control.connect.communicate

Home >> Solutions >> Server Management

To undertake management of their systems IT administrators and data centre staff need responsive, reliable, secure and easy-to-use server access in order to configure, change or fix any server problem in the shortest possible time and their physical location even if they are remote should not prohibit them from performing any of these tasks.

In most organisations there are three types of server access required:

At the Rack

Data centre administrators typically interact with individual servers through a simple, direct-connect analogue KVM switch. All the KVM cables from the servers connect directly to a KVM switch, which in turn has a physical keyboard, monitor and mouse attached.

Across the Hall

Capacity planners, troubleshooters and network engineers may also need management access to the server, but won't necessarily need to be located near the servers. They may however be based in the same office or campus and will need to access the KVM switch as if they were connected directly to it.

Remote Data Centre Access

High-level operations centre managers, may require remote access to servers. These employees may be located at headquarters or in another state or country and need KVM connections that operate over a network - WAN, VPN or the Internet.

Using an IP network to access and manage servers in a remote data centre is known as KVM-over-IP. Data centre operations staff get convenient capability in KVM-over-IP but - depending on the manufacturer of the equipment this may present tradeoffs in bandwidth utilisation and responsiveness.

Addressing these tradeoffs means making sure the vendor's KVM-over-IP tools provide a level of encryption, compression and bandwidth control to meet current and future security and performance requirements.

Remote Office Access

In addition to needing remote access to servers in the data centres, IT staff are often also responsible for the management of servers and networking equipment located in remote offices and branch offices. This remote office equipment can consist of a wide variety of devices including:

Usually, employees located at these remote sites do not have IT expertise and therefore do not have the skill set to troubleshoot and manage the infrastructure. In some cases, data centre staff use software solutions to perform remote infrastructure maintenance. However, software solutions only work if the network is up and, in the case of servers, if the server OS is healthy. When the network is down, or when the server OS has crashed, on-site employees may need to go to the data centre to press the reset button, and then if the router or server does not come back up, it will require a costly trip to the remote location to reboot the server.

KVM Over IP

KVM switches provide the ability to access and control servers that have a Keyboard/Video/Mouse interface. They simulate the experience of being inside the data centre and accessing the server directly.

KVM-over-IP switches provide the same experience, but over a secure IP connection. One significant advantage of this is the ability to access servers from anywhere, which makes it ideal for accessing and controlling servers in remote offices. Whether IT administrators are at their HQ location or at home at 2 a.m, they will have access to their branch office assets.

What's more, KVM-over-IP switches provide both in-band and out-of-band access. In other words, the IT staff can access and control their servers either at the OS/application level or at the BIOS level if the OS is unresponsive. For extra peace of mind, KVM-over-IP switches with integrated modems provide dial-up as an alternate access method in the event of a network failure.

Additional value-added features like Virtual Media enable IT staff to transfer files from their desktop, CR-ROM or USB stick to servers across the globe. This is an ideal tool for upgrades and patches that need to be installed at numerous remote locations.

Managing Blade Servers/iLOs

Data centres are running out of critical resources - space, power and cooling - even while the need for computing power continues to grow. To help address this dilemma, businesses are increasingly deploying blade servers. Besides providing space savings, a blade server drastically reduces the number of physical network, power and storage interconnects, and potentially simplifies server deployment, troubleshooting and repair.

According to Gartner, blade servers represent the fastest-growing server segment, led by IBM, HP and Dell; and by 2012 will increase to 20% of all server shipments.

However, data centre infrastructure managers continue to discover that blade servers also create complexities of their own:

Remote server administration becomes more difficult. Blade systems add yet another vendor proprietary technology and management system to the already complex server mix.

Local blade access is cumbersome and insecure. When a user interacts with a blade chassis using a keyboard, mouse and monitor, only a blank screen welcomes him; users must navigate to the intended blade with a cryptic set of hotkeys which vary between manufacturers. Worse, from this local interface, users cannot determine how many blades are healthy, nor which exact blade he is currently controlling.

Security is compromised. This is due to lack of centralised user authentication, authorisation and audit logs when using multiple access methods. Since so many different methods can be used, there exists no central access control or auditing of server access activities performed on blades.

