The Different Monitoring Tools for Monitoring Windows and BizTalk Server Systems
You can use System Monitor, Task Monitor, Network Monitor, Event Viewer, and Performance Logs And Alerts to monitor the system. You can use System Monitor and Performance Logs And Alerts to create baselines, identify bottlenecks, determine performance trends, and test any configuration changes. Windows Server provide tools and utilities that can be used to monitor a system.
It is recommended to draw up a thorough server monitoring plan once you have established your baseline performance metrics for a server. A few elements that should be incorporated into a server monitoring plan are:
- Identify those server events which should be monitored.
- Determine and set up monitors and alerts to inspect the events.
- Determine whether filters are necessary to reduce the quantity of monitoring information which you want to collect and then configure any necessary filters.
- Establish a logging strategy to log event data that should be analyzed. Alternatively, you can monitor and analyze server activity when it occurs.
- View and analyze data collected by events in the Performance console.
The Performance console can used be to collect and view performance objects and counters’ information. The Performance console contains the following tools:
- System Monitor: The System Monitor utility is the main tool for monitoring system performance. System Monitor can track various processes on your Windows system in real time. The utility uses a graphical display that you can use to view current, or log data. You can determine resource usage by monitoring trends. System Monitor can be displayed in a graph, histogram, or report format. System Monitor uses objects, counters and instances to monitor the system.
An object can be described as a collection of counters that is associated with a system resource or service which produce the data you can assess. When an object executes a function, its associated counters are updated. A counter can be regarded as a data reporting component in an object. The counter represents data for a particular component of the system or service. Each object therefore has a set of counters that track particular information on the performance object. An instance refers to the incident of multiple performance objects of the identical type on a computer. An object can have one or multiple instances.
To use System Monitor, you must be a member of the Administrators group, the Server Operators group, the Performance Log Users group, or the Performance Monitor Users group. To start System Monitor, click Start, Administrative Tools, Performance, and select System Monitor. To add counters in System Monitor, you can click Add Counters to display the Add Counters dialog box.
The System Monitor Properties dialog box consists of five tabs that are used to configure and manage System Monitor properties. Click the Properties button available on the System Monitor Toolbar to configure System Monitor properties
A few key activities that can be performed using System Monitor and the main features of System Monitor are listed below:
-
- View and monitor real-time performance data or view data from a log file.
- Choose which data you want to collect by selecting between various objects and counters.
- Collect data from multiple computers simultaneously.
- Choose the format or view in which you want to examine collected data (Graph view, Report view, Histogram view).
- Monitor processes and components that you want to optimize.
- Monitor the results of your optimization efforts.
- View trends in workloads and the effect being realized on resource usage.
- Plan for upgrades.
- Performance Logs And Alerts/em>: By using the Performance Logs And Alerts tool included in the Performance console, you can track the performance of the server by creating counter logs, trace logs, and defining alerts.
- Counter Logs: Counter logs collect data on the selected counters once a predefined interval has passed. A few features of counter logs are listed below:
- Collect performance data on the activities of system services.
- Collect performance data on hardware usage.
- Manually log data.
- Schedule data logging to both commence and stop automatically.
- You can view collected data via System Monitor.
- Export collected performance data to a database or spreadsheet.
- Trace Logs: Trace logs differ to counter logs in that trace logs monitors data constantly and then records performance data when a specific event occurs. The collected data is written to a trace log file.
- Alerts: You can configure alerts to be generated when a predefined counter reaches, exceeds or falls beneath a defined threshold or value. When you configure alerts, you can specify that the following actions occur when an alert condition is met:
- A message is sent to a user through the Windows Messenger service.
- A log file is created.
- An application or program is executed.
- Counter Logs: Counter logs collect data on the selected counters once a predefined interval has passed. A few features of counter logs are listed below:
You can also use the Health Monitor utility to monitor the performance of BizTalk Server. Health Monitor is ideal for monitoring and managing groups of servers from a single, central location.
You can use the Health Monitor utility to monitor the following
- Transmission Control Protocol/Internet Protocol (TCP/IP).
- Performance counter thresholds.
- Event log errors.
- Windows Management Instrumentation (WMI) events.
