard operating procedures so that things get done right. 

New Maintenance Software: After much market research to improve our current system of auto-magically maintaining customers computers, we found something better. It took some negotiations with them but we got the price down to close to the same, so there will be no increase in price. Just better software to serve our customers with. We can now monitor more of the network and in a deeper way so that there is even less possibility of downtime due to computer issues. 

New Employee: You read that right. Farmhouse Networking has officially contracted with our first employee. The work load has finally reached the point where occasional help from my family is just not enough. Peter deGreyt will start work on Monday, November 11th, 2019. He has previously worked for another local managed service provider and graduated from Southern Oregon University with a degree in business analytics. His first contact with many of you will likely be to input customer information into our new document management system. 

If your company is interested in working with a company that takes IT seriously, then contact us for assistance.

Celebrating 3 Years of Serving Grants Pass

3 years in business

It is official – the month of September marks three years in business for Farmhouse Networking. We have been truly blessed by God to have been able to serve the Grants Pass and surrounding business communities by providing exceptional IT managed services. We look forward to many more years of giving you the highest level of support possible so that you can focus on getting business done. With this anniversary we plan on rolling out some enhancements to our monthly service offerings:

Enhanced Monthly Maintenance


Standard Maintenance: For those who are not current managed clients, these basics have always been a part of our service offering:

  • 5-year Technology Plan & Budget
  • Full Network Inventory
  • Hard Disk Checkups (Bi-Monthly)
  • Hard Disk Defragmentation (Monthly)
  • Temporary File Cleaning (Weekly)
  • Anti-Virus Software (Constant Monitoring)
  • Operating System Updates (Weekly)
  • Error Log Monitoring (Constant Monitoring)
  • Power Settings Management (Constant Monitoring)
  • Windows Services (Constant Monitoring)

Continued Improvements: Over the past 3 years we have also added the following features to our service at no additional costs:

  • Ticketing System Portal
  • Email Support to Create Tickets
  • Security Incident Response Plan
  • Vendor Information Tracking
  • Third-Party Software Updates (Monthly on Firefox, Chrome, Acrobat Reader, ….)
  • Email Blacklist Checking (Daily)
  • Warranty Checking (Monthly on All Major Brands)
  • Operating System Intrusion Detection (Constant Monitoring)
  • Support for MacOS & Linux (Constant Monitoring)
  • Server Applications (Constant Monitoring)
  • Hardware Events (Constant Monitoring)

Enhancements to Come: In September, we will be adding these new exciting features to our service:

  • DNS filtering – this will further protect your network from external threats by stopping accidental surfing to malicious sites. It also can increase productivity and network speeds by limiting wasteful frivolous surfing during company time.
  • Dark Web Scan – Each monthly client will have the “Dark Web” scanned to see if any email addresses connected to the company have been involved in a previous password breach.
  • Weekly Security Newsletter – Farmhouse Networking is partnering with a national security non-profit to deliver up-to-date news and information about how to stay safe online. These weekly newsletters will be packed with valuable information and delivered to everyone in your organization.

As our service offering has expanded, we have deepened our ability to monitor our customers networks to proactively respond to alerts before they become problems. We have continued to add levels of protection to make sure that our clients systems are safe from the ever-expanding list of threats. All this has been done at no additional cost, despite inflation, up to this point. To continue offering this high level of service, Farmhouse Networking is making a couple small changes to its prices that will be effective September 1st, 2018.

  • Monthly Maintenance Clients – our services are based on a per device basis and the cost per workstation will be $25 per month for remote maintenance and $50 per month for full service maintenance. All other prices will remain the same for every other device on the network. This will only effect clients whose contracts are renewing after September 1st, 2018 – any renewed before that will keep their prices the same for the next 12-month term.
  • Small Business Clients – those who do not have a server and have less than 5 workstations, our hourly rate will be $80 per hour for on-site service and $40 per hour for remote service (billed in 15-minute increments). That is only $10 more for on-site support and $5 more for remote support.
  • Standard to Medium Clients – those with a server or more than 5 workstations, our hourly rate will be $120 per hour for on-site service and $60 per hour for remote service (billed in 15-minute increments). That is only $10 more for on-site support and $5 more for remote support.
  • Tier-3 Clients – those technology companies that utilize our advanced expertise to better serve their clients, our hourly rate will be $40 per hour for remote service (billed in 15-minute increments). That is only $5 more for remote support.
  • Charity Clients – those non-profits that pay for support, our hourly rate will remain at $70 per hour for on-site service and $35 per hour for remote service (billed in 15-minute increments).

For all our monthly maintenance clients, we will be calling to schedule our semi-annual meeting to check-in with you during the month of September. At that time we will be performing another network inventory to insure that all network assets are covered properly under your current contract. We cannot thank all our clients enough for your continued use of our IT services. We look forward to continuing to serve you.

Know the state of your flocks,
and put your heart into caring for your herds,
for riches don’t last forever,
and the crown might not be passed to the next generation.
After the hay is harvested and the new crop appears
and the mountain grasses are gathered in,
your sheep will provide wool for clothing,
and your goats will provide the price of a field.
And you will have enough goats’ milk for yourself,
your family, and your servant girls.
Proverbs 27:23-27

Now Featuring: third-party software updates

third-party software update

In a continuing effort to offer the best remote monitoring & maintenance available and to enhance the security of our clients even more, we are now offering updates to several of the most popular third-party software packages. This is in addition to the Windows patching, system health checks, system maintenance, managed antivirus (included for free), and website blacklist monitoring that now come standard with our remote monitoring & maintenance service. Here is a summation:

Third-Party Software Updates

Google Chrome: web browser made by Google.

