Contents x
      Legacy Management and Monitoring vs Operations CTRL
      • 29 Oct 2021
      • Dark
        Light
      Contents

      Legacy Management and Monitoring vs Operations CTRL

      • Updated on 29 Oct 2021
      • Dark
        Light
      Article Summary

      Operations CTRL OS Changes

      Below is a list of changes that will be made to newly provisioned VMs or VMs that are brought into management in Operations CTRL:

      Linux:

      • Install elastic and morpheus agents
      • Set EST timezone
      • Set Expedient NTP servers - External NTP sources are blocked at the network level
      • Disable CTRL+ALT+DELETE from rebooting server
      • sshd_config changes: 
        • set PermitRootLogin no
        • set LoginGraceTime 1m
      • Disable firewalld and selinux (RHEL/CentOS) or AppArmor (Ubuntu) - Expedient does not support configuring these services
      • Register Redhat servers with Redhat Network with an Expedient subscription

      Windows:

      • Install elastic and morpheus agents
      • Automatic Updates set to never check
      • Disable Windows firewall
      • Disable TLS 1.0 and 1.1
      • Enable Strong Cryptography for .NET

      Feature Matrix

      The following is a high level overview of the differences between the two products for clients:

      Management Item

      Legacy Management and Monitoring

      Operations CTRL

      VM Provisioning

      Expedient deploys VMs after PCR

      Clients can self provision without PCR if vSphere or VCD resources are available,

      will be trued up at months end

      +Self-service

      Patching Scheduling

      Configured in Expedient systems

      Clients must open ticket for changes

      VM tags in Operations Control

      +Self-service

      OS Monitoring

      Linux - watcher script and secretagentmon Agent

      Windows - SCOM Agent

      Elastic Agent

      Expedient ticket +action for standard OS alerts - CPU, memory, disk issues

      +Self-service for customized alerts that can be sent to email, webhook, teams or slack channels based on any metric or log that is tracked

      Alert Processing

      Alert Queue→  Monitoring Analyst → SMC

      Elastic Alert → Alert manager → SMC (automated, faster response time)

      Internet Service Monitoring

      (Ping/http/tcp)

      Shared infrastructure, no access to make changes

      Can only view timestamp alert history in SMC

      Elastic Heartbeat dedicated to client

      Client can control configuration

      Richer view of real-time metrics and history with graphs in Elastic dashboard

      +Self-service

      Endpoint Protection

      Linux - Not required

      Windows - SEP or endgame

      Required,

      Elastic endpoint security from Expedient recommended. Client may provide an alternate endpoint protection.

      Expedient Support

      VM Access

      SSH/RDP via management network

      No management network access,

      VM Console only

      Expedient Support 

      Authentication

      Linux - Expedient domain and local, root accounts

      Windows - local accounts or domain admin

      Checkout temporary local account,

      Domain admin for Windows


      Was this article helpful?
      What's Next
      Expedient Homepage

      To open a Support Ticket please visit the Support Management Console