Using Objects and Counters to Monitor the System
The objects and counters which you can use to monitor the system are listed here:
- System object; measures data for threads which run on the monitored processor. The system object counters that you should track are:
- Processor Queue Length counter; indicates the number of threads in the processor queue waiting for processing.
- Context Switches/sec counter; indicates the number of times that the system is switching from one thread to another thread.
- Memory object; tracks information on memory usage. When it comes to determining the memory that is being used, you need to examine physical memory, and the page file. Physical memory pertains to physical RAM. The page file pertains to logical memory on the hard drive. The memory object counters used to monitor system memory:
- Available Bytes; shows how much physical memory is available on the computer for running processes. Consider adding additional memory when the value is beneath 4MB.
- Pages/Sec, indicates how often the requested information had to be retrieved from disk because it was not in memory. The value should be beneath 10. A good counter value is between 4 and 5.
- Processor object; tracks information on utilization and input/output (I/O) performance. You should monitor the processors to ensure that processor utilization maintains an acceptable level. The processor object counters used to monitor processor utilization are:
- %Processor Time; shows the time which the processor uses to respond to requests. A counter value of 85 percent could point towards a processor bottleneck.
- Interrupts/Sec, indicates the average hardware interrupts the processor receives.
- Physical Disk object; tracks disk usage and disk performance of a server. Disk performance has an impact on message queuing, SQL Server and fie transport services. The Physical Disk object counters used to tracks disk usage are:
- Current Disk Queue Length: The counter indicates the number of requests which are in queue for disk access. The counters should be consistently at 1.5 to 2 times the number of spindles which comprise of the physical disk.
- % Disk Time and % Idle Time: These counters indicate the percentage of time that a drive is active, and the percentage of time for which the drive is idle. The recommended threshold for both counters is 90 percent.
- Avg. Disk Sec/Transfer: The counter indicates the time duration which the disk uses to deal with a request. A counter value of 0.3 seconds or above means that a high average disk transfer time exists.
- Disk Reads/Sec and Disk Writes/Sec: These counters show the speed at which data is written to disk, and read from disk. The information of these counters could assist you in more efficiently balancing the load of your servers. A lengthy delay could be indicative of a hard disk issue. When usage is close to the defined transfer rate of the physical disk, you might need to consider decreasing the load of the server. You could also upgrade to RAID.
- Avg. Disk Bytes/Transfer: This counter tracks the average number of bytes which are either moved to or from a disk when disk reads and writes occur. A program is typically accessing the drive ineffectually when the counter’s value is over 2KB.
How to create a BizTalk Server Performance Log
- Open the Performance console.
- Expand the Performance Logs And Alerts node.
- Select Counter Logs.
- In the right pane, right-click and then select New Log Settings from the shortcut menu.
- Enter a name for the new performance log in the Name textbox. Click OK.
- Click Add.
- From the Performance Object drop-down list, select Active Server Pages.
- Select the Select Counters From List option.
- Select the Requests Queued counter and click Add.
- Select the Requests/Sec counter and click Add.
- Select the Request Wait Time and click Add.
- From the Performance Object drop-down list, select System.
- Select the Context Switches/Sec counter and click Add.
- Select the Processor Queue Length counter and click Add.
- From the Performance Object drop-down list, select Memory.
- Select the Available Bytes counter and click Add.
- Select the Page Reads/sec counter and click Add.
- Select the Pages Input/sec counter and click Add.
- Select the Page Faults/sec counter and click Add.
- From the Performance Object drop-down list, select Physical Disk.
- Select the Current Disk Queue Length counter and click Add.
- Select the %Disk Time counter and click Add.
- From the Performance Object drop-down list, select Processor.
- Select the % Processor Time counter and click Add.
- From the Performance Object drop-down list, select Network Segment.
- Select the Bytes received per second counter and click Add.
- Select the Bytes sent per second counter and click Add.
- From the Performance Object drop-down list, select BizTalk Server.
- Select the Documents Received/sec counter and click Add.
- Select the Documents Processed/sec counter and click Add.
- Select the Asynchronous Submissions/ sec counter and click Add.
- Select the Synchronous Submissions/sec counter and click Add.
- From the Performance Object drop-down list, select SQL Server:Buffer Manager.
- Select the Page reads/sec counter and click Add.
