WhatsUp Gold: Daily Network Monitor Blog

Network Monitoring News

By Dave Juitt

Microsoft announced in their security bulletin for November that a vulnerability in SChannel could allow remote code execution, nicknamed WinShock (CVE-2014-6321). The Microsoft Secure Channel (Schannel) is the security package that implements SSL/TLS in all supported versions of Windows server and client operating systems. The vulnerability could allow remote code execution if an attacker sends specially crafted packets to a Windows server. It has an overall CVSS severity rating of HIGH with a exploitability rating of 1.  


Ipswitch immediately assessed all of its products as soon as we became aware of the vulnerability. Many Ipswitch products rely on Microsoft Windows Schannel security provider for secure communications. To protect against this vulnerability, it is recommended that all customers apply the November 2014 patches to all Windows servers and clients running Ipswitch products. The November patches also include other critical security fixes, including another remote code execution vulnerability (MS14-064), so please install all of the updates.

Please find specific instructions in this Ipswitch Knowledgebase article. As always it’s recommended that you test updates and carefully monitor the production system after making any changes.

If you have additional questions, please contact your Ipswitch account manager or preferred reseller.


By Jason Williams

Yesterday we announced that we are providing systems administrators and IT teams with free tools to monitor application availability and performance for Microsoft™ Active Directory, Exchange, IIS and SQL Server applications. Systems administrators thrive in an open source world. These free tools are powerful, yet designed to be as easy to download and use as apps from the Apple or Google app store.  free

The four free application performance monitoring (APM) tools will pinpoint problems stemming from Microsoft IIS, Active Directory, SQL and Exchange.  Sysadmins can use these tools to help solve the problem they are currently having with these popular applications.

Ipswitch Free Tools that monitor availability and performance in Microsoft environments include:

Simple Solutions for Complex IT Problems

For organizations that need more robust monitoring solutions, Ipswitch WhatsUp Gold™ network and server availability monitoring software empowers IT teams in to improve the performance and availability of their complex IT infrastructure. Ipswitch WhatsUp Gold allows IT teams to gain the visibility and intelligence they need to solve problems on their networks, applications, and servers before end users experience problems.

By Azmi Jafarey

The evaluations are complete and the decision has been made, a move to the cloud is in the best interest of your organization. Transferring workloads to the cloud in order to free up or discard costly on-premise resources for the fast deployment and flexibility of an elastic environment has overwhelming appeal, but now what? Despite the many advantages of a cloud environment there are still pitfalls that need to be navigated in order to ensure a positive engagement and user experience. To that end, I would offer two pieces of advice to colleagues looking to transform their organization from a strictly on-premise environment to a cloud user.  dddd

First, pick the right provider. While this may seem like an obvious and simplistic statement, I can’t begin to stress how important this is and caution how many cloud transfers have met their untimely demise due to a less than adequate partner. When evaluating service providers there are certain non-negotiable items you must account for. Chief among them are security, reliability and responsiveness. Like it or not, there is an element of control you are ceding in this relationship and top-notch support and trust are paramount. You want a secure, integrated, centrally managed and easy-to-use environment with service level agreements (SLAs) that commit to minimum standards of availability and performance, especially at peak demand. Timely responses to change requests, backup needs and security patches are also key considerations.

Second, choose the right workloads. The cloud can be a powerful and efficient tool for your business, but it does not mean that every application is best suited to reside in a cloud environment. When developing your integration strategy keep in mind that low to medium security workloads, those without stringent latency requirements, and where the workload is elastic with variable traffic will work well.  Some workloads need data to be frequently pulled in-house for use by other systems and are perhaps best left in-house.  High-security and compliance monitoring needs are also more suited for on-premise use.  Keep integration requirements in mind as some workloads that are tied to proprietary hardware are also not good candidates for public clouds but may be fine for a private or hybrid environment.

The cloud can transform your organization if you manage it correctly, but it takes due diligence on your part to ensure that the move goes as planned. By doing your research ahead of time and developing a list of key considerations for your business, you can ensure that the process will be both smooth and successful.



