Introduction

Sentra maintains a centralised database of performance data from one or more Authentication Server environments and provides real-time analysis. The outcome is a collection of dashboards that represent the monitored environments, incorporating real-time performance, service level alerts and graphs representing nominated metrics.

Database

As the Sentra database is being updated by the extraction clients, the information can be processed in real-time by a variety of techniques, e.g.:

Graphs and charts can be linked together to create a drill down approach to identifying the root cause of any issues identified.

Architecture Description

The Authentication Server environment provides authentication services to applications which forward user requests to it. This will often take the form of a user wanting to authenticate via chip and PIN for example, which will send an EMV request for the authentication server to process.

The processing of this operation may involve objects such as cryptographic keys and certificates stored on a dedicated piece of hardware such as a Cryptographic Module. This requires communication with a database and CRL or an OCSP (a 3rd party Online Certificate Status Protocol service), for certain other kinds of operations such as verifying the signature of an incoming request.

The authentication environment may also output logs to disk and produce JMX performance counters.

Sentra for authentication utilises these extraction clients (agents) to gather data from all parts of this complex and critical system and store it within the central Sentra database, ready for analysis.

Sentra Installation

Sentra is installed on its own Windows server with an attached SQL database. A number of extraction clients are then utilised, e.g.:

Authentication Log Monitoring - Disk

This client is installed within the Authentication Server environment to  read the contents of any Authentication Server log.

The contents of each log file entry are parsed into their component parts, such as timestamp, channel, service name , message. This information is written to Sentra SQL tables for evaluation and reporting.

Authentication Log Monitoring – Database

This client performs in exactly the same manner as ‘Log Monitoring – Disk’. Instead of reading from disk, it reads log file and table information directly from the Authentication Server SQL Database.

Authentication Devices Monitoring

This client is installed onto the Authentication Server environment. It reads device information from cryptographic devices using the pkcs11.dll. Data is then written to the Sentra SQL Database for alerting and reporting purposes.

Authentication Device Objects Monitoring

This client is installed onto the Authentication Server environment. It reads device object (keys, cert etc.) information from the cryptographic devices using the pkcs11.dll. Data written to the Sentra SQL Database for alerting and reporting purposes.

JMX Monitoring

This client is installed onto the Authentication Server environment. It reads JMX performance counters and attributes from the Daemon process. Performance data is written to the Sentra SQL Database for evaluation and reporting purposes.

Windows Event Log / Performance Monitoring

This client represents a number of clients that can be installed on the platform where the Authentication Server application is running.

They can be used to read hardware performance data, subsystem performance data such as SQL Server performance metrics, and event log information. Data is written to the Sentra SQL database for evaluation and reporting purposes.

Benefits of Sentra for Authentication Monitoring

A number of these are summarised below:

Example Scenarios

Two example scenarios illustrate the advantages of installing Sentra to monitor and manage an Authentication Server environment.

How do I Monitor Pool Usage without Turning on Debugging?

Your Authentication Server environment has been installed and running for some time you are unsure of the impact a potential increase in transactions will have on your environment.

Database pools running out of connections to the database may result in failed transactions during busy periods.

As this is a production server you are unable to interrupt the service you provide to your customers in order to re-tart the Authentication Server environment; business is reluctant to run the environment with debugging turned on, as this would increase the overhead on the service and would require downtime to restart the authentication server with the new settings.

Solution - Use a Sentra Hypervisor to Display Pool Metrics

A Sentra Hypervisor can be configured to provide an overall view of the Authentication Server environment.

This initial view consists of linked icons that represent elements of the Authentication Server environment, such as channels, pools or cryptographic devices. The view can also display simple graphs that provide an indication of performance metrics such as TPS or pool utilisation.

By clicking on the icons in this Hypervisor, further drill-down views can be launched that will display detailed information relating to the selected element. A drill-down view for a channel or pool could display information relating to minimum, maximum and current pool allocation that is updated in real time. This will give an 'at a glance' indication of the current and historical state of the pools.