- Select the Page writes/sec counter and click Add.
- From the Performance Object drop-down list, select MSMQ Queue.
- Select Messages In Queue and click Add.
- Click Close.
How to configure the number of thread to improve performance
- Open the BizTalk Server Administration console.
- Expand the Microsoft BizTalk Server 2000 node and expand the BizTalk Server Group node.
- Right-click the BizTalk server that you want to configure and select Stop from the shortcut menu.
- Right-click the BizTalk server again and select Properties from the shortcut menu.
- Enter an appropriate value in the Maximum Number Of Receive Function Threads Allowed textbox.
- Enter an appropriate value in the Maximum Number Of Worker Threads Per Processor Allowed textbox.
- Click OK.
- Right-click the BizTalk server again and select Start from the shortcut menu.
How to tune BizTalk server group properties
- Open the BizTalk Server Administration console.
- Expand the Microsoft BizTalk Server 2000 node and right-click the BizTalk Server Group node and select Properties from the shortcut menu.
- On the General tab, enter an appropriate value in the Messaging Management Object Cache Refresh Interval (seconds) box.
- Click the Parser tab.
- Use the up and down arrows to arrange the server call sequence.
- Click OK.
Using Certificates to Improve BizTalk Server Security
A public key infrastructure (PKI) can be defined as a set of technologies which control the distribution and utilization of unique identifiers, called public and private keys, through the utilization of digital certificates. The set of technologies that constitute the PKI is a collection of components, standards and operational policies. The PKI process is based on the use of public and private keys to provide confidentiality and integrity of an organization’s data as it is transmitted over the network. When users partake in the PKI, messages are encoded using encryption, and digital signatures are created which authenticate their identities. The recipient of the message would then decrypt the encoded message.
To ensure that data is securely transmitted over the Internet, intranet, and extranet; cryptography is used. With PKI, you can define cryptography as being the science used to protect data. A type of cryptography, called encryption, uses mathematical algorithms to change data to a format that cannot be read, to protect the data. Encryption basically ensures that the content of a data message is hidden from unauthorized parties intercepting the message. A mathematical algorithm contains the method used to scramble the original message into ciphertext. A cryptographic key is utilized to either change plaintext (original message) to ciphertext (scrambled message) or to change ciphertext (scrambled message) to plaintext (original message). It is the ciphertext that is transmitted over the network. The message is decrypted into a readable format once it has reached the intended recipient.
Encryption utilizes keys to encrypt and decrypt data. Longer complicated keys mean that data is more protected from interpretation by another person.
Windows Server 2003 includes Microsoft Certificate Services which can be used to implement a PKI. Through Certificate services, you can publish, issue, and store and perform management tasks for certificates. The Certificate services are considered as a primary component of the Windows PKI because it provides the means for certificates and any policies associated with the management of certificates, to be centrally administered. While third party CAs such as VeriSign and Thawte can be utilized, the most cost effective solution for larger organizations that need a considerable amount of certificates issued, is to use a Windows PKI implementation.
A certificate authority (CA) is the trusted entity that issues digital certificates to users, computers or a service. An organization can have multiple CAs, which are arranged in a logical manner. A CA can be a trusted third party entity such as VeriSign or Tawte, or it can be an internal entity of the organization. An example of an internal CA entity is Windows Server 2003 Certificate Services. Windows Server 2003 Certificate Services can be used to create certificates for users and computers in Active Directory domains.
To use certificates to improve BizTalk Server security, you have to complete the following steps:
- Install Microsoft Certificate Services.
- Issue the certificates.
- Create the Certificates Manager console.
- Move the certificate to the BizTalk store.
- Configure the Simple Mail Transfer Protocol (SMTP) host.
- Configure a messaging port to use a certificate.
How to install Microsoft Certificate Services
- Place the Windows 2003 CD-ROM into the CD-ROM drive.
- Select Install optional Windows components.
- This action launches the Windows Components Wizard.
- On the Wizard Components page, select Certificate Services.
- Click Yes in the message dialog box that warns that you would not be able to modify the name of the server.
- In the CA Type page, select Enterprise Root CA. Enable the Advanced Options checkbox. Click Next.
- On the Public and Private Key Pair page, leave the default settings unchanged and then click Next.
