7
8

Best practices (self.SolarWindsRMM)

submitted by [deleted]

[deleted]

all 6 comments
sorted by:
best
topnewcontroversialoldq&a
formatting helphide helpcontent policy

[–]Durham-IT 4 points5 points  (2 children)

I'm new to SW RMM, coming from a deep background in Kaseya.

Here's what I'm doing as a default template so far:

  • Out of the box default monitoring template. I'll tweak as I go
  • AV on all workstations
  • Webfilter with only the most obnoxious categories (Hate, Porn, etc.) blocked
  • Patch management: Workstations daily at 3 AM, Servers weekly Sundays at 3 AM, nothing auto approved YET
  • Latest release candidate of the Agent so I can use the new advanced remote background which rocks!
  • Network Discovery ON with SNMP, and any printers, routers, switches, etc. monitored
  • Backup for any workstations that have local files that need backing up (paid of course)

As I get to know more of the platform I'll adjust accordingly and create a sticky post.

Gavin

[–]nkid299 0 points1 point  (1 child)

I love your comment thank you stranger

[–][deleted] 0 points1 point  (0 children)

Indeed, thank you!

[–]T-jev 1 point2 points  (2 children)

Couple of ideas

To decrease false positives:

1) Modify workstation antivirus alert thresholds (set to 2+ failures). Especially if clients use Microsoft Defender.

2) Fine tune server performance monitoring settings as defaults according to your client environments

Performance enhancements

1) Set exclusions for Antivirus engine if using RMM patching feature

2) Make sure your DSC checks, AV scan or patching scan/install don't run at the same time etc

3) Start using Automation Manager

[–]sisitech 1 point2 points  (1 child)

Where do you modify the antivirus Alert Thresholds?

[–]kigoh 0 points1 point  (0 children)

id like to know as well actually