By Tracy Corbo

In July of this year, Enterprise Management Associates published a landscape review entitled EMA Enterprise Network Availability Monitoring Systems (ENAMS) Radar Report 2014.  A blog post written by my colleague Jim Frey on the EMA site reviews the scope and objectives of the report.  The study covered Ipswitch WhatsUp Gold version 16, along with sixteen other ENAMS from fifteen other vendors. Picture1

In EMA’s view, Ipswitch WhatsUp Gold is a well-known, established product with a history that spans more than two decades and that has been especially popular among the small-medium enterprises. Over the past several years, Ipswitch has substantially enhanced the WhatsUp Gold solution suite to address an expanded range of network management functions including flow monitoring, configuration, mapping, and IP address management. And while Ipswitch WhatsUp Gold remains at its core a network management solution, the broader suite now covers other managed domains as well, including virtual servers, VoIP, logs, and application monitoring.

Some of the areas where Ipswitch WhatsUp Gold stood out among its peers within our study included:

  • Single pane of glass – This is especially critical in small/medium enterprise environments where less is more. Network managers need one “go to” screen that provides information on the current state of the network and alerts them to problems before they reach critical mass. Ipswitch WhatsUp Gold has been designed to do this by bringing together a broad range of management information into intuitive, informative consoles and dashboards.
  • Customizable dashboards –The expansion of Ipswitch WhatsUp Gold to support monitoring of other IT domains makes it an ideal cross team monitoring platform – a point validated by our conversations with current Ipswitch WhatsUp Gold users during the course of our study. When a product is being used for cross platform monitoring, it becomes necessary to be able to create custom views for various teams, such as server administrators or VoIP managers versus network operators. Within Ipswitch WhatsUp Gold, dashboards can be easily defined and adjusted to meet the individual needs of technical and non-technical personnel. WhatsUp Gold users called this out specifically as being a capability that they found to be highly valuable.
  • Cost advantage – EMA analysis indicated that Ipswitch WhatsUp Gold product licensing and maintenance costs are very competitive, particularly as smaller managed environments grow. The simplicity of the Ipswitch WhatsUp Gold licensing model contributes favorably towards keeping costs scalable.

While the ENAMS market sector must be considered mature, that does not mean the technology is any less relevant today than it was ten or twenty years ago. If anything, the criticality of the network as part of the core business infrastructure has made network health an imperative across organizations of all sizes.

Small/medium enterprises are growing at a much faster rate than their large enterprise counterparts, and need solid, cost-effective choices for network management that fit between “free” open source tools at one end of the spectrum complex and costly full blown enterprise solutions at the other end. Ipswitch WhatsUp Gold has been designed specifically for this purpose.

— Guest blog by Tracy Corbo, Principal Research Analyst, Enterprise Management Associates





By Megan Assarrane

Network management zombiesThere are all kinds of potential IT emergencies out there that we should always be prepared for, network outages, system failures and data breaches come to mind as examples. However, there is another phenomenon that is starting to creep its way into enterprise networks: the zombie apocalypse. While it may sound like the plot of a B-level, made-for-cable Halloween movie, Network Zombies have quickly asserted themselves as the most troublesome nemesis to the modern-day IT administrator. They are dangerous and unpredictable, and without the right approach these zombies can cause downtime and lost productivity. However by adopting an approach that generates greater levels of network visibility, IT departments can effectively neutralize zombie problems once and for all.

Here’s a three step survival guide, of sorts, for conquering a potential network zombie apocalypse:

Step 1: In Order to Kill Network Zombies, You Have to Find the Root of the Outbreak

Is the zombie in the application itself, a database or the web server? Or is it a network issue? The only trace evidence network zombies leave behind is captured in event logs, often buried in large volumes of hard-to-connect data. The root cause can be hidden almost anywhere because most business applications are complex environments that interact with multiple resources, such as databases, web servers, directory services and the network itself. An Application Performance Monitoring (APM) solution that lets administrators link all application dependencies can eradicate a zombie. In this environment, targeted, real-time monitoring immediately sets administrators – aka modern day zombie hunters – on the right, easily understandable diagnostic path to hunt down the zombies causing the problems.

Step 2: In the Comic Books and Movies, a Swift Headshot is All That’s Required to Eradicate Zombies; However in the IT World, Application Profiles are the Greatest Weapons.

Application profiles define how an application is monitored and what actions should be taken when an application or one of its components fails. The most useful APMs not only include application profiles, they also define complex relationships and dependencies – from simple n-tier applications to large server farms and even complete IT services. The profile ensures that administrators – again, zombie hunters – have increased visibility into the status of any component or the entire service. The resulting comprehensive service monitoring profile is the foundation for fast, accurate zombie eradication.