- In the CA Identifying Information page, set the common name for the CA. This name will be used in Active Directory, and in the enterprise.
- In the Validity Period boxes, enter the lifetime for the CA. Click Next.
- On the Certificate Database Settings page, verify that the locations specified for the database file and log files are correct.
- At this stage IIS services are stopped, and the certificate service is installed and the CA database started. IIS is restarted after this.
- Click OK when a message dialog box appears, warning that ASP must be enabled for Web enrollment.
- Click Finish.
How to issue certificates
- Click Start, Administrative Tools, and then click Certification Authority.
- Expand the CA node.
- Right-click Policy Settings and select New and then Certificate To Issue from the shortcut menu.
- The Select Certificate Template dialog box opens.
- Select the template to issue certificates.
- Click OK.
How to create the Certificates Manager console
- Click Start, and then Run. Type mmc in the text box. Click OK
- This action opens a blank MMC window which you will use to add snap-ins.
- Use the File/Console menu to choose Add/Remove Snap-in. The Console menu is renamed the File menu in the latest MMC version, MMC 2 version 5.2.
- When the Add/Remove Snap-in dialog box opens, click Add.
- In the Add Standalone Snap-in dialog box, select Certificates and click Add.
- The Certificates Snap-in dialog box opens.
- Select Computer Account.
- Click Finish.
- Click Close in the Add Standalone Snap-in dialog box.
- Click OK in the Add/Remove Snap-in dialog box.
- Use the File/Console menu to choose Save As.
- Provide a name in the File Name textbox on the Save As dialog box.
- Click Save.
How to move the certificate to the BizTalk store
- Open the Certificates Manager console.
- Locate the certificate that you want to move to the BizTalk store.
- Drag the certificate from its existing location to the BizTalk store.
How to configure the SMTP host
- Open the BizTalk Server Administration console.
- Expand the Microsoft BizTalk Server 2000 node and expand the BizTalk Server Group node.
- Right-click BizTalk Server Group and select Properties from the shortcut menu.
- In the SMTP Host textbox, enter the name of the SMTP server.
- Click OK.
How to configure a messaging port to use a certificate
- Open BizTalk Messaging Manager.
- Click the File menu, select New, and then select Organization.
- The New Organization dialog box opens.
- Enter a name for the new organization and click OK.
- Click the File menu, select New, select Messaging Port, and then select To An Organization.
- The New Messaging Port Wizard initiates.
- On the General Information screen, enter a name in the Name textbox.
- In the Comments box, enter a meaningful description. Click Next.
- On the Destination Organization screen, click the Browse button.
- When the Select An Organization dialog box opens, select Secure Organization and then click OK.
- Click Browse under Primary Transport.
- The Primary Transport dialog box opens.
- Select SMTP from the Transport Type drop-down list box.
- Enter the appropriate information in the Address field.
- Click OK in the Primary Transport dialog box.
- Click Next on the Destination Organization screen.
- On the Envelope Information screen, you can use the default settings. Click Next.
- On the Security Information screen, select the S/MIME option from the Encryption Type drop-down list.
- Click the Browse button next to Certificate Name.
- hen the Select An Encryption Certificate dialog box opens, select the certificate and then click OK.
- Uncheck the Create A Channel For This Messaging Port checkbox.
- Click Finish.
Using Clustering Technologies to Improve Fault Tolerance and Availability
Microsoft Clustering Server (MSCS), initially launched in the Windows NT Server Enterprise Edition, enabled organizations to increase server availability for mission critical resources by grouping multiple physical servers into a cluster. Servers in the cluster are referred to as nodes, while services and applications are referred to as resources. A cluster can be defined as the grouping of two or multiple physical servers that are portrayed as, and operate as one network server. These servers provide redundancy to the enterprise network by resuming operations of a failed server within the cluster. This procedure is known as failover. The process of failback occurs when a failed server automatically recommences performing its former operations once it is online again. The cluster can also be configured to provide load balancing features. With the introduction of Windows 2000 this technology became known as Microsoft Cluster Service. Microsoft Cluster Service is best suited for network services that require a high degree of availability. Windows Server 2003 can support eight node server clusters.
