Browse
Tools
Categories

 Featured
SiteAudit Monitor & Viewer Deployment Checklist

Reference Number: AA-00220 Views: 10424 Last Updated: 09-19-2018 12:07 PM 0 Rating/ Voters
Deployment Checklist


Please review the information below b
efore deploying Netaphor SiteAudit™. This will ensure efficient installation and operation of SiteAudit. This checklist should be reviewed before and after deploying SiteAudit.

Contents

Platform Requirements

The following platform requirements are considered the minimum standard based on the number of printers being monitored. These requirements are sufficient for most environments. But depending on usage, it may be necessary to increase the amount of available RAM or hard drive space. Netaphor support can help to evaluate performance to determine if the assigned resources are adequate. 

  Platform

Physical hardware performs better than virtual machines. It is imperative to meet or exceed the minimum requirements for physical hardware when using a virtual machine.  
.NET 4.5.1 or later is required for all SiteAudit client and server machines.

Number of Printers

Windows Operating System

Host Machine Running Monitoring Service

SQL Server

IIS

< 250

Windows 8.1, 10

4 GB RAM

Dual Processor Quad Core or better 

200 MB free disk space

SQL Server (or Express) 2012 R2, 2014, 2016, 2017; may run on same host as monitoring service 

Additional disk free disk space equal to 1/2 MB per month per printer. 1,500 MB/year plus additional for backups

IIS 7, 7.5 

Additional 10 MB free disk space

250 - 1000

2012 R2, 2016

8 GB RAM

Dual Processor Quad Core or better 

400 MB free disk space

SQL Server 2012 R2, 2014, 2016, 2017; may run on same host as monitoring service 

Additional 10 GB free disk space/year

IIS 7, 7.5 

Additional 10 MB free disk space

1000 - 5000

2012 R2, 2016

16 GB RAM

Dual Processor Quad Core or better 

400 MB Free disk space

SQL Server 2012 R2, 2014, 2016, 2017; may run on same host as monitoring service 

Additional 30 GB Disk free disk space/year 

Additional 4 GB RAM if SQL Server is on same host as monitoring service

IIS 7, 7.5 

Additional 10 MB free disk space

5000 - 10000

2012 R2, 2016

32 GB RAM

Dual Processor Quad Core or better 

400 MB free disk space

SQL Server 2012 R2, 2014, 2016, 2017; may run on same host as monitoring service

Additional 60 GB free disk space/year 

Additional 8 GB RAM if SQL Server is on same host as monitoring service

IIS 7, 7.5 

Additional 10 MB free disk space

10000 - 25000

2012 R2, 2016

32 GB RAM

Dual Processor Quad Core or better 

400 MB free disk space

SQL Server 2012 R2, 2014, 2016, 2017; may run on same Host as monitoring service 

Additional 150 GB disk free space/year 

Additional 16 GB RAM if SQL Server is on same host as monitoring service

IIS 7, 7.5

Additional 10 MB free disk space

Note: Hosting web reports requires IIS 7 or later. SiteAudit supports both 32- and 64-bit operating systems and SQL server versions.

Hard Disk Space Requirements

SQL database log files can grow significantly, especially during an upgrade. One must be sure enough disk space exists to perform upgrades. The approximate space needed to perform the upgrade should be determined by the size of the database. Hard disk space equaling approximately twice the size of the database is required.

It is strongly recommended that the log file be shrunk after an upgrade and periodically thereafter as part of regular database maintenance. For more information about shrinking the SiteAudit database log file, refer to the Shrink Database Log File article.

 Database

  • If SQL Server is installed on the network, make sure it can be used and that there is a database for data collection.
  • The minimum required privilege profile for database operations is Owner. Users with Owner privileges can update database schemas, backup and restore the database (from within SiteAudit) and discard the data. At least one person using SiteAudit should have this privilege.
  • To create a database from within SiteAudit, the user must have System Administrator privileges (if SQL security is being used) or Administrator privileges (if integrated security is being used)
  • SQL Express 2012 R2 supports database sizes up to 10 GB.




