Archive for the ‘Managed IT Services’ Category

Solarwinds N-Central 12.0 new release in July 2018

SolarWinds released N-central 12.0 with the promise to provide MSP with the ability to manage customer networks and security of endpoints in depth. Solarwinds introduces a new tool called NetPath to manage patchwork of cloud, hosted, and on-premises services.


To get started, first upgrade your server to 12.0. On the left-hand pane, select View > NetPath. The NetPath tool can be set up on any Windows server or Windows workstation in N-central.


Other features include:


  • Create, update, and close tickets for their PSA application without leaving N-central-including tickets that don’t originate from N-central
  • View and manage the last five tickets create
  • Set up patch auto-approval or auto-decline by keyword to save time, help ensure critical updates are applied, and problematic ones are blocked


For more information, go to Solarwinds N-Central.

Flexis July 2018 Patch Review and Recommendations

7/23 UpdateMicrosoft released new patches/updates to fix the issues in the current month patch release. The fixes appears to be working and safe to install. It is important to note that while Exchange server issue is resolved with the updated patches, the Azure ADConnect service issue is still not fixed (listed below in known issues) . Here is the link with details for exchange patch issue:

Update: There were number of issues reported in this month cumulative/roll up patches. Microsoft pulled then re-released a number of patches. We recommend delaying patch installation until Monday July 23rd.


All patches are approved as per our patch testing procedure.

  • KB4338814 – 2018-07 Security Monthly Quality Rollup for Windows Server 2016 for x64-based Systems
  • KB4338815 – 2018-07 Security Monthly Quality Rollup for Windows Server 2012 R2 for x64-based Systems
  • KB4338815 – 2018-07 Security Monthly Quality Rollup for Windows Server 2012 R2 for x64-based Systems
  • KB4340558 – 2018-07 Security and Quality Rollup for .NET Framework 3.5, 4.5.2, 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, 4.7.2 for Windows 8.1 and Server 2012 R2 for x64
  • KB4338832 – 2018-07 Security Update for Adobe Flash Player for Windows Server 2012 R2 for x64-based Systems
  • KB4291391 – 2018-07 Security Update for Windows Server 2008 for x86-based Systems
  • KB4293756 – 2018-07 Security Update for Windows Server 2008 for x86-based Systems
  • KB4295656 – 2018-07 Security Update for Windows Server 2008 for x86-based Systems
  • KB4339291 – 2018-07 Security Update for Windows Server 2008 for x86-based Systems
  • KB4339503 – 2018-07 Security Update for Windows Server 2008 for x86-based Systems
  • KB4339854 – 2018-07 Security Update for Windows Server 2008 for x86-based Systems
  • KB4340583 – 2018-07 Security Update for Windows Server 2008 for x86-based Systems
  • KB4340559 – 2018-07 Security and Quality Rollup for .NET Framework 2.0, 3.0, 4.5.2, 4.6 for Windows Server 2008 SP2
  • KB4339093 – Cumulative Security Update for Internet Explorer 9 for Windows Server 2008
  • KB4338818 – 2018-07 security Monthly Quality Rollup for Windows Servers 2008 R2 for x64-based systems


Impacted Products:

  • Internet Explorer
  • Microsoft Edge
  • Microsoft Windows
  • Microsoft Office and Microsoft Office Services and Web Apps
  • Adobe Flash Player
  • .NET Framework
  • Skype for Business and Microsoft Lync
  • PowerShell Editor Services
  • PowerShell Extension for Visual Studio Code
  • Web Customizations for Active Directory Federation Services.


Please note the following information regarding the security updates:

  • Windows 10 updates are cumulative. The monthly security release includes all security fixes for vulnerabilities that affect Windows 10, in addition to non-security updates. The updates are available via the Microsoft Update Catalog.
  • Starting in March 2017, a delta package will be available on the Microsoft Update Catalog for Windows 10 version 1607 and newer. This delta package contains just the delta changes between the previous month and the current release.
  • Updates for Windows RT 8.1 and Microsoft Office RT software are only available via Windows Update.
  • For information on lifecycle and support dates for Windows 10 operating systems, please see Windows Lifecycle Facts Sheet.
  • In addition to security changes for the vulnerabilities, updates include defense-in-depth updates to help improve security-related features.


