Mitigate speculative execution side-channel vulnerabilities

Seems the new year bring us some bad surprises in terms of security. There has been some rumors and now turned out to be truth that certain processors are vulnerable to certain attacks. Yes processors. That means that affects a wide variety of Operating Systems. As Microsoft puts it:

Microsoft is aware of a new publicly disclosed class of vulnerabilities referred to as “speculative execution side-channel attacks” that affect many modern processors and operating systems including Intel, AMD, and ARM. Note: this issue will affect other systems such as Android, Chrome, iOS, MacOS, so we advise customers to seek out guidance from those vendors.

Source: ADV180002 | Guidance to mitigate speculative execution side-channel vulnerabilities

Continue reading “Mitigate speculative execution side-channel vulnerabilities”

Free E-book: Inside #MSOMS v2 now available

It took us some time but we’ve managed to update the one and only free OMS book. We had plans to release it earlier but unforeseen things has happened which prevented us to do it earlier. I hope you will understand but you will still enjoy it. The other authors and me put a lot of effort to get it out along with the reviewers.

The new query language of Log Analytics is not included in the book but that should not discourage you as the content is still relevant.

Go grab Inside the Microsoft Operations Management Suite for free. Let us know if you have any feedback.

I mostly would like to thank my fiancée for being patient with me and supporting me while I was writing my chapters.

Windows Server 2012 R2 Hyper-V Component Architecture Poster and Hyper-V Mini-Posters

No detailed explanation is needed for these posters. Very useful way to study or explain a technology. Download them from here.

Testing OpsLogix Oracle Intelligent Management Pack

OpsLogix is a Microsoft System Center Alliance partner which develops innovative products for (virtual) infrastructure management. In my experience I was previously working with Oracle Intelligent Management Pack by supporting the SCOM environment of one of OpsLogix reference customers. I’ve never had issues with that MP. As being only supporting part I was not involved in implementing this MP but recently I was given this opportunity so this blog post is about my experience with OpsLogix Oracle Intelligent Management Pack.

First I want to start that instead of testing the Oracle IMP in supported scenario I’ve decided to test in unsupported environment in order to prove how good this MP is. I’ve always been enthusiast so I just I couldn’t resist. Also I want to make a notice that if you are deploying in production always use supported scenario.

Before introducing my test environment let’s first see what the architecture of the Oracle IMP is:


As we can see you just has to have one Windows node with SCOM Agent on it and ODAC.Net components installed. That node acts as a proxy and connects to all you Oracle database weather they lie on Windows OS, Unix OS or Linux OS. This architecture makes the MP very flexible which is especially important in the changes about unix an linux agents changes coming in SCOM 2012 R2. Basically it makes the MP SCOM 2012 R2 ready.

Now let’s look of how my lab looks:

· SCOM 2012 R2 Preview server that is installed on Windows Server 2012 R2 Preview.

· Oracle ODAC.Net components installed on the SCOM 2012 R2 Preview Management Server. You can install them on separate node but I’ve used my SCOM management server for simplicity. The components require .NET Framework 2.0 and are supported on Windows 2003/2008/2008R2 with x86 or x64 architecture. In production install them only on supported systems. I am sure that in the future OpsLogix will offer support for WS 2012 also.

· Windows Server 2012 (DB1) with Oracle 12c installed on it. Oracle 12c is not supported by the Oracle IMP but I’ve wanted to see if it is possible to add such database.

· Windows Server 2012 (DB2) with Oracle 11g installed on it.

After the overview of the lab we can continue with the first steps of implementing Oracle IMP.

1. First make sure you’ve installed .NET Framework 2.0 on the node that you will use as proxy. I already had it installed on my SCOM 2012 R2 Preview management server.

2. Second install SCOM agent on that same server. As my server is management server I do not need to do that.

3. Next you can proceed with installing Oracle ODAC.Net components. OpsLogix provides all components in a zip file that you can extract and then you run a simple script that install everything you need.


4. After successful installation you will see oracle folder on C:\ with all components:


5. After this procedure you can proceed with importing the OpsLogix Oracle IMP trough the SCOM console



6. You can see that you even have unsealed MP ready for overrides.


7. Everything is imported successful on SCOM 2012 R2.

8. After importing the first thing you need to do is to import your License keys in order to be able to monitor any Oracle database instance.

9. Importing is very easy you have to go to Monitoring -> OpsLogix -> OpsLogix Licensing Dashboard -> Add License.

10. After adding your license you can see all information about the license.


11. Next is to add the node(s) that will act as proxy for monitoring your Oracle database. You go to OpsLogix -> Oracle -> Oracle IMP Configuration Dashboard. The MP automatically detects all your SCOM Windows agents and lists them so you can just select the node(s) that will act as proxy and add them.


12. After adding monitoring node(s) you select Add/Remove instances tab to add databases that you want to monitor.

13. A simple information is added to monitor database as monitoring node, server name, instance name, port and credentials. It is very easy to add databases for monitoring. In fact as I’ve hadn’t any experience with Oracle databases it was harder for to actually configure the databases themselves than to add them for monitoring.

14. Let’s first add DB2 with Oracle 11g installed on it and then DB1 with Oracle 12c.


15. After a couple of minutes you will see both instances being discovered completely. Even that 12c is not supported that instance is discovered with all of its properties:


16. Now let’s see what capabilities this MP has. The MP has Oracle diagram where you can see health map of your Oracle instances and drill down to the root cause of every issue:


17. In the Action menu you will find three tasks:


18. In order to use these tasks you have to copy two files on all of your management servers:


19. You will also find a backup state view. This is very useful for database administrators.


20. You will also find a separate folder for Storage that you will find the different components of the Oracle database architecture in separate views. This helps locating problems faster.


21. What I like most is the Instance performance view where you can see and compare all performance data that is gathered.


22. As we know there is no perfect MP you could always find an error or performance counter that is not monitored for your particular case. The OpsLogix Oracle IMP covers that scenario by providing 3 templates for rules and monitors (Oracle Alert Rule, Oracle Performance Collection Rule and Oracle Two-State Monitor Template) so you can extend the MP very easy.


23. The last I want cover reporting. A lot of good MPs just do not have reporting but this one has one report which is very good. The MP gives you one general report that provides you with availability and performance which are the most common requirements for reports:


As a summary I can say that OpsLogix Oracle IMP is very easy to implement, will offer you with everything you need to monitor your Oracle database and it is definitely SCOM 2012 R2 ready.

Coretech WMI and PowerShell Browser

This free tool will can help in troubleshooting WMI issues which can happen to SCCM or SCOM agents. You can find more about the tool and download it from here.