Step 3: Protect Yourself for Future Invasions by Setting Zombie Traps

Once you’ve identified the zombies and rooted out the cause of infection, system administrators can use APMs to create multi-step action zombie traps to more efficiently address future invasions. Admins can also set zombie traps at the service, application and component level: event logging, real-time alerts and PowerShell self-healing scripts such as reboot and service restart. Dependency-aware application profiles enable coordinated multi-tier zombie traps to ensure optimal performance of complex applications and IT services.

Mitigating a zombie outbreak and limiting the damage to just a few poor network brains, opposed to a full on zombie apocalypse should be priority number one for all network administrators. By applying the lessons learned in this guide, admins can streamline the process of hunting and trapping zombies, turning hours of exhausting, tedious work into a few highly-productive minutes.

Check out our whitepaper entitled “Are Zombies Eating the Brains of Your Network?” where we explain how you kill those network zombies once and for all.

Zombies Network


By Megan Assarrane

Halloween may last one day, but network managers have to face IT nightmares that haunt them all year long. Nightmares like those caused by users exercising poor judgment. In some ways, they’re not much different from the folks you see in horror films who always make the worst decision possible. Case in point is Geico’s Halloween-themed commercial running on American TV this month. The piece depicts four friends running through fields, at night. They come upon a creepy farm house, and decide to hide behind… chainsaws.

The horror movie drama encapsulates the actions of the typical network user too. At the moment of choice users often make the decision that creates a nightmare scenario for network managers and admins, it’s what they do. Imagine the daily scenarios that play out across organizations every day, including clicking on false advertising links and inadvertently downloading malware or sending private documents like medical records through unauthorized applications like Dropbox.

Network nightmares have become the expectation for IT departments as they battle the demons, ghosts and goblins that traverse the organizations infrastructure on a daily basis. They have come to accept the types of problems that keep them awake at night while anticipating the unspeakable network terrors that will likely face them at work the next day. When the sun comes up at the end of a horror movie it signifies that the night of terror is over and the threat has been eliminated. In the business world it’s just another day for resource limited IT departments to battle network demons.

13 Network Nightmares

Last year we introduced the 13 most common hauntings  of every server room, sadly these ghosts are as menacing as ever and have likely grown stronger over the past year with introductions of new technology into the workplace such as wearables and the heightened focus on the network due to the Internet of Things. In honor of the Halloween holiday this year, we have given our list a fresh look and perspective at what can turn your server room into your own house of horrors.

What if Zombies are Eating the Brains of Your Network?

A network zombie can be any problem on your network, servers or applications that you thought was dead but then suddenly springs back to life. (aka intermittent performance problems). These creatures appear randomly and without warning, representing the most troublesome of foes. In our latest whitepaper, we explain how an advanced Application Performance Monitoring (APM) solution helps you kill those network zombies once and for all.

  • A unified view of the complete IT infrastructure and applications
  • Application profiles that can be customized to include all dependencies
  • The option to create multi-step action policies to automatically address future instances of the same intermittent conditions


By Azmi Jafarey

smart watchOver the past few years, organizations have been forced to deal with the rapid rise of BYOD, which created a number of IT problems as more and more employees began bringing in their own devices to the workplace. Today, there is a new trend IT departments are preparing to deal with that could be more troublesome than its predecessor: Wear Your Own Device (WYOD). With the number of wearable devices steadily increasing, from Google Glass to Apple watches, it’s only a matter of time before we see a proliferation of wearables in the enterprise.

However, much like with BYOD, it would appear that businesses have yet to grasp the full implications of the situation and aren’t currently taking wearable technology seriously enough. Very few are prepared for the impact that these devices will have on security and the corporate network. Even the healthcare sector, the much hailed early adopter of wearable technology, is not sufficiently prepared for the impact of Apple throwing it’s might behind the wearable device. A recent Freedom of Information Act (FOIA) request by Ipswitch revealed that when asked specifically about managing wearable technology entering the workplace — from Google Glass to smart watches — 83% of NHS trusts admitted to having no strategy in place.

With the potential for another IT ‘crisis’ on our hands, businesses and organizations need to begin planning ahead for WYOD before it has the chance to impact network performance and security, with inevitable calls to the Help Desk. Similar to when employees began bringing their own portable devices into the workplace, the sheer volume of additional devices connecting to the network in the form of smart watches and other wearable technology is likely to put a strain on company networks and slow performance. Depending on the type of devices, available IP addresses could also be an issue for some companies.

