Some time ago, I had the distinct pleasure of working with the SolarWinds team as they rolled out a new version of the Virtualization Manager (VMan) product. The results were published in a post entitled New SolarWinds Virtualization Manager 6.1 Creates Voltron-Like Monitoring and the experience was a lot of fun. Here it is a few months later and I get to do it all over again, this time with their Network Performance Monitor (NPM) product as it hits version 11. New to this version is Deep Packet Inspection and a Quality of Experience dashboard.

Wanna see it in action? Great! Let’s put on our magic homelab hats (you did bring your magic homelab hat, right?) and dive right in.

Up, Up, and Away

From an installation and configuration perspective, there wasn’t much to do. I already have Server and Application Monitor (SAM) installed, so I decided to install NPM into the same server and use the same back end database. Because of this, the installer wizard is ridiculously simple. Next, next, grab a coffee, finish, done.

Hey, other vendors out there: all software should be this simple to install, take notes!

If you want the full integration experience that SAM and NPM have to offer as a combined product, it makes sense to use the same database. There’s also an option to use a standalone database or install the products onto different servers, but I wanted to consolidate them both into one. Once NPM is done installing, browse to the standard home page for Orion and make sure a new Network tab has appeared.

NPM will draw upon your existing nodes and can be configured to discover and poll additional objects. I ended up adding my HP V1910 switch and all its various interfaces to NPM. If you’re not using the wizard, just head over to Settings > Node & Group Management > Manage Nodes and find your switch node (or add it). Next, click on the List Resources button in the node’s management box.

Add any interfaces that are missing.

Pretty simple. If you don’t see an interface pop up right away, it may take a minute.

Deep Packet Inspection

But what about Deep Packet Inspection (DPI)? Good question. There’s two options to get this configured. Let’s review:

Option 1 – Use a SPAN port (mirror port) to pull data from a network device.

Option 2 – Use the Windows agent to gather networking data.

It’s a bit of a bummer that you’d have to SPAN traffic into a Windows box, but given that SolarWinds doesn’t sell switches, I suppose there’s few other ways to get to the flow data. Perhaps a future version will let users deploy a stripped down Linux box / OVA, instead? Oh well, let’s move on.

Adding Nodes

I decided to test out the second option which involves deploying an agent into the Windows OS. This is rather simple to do – select the Deploy Packet Analysis Sensors for Servers link from within the Quality of Experience (QoE) wizard (shown in the previous image). A new wizard will pop up that walks you through selecting objects to monitor. I chose a pair of my Windows virtual machines named File (my file server) and SQL (my SQL database server). Alternatively, click on Settings > Node & Group Management > Manage Agents to add or configure agents.

You can then monitor the status of the deployment from the wizard page or by visiting Settings > Node & Group Management > Manage Agents. It took a minute or so for the two new agents to report a status of Connected and Agent is running.

If you don’t already have a credential saved for the servers, you can create one – either temporarily or permenantly – within the Assign Credentials option. Just make sure to choose <New Credential> in the drop down menu.

There’s also a mass deployment option available with an .MSI or .MST file for the agent. This is handy for organizations that want to bake in the software by way of System Center or Group Policy.

As a final step, you’ll need to add any QoE applications to monitor for the new servers. To do so, either use the Wizard page that was used to deploy the agent, or browse Settings > Settings (yes, twice) > QoE Settings > Manage QoE Packet Analysis Sensors. I added MS SQL and SQL Services to my VM named SQL.

A Billion Statistics

Now that I have a server with the agent installed and data flowing in from a QoE monitored application, I can begin to see how it’s doing. By navigating to Home > Quality of Experience, I can see a number of new dashboards that provide what seems like a billion statistics. Here’s some of the data points that are available to your curious fingertips:

• Application Response Time (Time to First Byte)
• Network Response Time (TCP Handshake)
• Data Volume
• Transactions
• Risk Level
• Business Related vs Social Traffic
• Category
• Various dashboards with QoE Application Statistics
• Thresholds Exceeded

Pulling It All Together

Here’s the real magic. I have three tools from SolarWinds all installed and integrated with one another: Server and Application Monitor (SAM), Network Performance Monitor (NPM), and Virtualization Manager (VMan). This means that I can see the Quality of Experience data for networking, AppInsight for deep application stats, and all of the various physical and virtual components in between. When bundled together, the amount of data I can interrogate for my SQL server is insane. And all of the various tabs (on the left) let me dive into deeper areas of the operating system, network, storage, virtualization stack, application stack, or the quality of experience.

The end result? I can safely pinpoint just about any bottleneck sitting between a user and the application, along with any issues between the application and the underlying infrastructure. No more blame games with vague “the network is slow” tickets to ponder over. Just pop into the QoE dashboard and see for yourself exactly how awesome or poorly things are going for your users. Less time spent futzing with tickets is more time spent learning new skills, improving the data center, and playing Xbox uh working hard on work things.

Licensing

One last thing – licensing! According to the documentation I received, SolarWinds NPM is licensed by the largest number of the three following element types:

• Interfaces: interfaces include switch ports, physical/virtual interfaces, VLANs
• Nodes: nodes include entire devices (routers, switches, servers, APs)
• Volumes: volumes are equal to the logical disks monitored

And here’s the packaging and pricing details.

Thoughts

It’s sad how little I was able to put into this post around NPM – it really does have a long list of features, but I don’t want to ramble on about all of them. Take one of the products, such as Virtualization Manager or Network Performance Monitor (NPM), for a test drive yourself and see what you think. I wish I had software like this available to me when I was a single sysadmin for an SMB wearing every hat. Assuming I could snag budget for it, this would really have taken a lot of burden off my day-to-day administration stress.

The QoE engine comes with unlimited licensing for 30 days so that you can set up all sorts of monitoring scenarios – just make sure to turn on the unlimited licensing trial once you’re ready to configure it. It will show up in the QoE Packet Analysis Sensors page as a trial option.