Microsoft Security Advisories:

  • ADV180017 | July 2018 Adobe Flash Security Update

  • ADV180002 | Guidance to mitigate speculative execution side-channel vulnerabilities

  • CVE-2018-8289 | Microsoft Edge Information Disclosure Vulnerability


Known Issues:

KB4338825, KB4338818


KB4338825 Applies to: Windows 10, version 1709

Symptoms: Some non-English platforms may display the following string in English instead of the localized language: “Reading scheduled jobs from file is not supported in this language mode.” This error appears when you try to read the scheduled jobs you’ve created and Device Guard is enabled.

Resolution: Microsoft is working on a resolution and will provide an update in an upcoming release.

Prerequisite: The servicing stack update (SSU) (KB4339420) must be installed before installing the latest cumulative update (LCU) (KB4338825). The LCU will not be reported as applicable until the SSU is installed.


KB4338818 Applies to: Windows 7 Service Pack 1, Windows Server 2008 R2 Service Pack 1

Symptoms: There is an issue with Windows and third-party software related to a missing file (oem<number>.inf). After you apply this update, the network interface controller will stop working.


  1. To locate the network device, launch devmgmt.msc; it may appear under Other Devices.
  2. To automatically rediscover the NIC and install drivers, select Scan for Hardware Changes from the Action menu

Alternatively, install the drivers for the network device by right-clicking the device and selecting Update. Then select Search automatically for updated driver software or Browse my computer for driver software.


How to Fix High CPU

After installing the latest cumulative Windows Update patch, some people are experiencing high CPU issues being used by the “Azure AD Connect Health Sync Monitor” ( (AzureADConnectHealthSyncMonitor) version 1.1.819.0.

If you have the Azure AD Connect utility installed on a server, this is a service that goes along with it. According to Microsoft, they will be releasing an update to the Azure AD Connect Utility to resolve this issue, but there is no ETA yet for this update. There are two options you have to temporarily resolve the high CPU issues. The first option is to stop the Azure AD Connect Health Sync Monitor service and set it to manual until the updated utility is released. The second option is to remove the latest patches you installed on the server.

Common Monitoring Mistakes

Alert Overload

If you have too many alerts that constantly go off, people will eventually ignore them and think they are not critical. However, when service impacting alerts comes, they will be ignored as well and treated as false alerts.

  • Distinguish between warnings (that admins should be aware of, but do not require immediate actions) and error or critical level alerts that require immediate attention.
  • Route the right set of alerts to the right group of people.
  • Make sure every alert should be real and meaningful.
  • Ensure alerts are acknowledged, completed, and cleared. Do not have a monitoring system dashboard with hundreds of alerts.
  • Optimize alert settings in monitoring, or the systems, or operational processes that can reduce the frequency of these alerts.

Multiple Monitoring Systems

Streamline all your alerts into one monitoring system. Having one monitoring system for each type of devices such as Window, Linux, SQL servers, and so on will impact datacenter performance. Alerts could end up being routed incorrectly,and not being addressed at all.

It is unavoidable that even with good monitoring practices in place, issues and outages will occur. Best practices dictate that the issue should not be considered resolved until monitoring is in place to alert what caused the issue or outage to prevent future similar events.

Hardware Vendor Independent Architecture

You should not be forced to select a monitoring system based on the equipment manufacturer and vice versa.

Not Monitoring your Monitoring System

Lot of time is spent on setting up the monitoring system, but not monitoring the actual monitoring system itself. This means if there is an issue in the monitoring system – a hard drive or memory failure, a network outage, or power failure – they don’t know about it. If you have a monitoring system that’s down, and you’re not aware of that, you’re exposing the business to increased chance of an undetected outage. To minimize this risk, set up a check of your monitoring in a location outside of where you monitoring is. Or go with a monitoring solution that’s not only hosted in a separate location.