Rules can be configured to monitor these values. If the rule criteria is broken an alert will be fired, causing the relevant Hypervisor icons to flash, indicating that a threshold is about to be breached, providing advanced warning of any configuration changes that may be required.

Problem - How do I Monitor Cryptographic Memory Utilisation?

You are unaware of the number of certificates and data objects that are stored on each of the cryptographic devices, or servers within your Authentication Server environment but you suspect that they may be nearing capacity.

It will require constant manual intervention, and exposes functions that you do not want made available to the general user population.

Solution - Deploy the Sentra Authentication Extraction Client

The Sentra for Authentication application includes an extraction client that will automatically poll your cryptographic and/or server environments at a specified interval and retrieve information relating to memory utilisation and certificate counts.

As with all information written to the Sentra Database, this information can be interrogated and charted on a Hypervisor view to give a real time and historical view of these values for each cryptographic environment.

If you would like further information on Sentra for Authentication Monitoring, then please contact Insider Technologies Limited:

hello@insidertech.co.uk

+44 161 876 6606

Make plans to join the global NonStop community for four days of networking and learning with NonStop Engineers, Executives, Partners and Customers:

Registration is open! 

https://www.nonstoptbc.com/

Pricing Information:

Early Bird price:       $1395                        expires October 1^st

Regular price:          $1695

General Session Keynote Speakers:

New! NonStop Education Marathon:

SPECIAL PRE-TBC EVENT
OCTOBER 28-NOVEMBER 1, 2019

In this unique 5 day education marathon, 9 primary topics will be covered in ½ day segments. The first morning begins with an introduction and NonStop product overview. Then the marathon starts!

There will be a series of interesting topics delivered by experienced NonStop instructors. Select sessions will also be accompanied by select HPE product management and/or development subject matter experts.

SPECIAL OFFER FOR NONSTOP TBC 2019 ATTENDEES!

If you also register for the NonStop Technical Boot Camp in San Francisco, a $250 discount will be applied to your TBC registration!

Audience

• System Operators
• System Administrators
• System Analysts
• Support Personnel

• This marathon covers many topics which are useful and interesting for anyone who is actively managing a NonStop system- in just one week!
• Topics are focused on HPE Integrity NonStop X Blade Systems

Prerequisites

Detailed knowledge about the HPE Integrity NonStop X Blade System architecture, operations, and management.

Kathy Wood

NonStop Partner SIG/Vendor Chair

kwood@blackwood-systems.com

Designed for NonStop Command Control

CSP PassPort provides comprehensive user and command control, password quality enforcement and auditing. It controls and filters user access to systems, programs and commands according to customized user profiles.

 All user terminal input/output operations (including OSS) can be monitored via an easy-to-use GUI interface, while an audit process records all user activities.

Major Benefits:

Ø  Limit user access to sensitive assets, programs and commands

Ø  Improve user accountability and audit activities

Ø  Track powerful user id’s  and commands

Ø  Prevent easy hacks by enforcing Password Quality

Ø  Eliminate the need to disclose sensitive SUPERID passwords for executing commands

Ø  Generate extensive reports of user activities

Ø  Get real-time notifications with Alert-Plus, and forward logs to SIEM for analysis

Key Features:

Ø  Monitor and audit user sessions down to keystroke level

Ø  Role-based user access

Ø  Time restrictions by command and program

Ø  User Authentication SEEP to prevent users from logging on outside CSP PassPort

Ø  Powerful Custom Reporting

Ø  Control client connections by IP address or IP address ranges

Ø  Multi-factor authentication support (coming soon!)

CSP - Compliance at your Fingertips™

We Built the Wiki for NonStop Security ®

Regards,

The CSP Team              

+1(905) 568 - 8900

BlackWood Systems will be offering private, individual training at the NonStop Technical Boot Camp for our customers and those interested in learning about MOMI. 

Since we don't know the Breakout Session schedule yet, we are simply taking names/companies at this time and will be in touch with you to schedule an optimum time for your MOMI training.

This is a great opportunity for you to get everyone 'up to speed' with their MOMI usage! 