Windows Services

   Windows services settings

Make sure that the services listed below are restarted or able to be started.                                                                         

   

Service

   
   

Where needed

   
   

Startup type

   
  

COM+ Event System

  
  

SiteAudit Monitor

  

Targets that need to be scanned

  
  

Automatic on servers

  

Manual on workstations

  
  

Remote Access Auto Connection Manager

  
  

SiteAudit Monitor and SiteAudit Viewer

  
  

Manual

  
  

Remote Access Connection Manager

  
  

SiteAudit Monitor and SiteAudit Viewer

  
  

Manual

  
  

Remote Procedure Call (RPC)

  
  

SiteAudit Monitor and SiteAudit Viewer

  
  

Manual

  
  

Remote Procedure Call (RPC) Locator

  
  

SiteAudit Monitor and SiteAudit Viewer

  
  

Manual

  
  

Remote Registry

  
  

SiteAudit Monitor

  
  

Automatic

  
  

Server

  
  

SiteAudit Monitor and SiteAudit Viewer

  
  

Automatic

  
  

Windows Management Instrumentation

  
  

SiteAudit Monitor

  

Targets that need to be scanned

  
  

Automatic

  
  

Windows Management Instrumentation Driver Extensions

  
  

SiteAudit Monitor

  
  

Manual

  
  

Workstation

  
  

SiteAudit Monitor and SiteAudit Viewer

  
  

Automatic

  


Make sure that Windows Management Instrumentation (WMI) access is enabled on every client computer that needs to be scanned and on the host where SiteAudit Monitor is running.

Discovery Configuration

Network discovery

  • Collect the list of networks over which discovery needs to be performed. The network address and mask are required for each network. Collect the list of networks over which discovery should NOT be performed. The network address and mask are required for each network.

  • Collect the list of ranges that need to be included or excluded. Decide whether broadcasts should be used. If broadcasts are not used, add the broadcast addresses to the list of devices not to be scanned.

  • On the Devices tab, add any devices that need to be added or excluded.

  • Devices that should be excluded are UPS devices, DNS server(s), and other devices that should not be accessed.

SNMP

  • Make sure that all needed community strings are available.

  • Order the list to make sure that most frequently used community strings are the first ones tried.

  • Remove any community strings that will not be used. 

Windows hosts

  • Make sure that all needed credentials are in the list on the Host Credentials tab of the Discovery Configuration dialog box.

  • Make sure that any necessary firewall access has been configured. 

Security

  • Check to see whether security software needs to be configured in order to white-list SiteAudit. This will prevent false positives from being registered when SiteAudit is scanning the network and collecting data. 

As part of the discovery process, SiteAudit first attempts to find a device and then tests to see if that device is a printer. Security software in the network may register these actions as suspicious.

To avoid these false positives, the security software should be configured to ignore requests issued from the IP address where the SiteAudit monitoring software runs


Directly (Local) Connected Printer; Windows Print Server Discovery


SiteAudit finds printers directly connected (via USB or parallel connections) to a Windows host. To access the host, SiteAudit requires the credentials of an Administrator on that host.

To make sure that discovery succeeds, you should:

  • Provide a credential that will work on all hosts

  • Ensure that these credentials do NOT get locked out after a number of failed attempts

    Run the “Unauthenticated Hosts” reports to see which hosts did not allow access, and add the credentials for that host

SNMP Access

The SNMP protocol includes a provision for access control using “community” strings. A community string is required to access a device. SiteAudit maintains a list of community strings that it uses to attempt to access SNMP data from a device.

This list is ordered, and SiteAudit tries each string in turn until one succeeds or there are no more strings to try. The list is pre-seeded (with a set of commonly used community strings) but a user can remove or add strings and can change the order in which strings are tried.

Some SNMP agents within a device may be configured to generate “authentication failure” traps when a community string is used that is not valid for that device. To avoid getting these authentication failure traps, you should:

  • Ensure that the list of community strings contains only those that are needed

  • Ignore the authentication failure traps if they indicate that the source of the request (the application sending the message with the invalid community string) is SiteAudit

  • Disable the authentication failure traps on the device

Credentials

SiteAudit requires credentials in four instances:

  • Installation of SiteAudit on a server or workstation requires a local account running as a service.

  • Installation of the SQL Server or SQL Server Express database requires a System Administrator password or, if integrated security is used, login credentials of an individual who has administrator-level access to the database.

  • For directly connected printer discovery, Windows administrator credentials for the hosts with attached printers.

  • Direct printer discovery using WMI requires an account that has full permissions for the ROOT WMI namespace.

Attachments
Deployment Guide(JA).pdf 0.9 Mb Download File
Deployment Guide.pdf 0.8 Mb Download File