Top Drivers behind Choice of Managed Services from MSPs

According to recent CompTIA survey of businesses, main decision drivers for businesses to outsource their IT to managed services providers are:

  • Improve efficiency and reliability
  • Enhance security and compliance
  • Proactive Maintenance Approach
  • ROI/Cost Savings
  • Free IT staff for strategic work
  • *Source: CompTIA 4th Annual Managed Services Trends Study survey

    How to Increase an MSP Business’ Profitability?

    The managed service provider field (MSP) has been increasingly profitable over the last few of years. The barriers to entry are considerably low in comparison to other competitive fields. Yet, many MSP companies find it difficult to ensure sustainable growth.

    These MSP enterprises might be having trouble retaining current customers and attracting new ones because they haven’t created a unique added value to their services. It might be that they’ve either failed to offer it in a cost-efficient way or because they aren’t investing enough in differentiating their product or processes.

    Regardless of the reason behind their lack of profitability, it’s important for these companies to learn how to leverage their information technology to build operational capabilities. The following are key activities that MSP companies should carry out in order to stay in business and scale intelligently:

    • Unique value proposition. Providing innovative services is the key to long-term growth. Identify the differentiated services the company offers and seek to deliver them at an affordable price.
    • Planning. This is a fundamental activity to set the goals and corresponding strategies for the company.
    • Marketing and selling. Market segmentation and targeting are necessary to ensure client profitability and helps reduce new customer acquisition costs.
    • Project management. MSPs need to have systems able to track metrics such as backlog, cash- flow, utilization, profitability by project and customer, etc. Continuous measurement and analysis of issues are also important to enhance business processes.
    • Accounting: MSP companies manage rigorous service level agreements under tight margins. Therefore, good management of cash flow including revenue, costs and expenses incurred are vital to succeed.
    • Leveraging the Resources of Outsource Partners: Successful service providers know that they need to scale to achieve critical mass and build a sustainable and successful practice. Establishing this scale through internal growth is often too costly and logistically impractical. Therefore most MSPs will look for ways to partner with service delivery companies that will enable them to grow while protecting their brand and customer reputation.

    Flexis helps you scale your MSP business by providing a solution that offers the cost and scalability benefits of traditional outsourcing services with the control and focus of hiring your own resources–without the headaches of managing a large staff.For more information on how Flexis can help you build and scale a thriving managed services Visit our website or contact us to learn about our unique approach and the advantages we can provide you!

    Should Big MSPs Continue to Partner?

    In a previous post, I talk about how the added efficiency from the scale of a traditional NOC service, with its shared service model, decreases as an MSP grows, and in fact the lack of process and tool flexibility can actually impede a mature MSP’s growth. This naturally leads to the question, should a large mature MSP still partner and if so why? I believe the answer is absolutely yes, but the partner selection needs to focus on different criteria.

    Dedicated Resources – Once an MSP has enough internal scale, the additional efficiency contributed from the scale of a traditional outsourced NOC is very small. At this point, the MSP is better served by finding a partner that can offer a dedicated team that benefits from a shared facility, infrastructure and management and that is located in an economically advantaged geography.

    This arrangement provides the MSP with the consistency that comes from always working with the same individuals, but with little facility and HR overhead. Additionally, the members of the team assigned to a given MSP will become very familiar with that MSP’s customers and will deliver better service over time. Operating within a shared facility and infrastructure, the MSP will still benefit from shared cost on those items that will not effect day-to-day service. Finally, an economically advantaged geography provides highly trained resources at a fraction of the cost that is available locally.

    Process & Tool Flexibility – When a VAR first embraces services and becomes an MSP, they will typically be weak on processes, but as they mature, they develop a deep understanding of what works for their customers and they may even acquire some large customers that have their own process requirements. At this point, the MSP needs a partner that allows the MSP to specify the process and tool selection and to perhaps set specific processes by customer.