Resource DLLs manage resources in the cluster, and provide the mechanism for Cluster Service to maintain communications with its supported applications. A quorum resource has to exist in order for a node in the cluster to carry out its functions. This common resource holds the cluster database’s synchronized version that stores management data for the cluster. The quorum resource is located on the physical disk of the shared drive of the cluster. Clustering software such as resources makes is possible for the cluster to operate. Administrative software is the software utilized to manage the cluster, such as Cluster Administrator.
A few advantages of installing cluster servers are:
- Clustering technology provides redundancy for network failures because another node is the cluster resumes the services of the failed server. This increases server availability for mission critical applications and network services.
- Application response time can be improved by dispersing applications across multiple servers.
- There is no manual configuration associated with failback because the failed server automatically takes on its former operations.
- Cluser Service also reduces downtime associated with scheduled maintenance downtime. When a server in the cluster is scheduled for an upgrade, its services and applications can be manually moved to another node in the cluster.
- A network utilizing Cluster Service enjoys improved scalability because servers can be expanded while client access is still ensured.
- The nodes, services and applications in the cluster can be managed, controlled and administered remotely, and in the same manner as though they were all hosted on one server.
Server clusters can be deployed, using either of these server cluster designs:
- Single Node cluster: In this design, the cluster has one node. No failover can occur for the cluster. When a resource fails, Cluster Service will try to automatically restart applications and resources. An external disk is not necessary because the local disk can be set up for storage purposes. Multiple virtual servers can be created. The Single Node cluster is typically used for development.
- Single Quorum Device cluster: This cluster design has two or more nodes. One node can be configured as the hot standby device and another node can be configured to host different applications. Each node in the cluster must connect to the storage devices of the cluster. A single quorum device is located on the storage device. One copy of the cluster’s configuration exists on the quorum resource. This is the most commonly used cluster design model.
- Majority node set (MNS) cluster: Here, each node in the cluster does not need to connect to the storage devices of the cluster. Cluster Service ensures that configuration between the nodes are constant. Each node maintains its own cluster configuration information. Quorum data synchronization occurs over Server Message Block (SMB) file shares.
Windows Network Load Balancing (NLB) is a clustering technology that provides high availability and scalability. NLB is typically utilized to assign Web requests between a cluster of Internet server applications. NLB reroutes any requests that are sent to a failed NLB cluster server. With NLB, client requests are load balanced according to the configured load balancing parameters. Servers in the NLB cluster can therefore be configured to share the processing load of client requests. The Wlbs.sys driver of NLB is configured for each server in the cluster, and functions between the network adapter and the TCP/IP protocol. The driver manages and allocates client requests to a server in the cluster.
With NLB there is no single instance of failure purely because it is regarded as a distributed application. Throughput is maximized because the broadcast subnet is utilized to distribute client requests to the cluster servers. These client requests are then filtered on each cluster server.
To ensure high performance, NLB uses a distributed filtering algorithm to match incoming client requests to the NLB servers in the cluster when making load balancing decisions. When an incoming packet is received, all the NLB servers check to determine which NLB server should handle the client request. The NLB servers use a statistical mapping that determines a host priority for the incoming packet, to identify the NLB server that should handle the request. Once the NLB server is identified for the packet, the remainder of the servers in the NLB cluster discards the packet. Each server in the NLB cluster utilizes and transmits heartbeat messages to identify the state of the cluster. The heartbeat message holds information on the state of the cluster, and the cluster configurations and associated port rules.
The servers in a NLB cluster send heartbeat messages to determine the state of the cluster. Each heartbeat message contains the following information:
- Information on the state of the NLB cluster.
- Information on the configuration of the cluster.
- Inforation on port rules.
The advantages of NLB clusters are listed here:
- The NLB cluster can automatically detect when one server has a failure, and then reroutes traffic requests to the other servers in the cluster which are online. This leads to enhanced availability for mission-critical applications.
- The performance of applications can be scaled because client requests are distributed between multiple servers in the NLB cluster.
- You can easily add additional servers to an NLB cluster as the network expands. The NLB cluster does not have to be shut down to add or remove servers from the cluster.
- Client requests to the NLB cluster are load balanced, based on the processing configuration specified for the cluster. You can also configure port rules to specify any servers that should process specific requests.
Follow Us!