Ensuring maximum server uptime is one of the most
challenging tasks for any IT department. The LANDesk Server Manager is an
application just for this job. It can constantly monitor all servers in your
data center and provide details about their health in real time. It also
provides management capabilities such as remote deployment of
OSs
, patches and applications. It can automatically detect all devices present on
your network and sort them into categories like computers, printers,
infrastructure etc.
To start monitoring and managing servers, you need to
install client agents on each. For deploying patches and custom scripts to the
remote servers, LANDesk does this through a push client. The OS deployment (OSD)
feature provides PXE-based deployment to deploy OS images to devices on your
network. This allows you to deploy images on devices with empty hard drives or
unusable
OSs
. This can be very useful for initial provisioning of new devices or when
re-imaging a corrupt device. LANDesk Server Manager comes with an application
called Server Manager Dashboard, which does the real time monitoring of all
servers. The dashboard runs in a browser window and displays real-time
information about each server's current health status through live graphs.
While digging deeper into details, it shows you all real time processes and
services running on the system, hard disk space available, memory used, logs and
some other details.
|
LANDesk Server Manager also provides real time alerts to
administrators if a problem strikes. It can be configured to issue an alert
incase of hardware failure/change. It can notify users through e-mail or a web
page. It can also be configured to send an SNMP trap or to execute some program
on the server, which is showing alerts. Another useful thing in its monitoring
capabilities is Software License Monitoring. Server Manager can scan a system
for known and unknown applications running with detailed information about the
license purchase information.
LANDesk Server Manager also comes with vulnerability
scanning and patch management capabilities. It lets you automate the repetitive
processes of maintaining current vulnerability information, assessing
vulnerabilities for the various operating systems, downloading the appropriate
patch executable files, remediation vulnerabilities by deploying and installing
the necessary patches on affected devices, and verifying successful patch
installation. LANDesk comes with database of vulnerabilities which can be
automatically updated online from LANDesk's website.
With LANDesk Server Manager, you can view the health of all servers from anywhere on the network |
Server Manager provides direct one-to-one patch remediation
for every vulnerability discovered on servers. The feature of vulnerability
remediation is only available for windows. However, vulnerability scanner can be
used for linux servers. LANDesk also has centralized log management. It combines
all logs into one for easy analysis. It also maintains a history of old logs for
keeping track of server performance and in turn provides predictive failure
detection.
It also has an inventory scanner to add devices to the core
database and to collect devices' hardware and software data. The inventory
scanner runs automatically when the device is initially configured. The scanner
collects hardware and software data and enters it into the core database. After
that, the hardware scan runs each time the device is booted, but the software
scan only runs at a configured interval. Server Manager includes a reporting
tool you can use to generate a wide variety of specialized reports that provide
critical information about the managed devices on your network. By default,
LANDesk has various formats of reports mainly divided into hardware, software
and other categories. One drawback you might find in configuring LANDesk is that
at some places it won't give you any information or show you an alert.
Using Server Manager
We've carried an evaluation copy of LANDesk Server Manager on this
month's PCQ Enterprise CD. Before you start installing LANDesk Server Manager
make sure that the core server on which you are installing it, is not a domain
controller and you have support for ASP.net and a web server installed. After
the installation is done, before you start using LANDesk Server Manager, you
need to activate the core server. For this, either you need to have LANDesk ID
and password or else you can activate a 45-day eval. Once the core server has
been activated, open the LANDesk Server Manager. First thing we need to do is to
find the available server and devices in your network. Click on Device discovery
tab, and click on new tab under discovery configurations. Here, you can choose
how you want to do device discovery and provide the IP address range and subnet
mask of the network. To schedule this discovery configuration, right click on it
and click on schedule. After the device discovery has finished you can see all
discovered devices under unmanaged devices divided in to various categories.
From the list, you can choose the devices you want to monitor or manage. To do
that, right click on the device and click on Target. Note that, if the device
doesn't have a name, you need to provide a name to it before targeting. This
name is only meant for LANDesk Manager, and it doesn't actually rename the
actual device. To put these devices into manage list, click on the manage tab
and choose the option Move targeted devices into my devices list and click on
move.
Now you need to install LANDesk Server Agent on the servers
you want to monitor. To do this, click on Agent configuration, and then click on
New tab to create a new agent configuration. Then provide a name for the
configuration. Select the Agent and click on Edit to customize its default
properties. You can select which agents should be installed on the remote
server, i.e. if you want to perform vulnerability scanning, monitoring, remote
control, etc. Choose options as per your needs and click on save changes and
click on Save As File option to save this agent as an executable package with
the filename same as the configuration name you specified. By default, the
package is saved in “C:\ProgramFiles\LANDesk\ManagementSuite\ldlogon\ConfigPackages”
folder on the core server. Now you need to run this executable file on the
remote server. Once executed this file will install the agents automatically.
Its vulnerability tool can scan servers on your network for vulnerabilities and automatically patch them |
Once the agents are installed, we need to create the
monitoring rulesets to monitor these servers. For this, browse to monitoring and
create a new ruleset in the same earlier fashion. Once the ruleset is created,
click on it to edit the details. Here you can choose what things you want to
monitor in the server. For instance, if you want to monitor the free space on
your server's hard disk, then click on Drive space, and check Turn on
Monitoring for this item and give the time interval after which you want LANDesk
to check for it. You can also configure the Warning and critical threshold for
it. Similarly, you can create rulesets for Memory usage, Services, Drive failure
prediction, and various other things. Once the ruleset is created, click on
update and now to deploy this ruleset to the target devices click on Deploy
ruleset tab, choose which Monitoring ruleset you want to use and click on deploy
button.
To create a vulnerability scan task, go to the left
navigation pane, click Vulnerabilities before scanning update vulnerability
definitions. Clicking on the update and it will automatically update its
definitions from the Internet. If you wish, you can also schedule the
vulnerability and patch content update. Now, click on the scan button to make
sure the Scan group contains only those vulnerabilities that you want to scan.
If you want to remove any vulnerability from here, just right click on that
vulnerability and 'move to do not scan'. Click the Schedule security tasks
toolbar button. Provide a unique name for the scan. Next specify whether you
want the vulnerability scanner to display a progress dialog on the target
device. You can also specify whether you want a Cancel button to appear with the
scanner dialog, so that the end user has the option of canceling the scan.
Specify how you want the vulnerability scanner dialog to close when it is done
running on target devices. You can require end user input, or you can set the
dialog to close after a specified timeout period and click OK. Select the task
and set targeting and scheduling parameters, and click on Save. Similarly its
other functions can be used and configured
easily.
Swapnil Arora