The WYOD trend is only going to increase in popularity and it’s up to businesses to plan for the onset before it proliferates organically without guidelines. Addressing security concerns linked to these gadgets is paramount and businesses would be best served to take a proactive rather than reactive approach to building out policies/ strategies. Don’t just wait for employees to start accessing network resources through these wearable devices. Planning for network improvements and policy development needs to take place sooner rather than later.

To read more on my thoughts about WYOD, check out my recent post in WIRED: With Apple Watch, Will WYOD Wear Out Its Welcome With IT?

By Daniel Okine

Most college students in the U.S. spent a good part of this month prepping and taking their fall midterm exams, and straining their campus networks as a result. IT teams who manage the campus network, however, are tested each and every day in subjects like BYOD and network performance. With the average student carrying around at least two wireless devices, campus networks are under pressure to deliver a sustainable and consistent online experience.  campus network monitoring

Our recent survey of 313 students attending U.S. colleges and universities found that 67 percent of students had a minimum of two to four wireless devices connected to the campus network at all times. Adding to this dilemma is the constant introduction of new mobile devices and wearables like the Apple Watch.

Not only are students more connected than ever before, but they are using these devices for bandwidth hoarding activities. The survey revealed that 63 percent of students spend one to four hours a day streaming media using services like Spotify, Netflix and YouTube. It’s becoming a constant battle for campus IT between being able to provide a positive user experience and maintaining network integrity.

Given the additional pressure that new technology is bringing to the campus network and the fiscal pressures for IT to do more with less, here are three steps for network administrators to consider:

  1. Increase your level of visibility. You can’t fix problems that you don’t know exist. With network performance monitoring you can rapidly respond with real-time alerting to fix problems quickly.
  2. Watch out for wearables. College students have high expectations for being able to use their shiny new wearable or mobile device of choice, whenever and wherever they want. It’s a generation with expectations for technology that is not going to change. Campus IT teams need to adapt. Or at least prepare to do so.
  3. Know your configuration. Who knows what’s on your big sprawling campus network? You can if you are able to manage network configuration. Compare what is running on your network vs. what is authorized to do so. You can also schedule regular configuration audits and get alerted when configurations have changed.


By Daniel Okine

Today I’d like to share an excerpt and link to today’s blog about network management posted by Jim Frey from Enterprise Management Associates (EMA) . It’s a great lead-in to his firm’s recent report on Enterprise Network Availability Monitoring Systems (ENAMS). From Jim’s post:

network management

“It’s sometimes difficult to differentiate between hype and reality when it comes to topics such as cloud, ITaaS, SDN, DevOps, hybrid this and hybrid that. But there are a few certainties in the IT universe and one of them is that IT doesn’t function if all of the pieces can’t talk to one another, and that means the network needs to be rock solid. Some of that is under the control of enterprise IT teams as internal network infrastructure, but some of it isn’t, such as WAN or Internet. Because connectivity is so essential, no one questions the need for making sure the network is healthy and operational at all times, and that its role is assured in the grand scheme of IT.

This is where Enterprise Network Availability Monitoring Systems (ENAMS) come into play. ENAMS are software products that are used by network operators and managers to keep a constant watch over their networks.”  (Click here to read the rest of Jim’s post about network management).

For a free copy of the EMA Radar for Enterprise Network Availability Monitoring System (ENAMS) Report featuring Ipswitch WhatsUp Gold, please click here.


By Daniel Okine

As you’ve likely already heard on Sept 24th a new computer security threat called Shellshock was identified and entered into the National Vulnerability Database as CVE-2014-7169.

The Shellshock vulnerability does not affect any Ipswitch products.


Shellshock is a bug in the widely-used Bash shell, the Unix command-line shell that has been around for 20 years. Shellshock affects almost all Linux, UNIX, and Mac OS X operating systems and the US-CERT has given the flaw the maximum CVSS rating of 10/10/10 for severity, impact and exploitability.

Security is a top priority at Ipswitch and we assessed our products as soon as we became aware of this threat. We have since determined that all supported versions of the Ipswitch WhatsUp Gold network and server performance monitoring suite are not affected by the Shellshock bug.

We strongly recommend you follow the advisories of your respective Operating System provider.