Firefox: web browser made by the Mozilla Foundation.

CCleaner: system cleaning utility (now owned by AVG).

Adobe Acrobat Reader: PDF viewer made by Adobe.

Adobe Flash Player: website animation plugin made by Adobe.

Java Runtime: website programming plugin made by Oracle.

There is a long list of other software that we can update for you automatically, but have chosen these in particular to update as they are the most likely to be exploited and least likely to be updated regularly.

If your company has software that needs to be automatically updated or would like to sign-up for remote monitoring and maintenance, then contact us for assistance.

DNS Filtering for Security & Productivity

DNS filteringAny Human Resources department manager will attest to the need for an Acceptable Use Policy as part of the Employee Handbook. It should clearly state the proper use of business-owned workstations and what traffic is allowed on the company network. Monitoring this policy is next to impossible for small businesses, yet ignoring it leads to infections, security breaches, and huge losses to the bottom line by wasted employee productivity. How does a company stay safe from the big, bad Internet?

Policy Creation

This may sound boring, but before any monitoring and enforcement can take place legally, there must be a clearly defined policy in place with consequences for violations. This policy must be signed by each employee. Only when signed policies are in each employee’s file, can measures can be taken to monitor and enforce the new written policy.

No Administrator Access

There is no reason for the average employee to need Administrator access to a workstation once it is setup properly for business use. Most employees do not need to install any software or make any major setting changes without first consulting management and/or network support personnel. Software and operating system updates should also be handled by network support personnel or by an automated process. Installation of additional hardware should be cleared with management and implemented by network support personnel. Workstations are a company-owned tool to be used by the employee only for the best interests of the company, not for personal file storage or entertainment purposes.

DNS Filtering

The Internet is an invaluable tool for business purposes. There are, however, many threats out there, and the common user has no idea how to avoid them. There are also innumerable distractions ranging from time wasters to those that are downright illegal. DNS Filtering inspects every internet request against a database of known sites and blocks bad traffic before it goes anywhere on the internet. This keeps your internal network assets safe from malicious sites and content that is inappropriate for business or bad for productivity. This is accomplished without interrupting or slowing down the normal flow of good traffic around the Internet.

If your company is looking to add layers of security to your network or increase productivity by limiting Internet time wasters, then contact us for assistance.

Nagios Core SNMP Monitoring APC UPS

God has recently lead me to do some charity volunteer work for a worldwide organization and their IT department. My first project was to untangle their Nagios Core system and then take over the administration of that server and the monitoring of the rest of the network. Part of this volunteer work took place yesterday with deep dive into the Nagios framework, Linux and SNMP to allow monitoring APC UPS devices.

Initial Trip Off Course

My initial thought was not to re-invent the wheel and head to the Nagios Exchange to find a pre-made project that would elegantly provide monitoring APC UPS devices. I found the check_apcupsd project which looked simple and had a great screenshot. Little did I know what I was getting into. Turns out there are a couple undocumented dependencies for this including apcupsd itself and an undocumented connection to port 3551 which I could not find inside the portal page for the SMART-UPS 1500 network management card. After a couple hours of frustration I abandoned this and removed all linux packages associated with it.

Trip Down SNMP lane

After looking over other projects at the Nagios Exchange, I decided to research using SNMP to provide monitoring APC UPS devices. This lead me to an article by Mihai Radoveanu which provided the detailed steps to create monitoring APC UPS devices in Nagios Core. He details editing the command.cfg file to add the check_snmp and his own check_snmp_inverter to list of commands. (Please note that the check_snmp_inverter.sh file will need to be edited to Change the Home variable to point to the Nagios Core plugins directory) He details creating host templates, host groups, adding a separate configuration file to the main file which includes hosts and services. I prefer the more standards based approach to creating individual host files, adding them to a host group and then creating a service file that points to the host group. Made these changes to the Nagios Core framework and confirmed my configuration before making the changes live.

APC Changes Needed

Finally came the changes to the APC UPS network management card configuration:

Monitoring APC UPS - Main Page

  1. Login to the network management card webpage, click on Configuration > Network > SNMPv1 > Access then check the box next to Enable and click on Apply.Monitoring APC UPS - Configure SNMP
  2. Click on Configuration > Network > SNMPv1 > Access Control then click on a community name then type in the network SNMP community name and the IP address of the Nagios Core server. It will only need Read permissions. Click on Apply.Monitoring APC UPS - Configure SNMP Access

That is all that is needed. This introduction to the Nagios Core framework later allowed me to setup SNMP monitoring for the High Availability link ports between their Sonicwall 4600 devices.

If you are looking for expert monitoring of your network systems by highly trained technicians, then contact us for assistance.

Archives

Categories

Plant a Seed @ 541-761-9549
233 Rogue River Hwy #873 Grants Pass, OR 97527
Mon-Fri: 9:00am-5:00pm
support@farmhousenetworking.com
© 2016-2023- Farmhouse Networking. All rights reserved
Terms and Conditions Privacy Policy

Evaluation Signup

[contact-form-7 id="452" title="Free Network Evaluation"]