    Flexible Resource Pool – Having a dedicated team is great for consistency and building specific knowledge to support your practice areas. However, there are times when a skill set is required either on a one time case or a periodic frequency that does not justify a full time resource within you team. To meet these requirements, an MSP needs to identify a partner that has a pool of specialized talent that can be drawn upon to meet a specific need or simply augment the staff to meet a temporary workload increase.

    By following these considerations, the large MSP will still benefit from improved service quality and reduced service delivery cost while still focusing their internal resources on high-value projects and closing new business.

    Traditional NOC Services a Perfect Beginning for a new MSP

    When a VAR first decides it is time to begin to shift their business to the Managed Service Provider (MSP) model, they start moving customer by customer away from break-fix and over to a managed service that fits their needs. This is often a process that takes months or years to get all the customers moved to the new model. In the beginning the scale of the managed services part of the business is very small and, because the VAR is new to managed services, they need help in getting their new business up and running. At this point the traditional shared services NOC is a great solution because the NOC provider has scale to operate efficiently with a wide breadth of capabilities and to do so 24/7. In addition, the VAR benefits from the process definition and advice they get from the provider.

    The Efficiency Seesaw

    An interesting shift takes place as the VAR’s MSP business grows. First, efficiency shifts. As the MSP side of the business grows the VAR’s scale approaches a point that the additional efficiency of provided by the shared NOC is minimal and the remaining efficiency gets lost in communications overhead. Add to that the lack of consistent service from individual to individual NOC engineer and you are actually operating at less efficiency than what you could with your own team. Secondly, as the VAR gains experience in the MSP business, they will want to be able to better define their services, procedures and workflow than is possible with a shared NOC provider. It is at this point that the value of a traditional shared NOC becomes negative and it is time to seek a new type of services partner.

    What’s Next?

    At this point, the VAR needs to make a choice to either build their own NOC and deliver their services internally or to find a different type of service provider that can bring many of the benefits of the shared NOC, but without the difficulties. In my next post I will describe what is involved in doing it internally, what this different type of provider looks like and explain why it still makes more business sense to continue to partner.

    When Traditional Outsourced NOC Services Break Down

    Traditionally outsourced NOC services (remote monitoring and remediation) are provided by NOC service providers from a pool of engineers that are shared among multiple managed service providers. Shared NOC services offer a number of valuable benefits for small VARs and MSPs including low-cost, efficiency, breadth of support and 24/7 operation to name a few. These are great when your business is growing and you are new to offering services.

    However as you grow, your needs may shift some and the shared services model offered by traditional NOC providers becomes less attractive. In fact, some of the items that are most attractive about the model when you are new to selling services are the very things that make the model so unattractive as your services business matures. We discuss some of the drawbacks of shared services for mature MSPs and ultimately some solutions in upcoming posts.

    Today’s topic is the fixed processes imposed by the traditional shared services NOC model.
    To manage the environments for many end customers spread out across a hundreds or thousands MSPs, shared services providers must unify all their processes. This means they have one way of doing things and that way applies to all their MSPs. This approach allows them to spread out the work across a large team; allowing any team member to do work for any MSP, since all the processes are consistent. This is fine or even preferable when you are starting your services business because you have not yet developed your own processes and your customers are likely smaller and willing to adapt or even unaware of the underlying processes.

    As you grow, your team becomes more sophisticated and you begin to attract larger and more demanding customers. At this point you may want to specify things like what days to perform patching or how escalate alerts. In a shared services model, your provider is unable to give you his flexibility. Many will even try, but the end result will not be good, because every time they do a patch or alert escalation for one of your customers, it ill be an exception for their team and an opportunity for an error. This becomes even more problematic when you need different processes for a few big customers.
    Our next post will talk about the efficiency sea-saw and delivery consistency.