Avenue Controller Remote management and monitoring solution for the MSP
1. Challenges for the MSP 2
Problems for the MSP Connectivity Monitoring Automation Provide access towards Setting up a monitoring Deployment of IPsec VPNs customers’ infrastructure solution usually requires an between the MSP network without tainting the own IPsec VPN connection or a and customers’ networks are network. IPsec VPNs are connection over public IP usually not automated. cumbersome to setup and are with port forwarding. high maintenance. Automation is not an option Monitoring done without on- when the remote network Maintaining a high volume of premise materials is usually cannot be managed. IPsec VPNs to networks that unreliable since traffic passes are not the MSP’s own poses a over the unreliable internet. large number of networking issues. 3
Existing solutions for the MSP Connectivity Monitoring Many (cloud) solutions are available today that Many solutions provide monitoring, allow MSPs to manage systems remotely. They centralized or distributed using proxies or all perform one thing: allow remote probes management of (most likely) Window systems I.E. Nagios, PRTG, Zabbix I.E. LogMeIn, TeamViewer, ... Many other solutions provide dialup VPN based access, 4
No size fits all There are no enterprise solutions combining multi-tenant connectivity and monitoring 5
2. Our solution 6
Integrate Why not combine multiple existing solutions into one? 7
Let’s build a complete solution for the MSP OpenVPN Zabbix IoT device Widely supported VPN The ideal enterprise open- Can function as a Zabbix platform (Windows, OS X, source platform. Scalable, proxy and a remote VPN open, complete JSON API. Linux), lightweight, easy to gateway deploy, little overhead Avenue Controller Syslog Reporting Puts it all together The widely supported Enhance your Zabbix standard for logging and experience by adding logshipping reporting. 8
Here’s what the Avenue Controller does for MSPs Drastically reduce time to deploy monitoring ◎ Drastically reduce installation and operational cost for ◎ monitoring Provides a no-configuration VPN into the customer network ◎ Provides simplicity for your engineers ◎ Provides the ability to scale ◎ Provides a complete reporting tool ◎ 9
How does it work? Automate deployment of remote nodes, called leaves ◎ Integrate the leaves as Zabbix proxies ◎ Provide a secure path ○ Manages TLS keys ○ Automatically define proxies in your Zabbix installation and maintain integrity ○ Provide a central VPN solution providing instant connectivity ◎ towards a customer Provides a one-stop shop for connectivity to your customers ○ Automates session management ○ Provides a secure relay for syslog messages ◎ Allows the Leaf to be used as a syslog receiver ○ Relays the syslog messages to a syslog server of your choice in your NOC ○ Provides a reporting framework ◎ Allows for PDF reports to be created on demand or scheduled ○ Provides a GUI to build and store reports ○ 10
How does it work? Addon functions ◎ Perform network discovery of the remote subnet ○ LDAP integration ○ Logging ○ Automatic database backups ○ Can be deployed publically or only for internal access only at the MSP (on-premise) ○ 11
Leaf platforms Leaf-102 vLeaf Intel NUC based VMware based + Cheap to buy & run + Fast to deploy + Easy to deploy in the field + No hardware needed + Reliable enough for small customers + Better for enterprise customers 12
Recently added features External API for integrations ◎ vLeaf (VMware support) ◎ 13
Roadmap Integration with an IPAM ◎ One-click connectivity towards common protocols without a ◎ VPN client, I.E. Terminal Services, SSH, Telnet, HTTP, .. Syslog & auditing (WIP) ◎ SAML (ADFS) integration ◎ Customizeable Leaves ◎ Wi-Fi scanning (& possibly testing) ◎ 14
Recommend
More recommend