Registration Info:

https://events.eventzilla.net/e/handinhand-with-momi-at-the-2019-nonstop-tbc-2138750011

About MOMI:

MOMI is the superior real-time tool for monitoring, troubleshooting and diagnosing your HPE NonStop™ System operations:

User Friendly

Budget Friendly

Resource Friendly

Reliable, Technical Excellence and Strong Customer Support

MOMI runs on all NonStop platforms!

kwood@blackwood-systems.com

602-569-8766

Shadowbase Overview Video

We hope that you find this video interesting and informative. Please share it with your colleagues!

Paul J. Holenstein Award Interview

Please Visit Gravic at these Upcoming 2019 Events

Steve Tcherchian

XYPRO Technology

Every business wants more data. Data on their customers, competition, operations, processes, employees, inventory and more. Data can be used to make business decisions and provide strategic insights that gives companies a competitive advantage. This can be in terms of efficiencies, enhancing the customer experience, or refining market strategy. Its uses are limitless. Over the last decade, computing power has advanced where generating and storing data has become much simpler and cost efficient.

With all that data available, most businesses struggle to figure out what to do with it all now that they have it. According to Forrester, up to 73% of data within an enterprise goes unused for analytics. We are so used to extracting targeted information from data that we simply ignore what we don't understand and throw it away as noise. This problem is prevalent in every industry, but especially in the security world. Security teams are overwhelmed with the vast amounts of data generated from firewalls, intrusion detection systems, network appliances and other devices. It's impossible to expect security teams to interpret all this data. We unintentionally end up focusing on what we already know and ignoring what we don't.

Typical alerting systems are configured to raise alarms, but only when they encounter a binary event or reach a threshold. For example, if three or more failed authentication attempts performed in succession are detected, generate an alert. Yet successful authentication attempts are mostly categorized as business as usual and ignored. The current mean time to detect a breach is over six months. Most organizations have all the data they need to identify a breach much faster than the six month average, yet they are still unable to detect and react to a breach in a semi-reasonable amount of time. This is due to

If your system is ever breached, you don't necessarily need to look at the failed authentication events, you need to look for anomalies in the successful ones!

Most organizations are well down the path on their journey of capturing and storing all of their data for future analytics. Data Lakes are large repositories of raw data in any format. Capturing, storing and securing that data is key. Once the data is available, it can be analyzed and its value maximized using a variety of methods. This is where the fun starts!

Click here to continue reading.

 30 years ago, when Q/Tos was introduced, NonStop was Tandem and all tape volumes were reel-to-reel and unlabeled.  Just as now, Q/Tos cataloged backup criteria for future data retrieval as well as the files that were backed up.

  Q/Tos also tracked the tape volumes to off-site storage and alerted operations when the tape volumes were to return and place them back in service.  Soon after Q/Tos was created, labeled tape support and $Zserver entered the picture creating the first major renovation to the way Q/Tos handled backup and restore. 

This was followed by the evolution of tape drives.  Reel-to-reel became cartridge, and autoloaders and silos replaced operators. 

The latest development was virtual tape servers.  Q/Tos was adapted to take the best advantage of each of these innovations.  Backup and Restore didn’t remain static either.  Backup/Restore 2 came along for OSS and SQL/MX. 

Again Q/Tos evolved to take advantage of BR2 to catalog the backups and automate the restores.  A GUI was developed to improve productivity in maintaining and querying the Q/Tos database. 

From the start in 1989 to the present Q/Tos has adapted to the ever changing Backup/Restore landscape. 

Happy Birthday Q/tos!

more from info@qsa.com

We're also looking forward to the next round of NonStop events. OZTUG Sydney and OZTUG Melbourne are just around the corner on the 3rd and 5th of September, respectively, and our very own Andrew Price will be hosting the Australian TUGs, as well as presenting on LightWave software at both conferences--talk about multi-tasking! Then our North American reseller, TIC Software, will be on-site and the Atlanta Tandem User Group (ATUG) on September 18th and the Canadian Tandem User Group (CTUG) on September 25th to answer any questions on interfacing to NonStop applications using NuWave solutions. Wherever you are in the world, we look forward to seeing you on the road!