We need to configure DCRUM for Office 365 which is hosted on cloud. We need to measure the performance for the user who are accessing office 365 from LAN. We shall place the AMD near to the Proxy server and would like to know if It is mandate to get the SSL key to decrypt exchange traffic or if we don not get SSL key , what would be the performance measures we will not get
In order to decrypt the traffic the SSL private key is necessary.
Without the key DCRUM can report on the SSL encrypted traffic too. Information such as:
Source IP addresses
Time of day when the services are used
SSL versions and Ciphers used (in later 12.4 DCRUM versions)
Plus all the standard network metrics
Volume of traffic (bytes and packets)
Availability - from a TCP standpoint
DCRUM 12.4.13 can auto-detect those cloud services as well. Auto-created software services such as "Office365-Sharepoint Online", "Office365-Exchange Online", "Microsoft Office Online" will be created.
The HTTPS software service (or SSL created software services) will show the SSL/Cipher versions.
Auto-detected Office365 software services will not show the SSL/Cipher version in 12.4.12. However DCRUM 2017 will show SSL/CIpher information for them.
Hi John L, Thanks for the response. Can you please share the example or list of metrics which we will get if we use the SSL key. That is something we need to understand. What all metrics we are going to miss if we do not get SSL key.
It's very unlikely you'll get the private key for O365 monitoring, that's Microsoft's private key, and would potentially expose many customers traffic.
So we're left with the non-decrypted SSL monitoring.
We'll get volumes of information, bytes/packets, the URL host names of the traffic (not path/page names). And some basic timing around SSL setup time, round trip time etc. You won't get operation times (because we can't see operations when they are encrypted). You'll also be able to determine the cipher suites in use, and if any of those are performing better/worse than the rest. Errors from the SSL layer will be reported, but again can not see if any page errors occur because that's all encrypted.
This will all work with zero-config because we support O365 with the auto discovery rules on the AMD.
There are private instances of Office 365:
If this is what your refering to @Meenakshi P. then you will be able to see almost everything that is running in that cloud.
Here is a list of what the PUBLIC Office 365 uses in terms of URL's and TCP/UDP ports.
You will of course see slightly differently named URL's related to what the private domain is named, but the PORTs will be the same
You will not be able to properly decode things that are not transactional such as the chat and similar things.
Hi Chris V,
Thanks for your insight. I do agree not quite possible to get the private key for Office365 from MS. It seems DCRUM only provide basic network performance metrics.
Can auto-discovery display the tasks / operations name in May2017 ?