The “one stop shop” is a leading concept for a monitoring program like SCOM.
When we looked for a monitoring program for testing TMG servers internally we decided to explore MS system center 2007 R2 for this purpose, knowing that the Forefront TMG product team is developing an out-of-the-box SCOM pack, for administrators that includes a set of rules, monitors and performance counters.
New features like Enterprise Malware Protection (EMP), HTTPS Inspection and URL Filtering are now supported.
The following post below describes deployment and configuration of a Forefront TMG SCOM pack to better monitor and evaluate Forefront TMG server functionality and performance.
Disclaimer: The information and code attached in this blog-post are not officially supported by Microsoft. They are tested to work in Forefront TMG RC test environment. Please use it in a test environment before deploying in production.
Let’s start with understanding the operations Console. The operations console is made up of the following parts:
Image 1: SCOM server main console
Click on Administration in the Navigation button, right click on Management Packs, select import management pack, browse to the location of your MP file and import it.
Image 2: SCOM server Administration console view
You’ll find the Forefront TMG SCOM pack in the list of packs.
Image 3: SCOM server Administration console view
That’s it for the SCOM server side. It’s set with the appropriate monitors and rules for your TMG servers right out of the box.
Now let’s deal with the TMG server rule-set to allow the traffic from TMG to SCOM. There are 2 system rules that TMG Beta3 contains, allowing SCOM traffic to pass. These rules exist in the system policy rules, and you should enable them once installing the SCOM agent.
Image 4: Forefront TMG System policy rules view
You now have completed end to end TMG - SCOM monitoring deployment.
Using the new deployed package
The first step is to click the Monitoring Navigation button on the SCOM console and look for MS Forefront TMG in the Navigation Pane. It lists built-in performance counters, TMG Server Roles and Monitors, active alerts from your TMG machines and Computer State.
Image 5: SCOM Left Navigation Tree showing the relevant TMG components
Image 6: Two of the main counters powered by TMG SCOM pack
By right-clicking on each of these graphs, you’ll get an extensive set of filtering options to display data range from minutes to weeks.
A few of the many cool options powered by the SCOM pack:
1. A diagram view of the deployed Forefront TMG servers.
2. You can add the Forefront TMG alerts view to your counter graphs, showing alerts along the timeline of the graph, as can be seen in the graph above.
3. One repository for alerts for all of your TMG and other servers in the organization.
Image 7: SCOM Left Navigation Tree showing the relevant TMG components
4. You can take action upon a specific event or alert like sending a mail/IM/SMS or running some command line or a script.
Image 8: SCOM server Administration console view
Troubleshooting connectivity issues between Forefront TMG and SCOM.
Use TMG log-viewer monitor for troubleshooting connectivity. You can monitor the traffic between TMG and the SCOM server (destined to ports 5723, 5724) and validate that it’s reaching the SCOM server.
Image 9: Forefront TMG log-viewer
This post covered deployment and configuration of a SCOM pack to better monitor and evaluate TMG’s deployed functionality and performance. However, there were some areas that were not covered but might also be useful for enhancing the monitoring requirements, which I’ll get to in my next posts:
1. Advanced tasks for extending the Forefront TMG SCOM pack capabilities, like adding rules, monitors and counters of your own.
2. Administering TMG SCOM-pack using Power Shell.
Feedback is welcome.
Gabriel Koren, Forefront TMG Test team.
Noam Ilovich, Program Manager, Forefront TMG Team
Roiy Zysman, Lead, Forefront TMG test team
very helpful post....please update about the next post