Serial Console Switches

Secure console management has become an essential requirement for operating today's complex data centres and managing assets across distributed environments. IT organisations need to give their core team of skilled sysadmins ready access to critical business computing resources on an anywhere/anytime basis. If that access is not adequately provisioned, core systems may under-perform or fail - with potentially disastrous consequences for the business.

Vendors have generally offered IT a choice between two different approaches to console management: terminal servers or browser-based solutions. Each of these approaches has its own appeal. Terminal servers use a familiar command line interface (CLI) and can be effectively secured using a secure shell (SSH) protocol. Browser-based solutions offer the advantages of ubiquitous desktop/mobile Web access and standardized protection under the Secure Sockets Layer (SSL) protocol.

Other capabilities further differentiate these two approaches. Depending on the vendor, each approach may support different terminal emulations - and therefore different platforms and devices. A browser-based product may not provide for out-of-band access in the event of a denial-of-service attack. An SSH-enabled terminal server may offer little or no port buffer caching, rendering it unable to deliver the console messages and alerts sysadmins need to effectively administer a remote system.

Centralised Management

Having tens, hundreds or over a thousand locations to manage can be a daunting task. Even with KVM-over-IP, secure console servers, Baseboard Management Controllers (iLO, DRAC, RSA) and intelligent PDUs to address remote troubleshooting challenges, the need to track all of these heterogeneous assets in a consolidated view is essential. The following solutions support a wide breadth of devices, as well as advanced security and authorisation capabilities:

Raritan Command Centre - The CommandCentre® Secure Gateway management appliance allows IT administrators to manage virtual and physical IT infrastructure remotely from a single web browser interface. CC-SG aggregates console access and remote power control capabilities to devices in multiple local or remote data centres, providing a simple, centralized gateway to diagnose and resolve problems quickly.

Avocent DSView - DSView 3 management software enables secure, out-of-band, centralised management of all connected IT and network devices in today's often complex and geographically dispersed data centres. By consolidating all data centre management functionality into a single interface, DSView 3 software delivers the complete data centre control necessary for the 24/7 data centre.

Raritan dcTrack - dcTrack™ enables you to maintain accurate, real-time views of your data centre server, blades, virtual servers, applications, data networks, IP addressing space and cabling. It also provides up-to-the-minute views of your centre's power consumption, heat dissipation, raised floor space and rack elevations.

Avocent Mergepoint Explorer - MergePoint Infrastructure Explorer provides visual documentation of data centre assets and utilisation, enabling accurate and comprehensive capacity planning and detailed assistance for operations and maintenance. When used in conjunction with Avocent® hardware and DSView® 3 management software, Infrastructure Explorer allows you to connect to and manage devices visualized in the application.

Remote Office Management

While the proliferation of branch and remote offices is a positive sign of company growth, it can be a challenge for IT staff. Besides managing data centres, IT teams take on the additional responsibility of managing and repairing branch office assets like routers, switches, firewalls, WAN optimizers and servers.

Employees who work in these remote locations typically do not have the IT skills to troubleshoot problems. To overcome this challenge, many IT staff use remote access software to diagnose and repair branch office problems. However, these tools are only useful if the OS and network are functioning. If the network or OS is down, an on-site employee might be asked to go to the server closet and address the problem. If that doesn't work, then additional costs in travel, time, and lost business might be incurred.

The following challenges are often seen with the management of remote offices:

Control and Complexity: Branch office networks can have an array of heterogonous components in terms of devices and manufacturers. The increasing complexity of these networks brings an increased concern about failures and how to fix them. Also, with hundreds, or potentially thousands, of IT assets spread out across the globe, the need for a centralized dashboard to provide management of these devices becomes critical.

Security: Many branch offices, especially retail locations and banks, contain sensitive customer information and/or credit card data that can be vulnerable to intrusion without the proper safeguards. The proliferation of Wi-Fi in branch locations adds yet another layer to this security concern.

Limited Budgets and Resources: Typically, remote offices do not have their own dedicated IT staff. In this common scenario, it is incumbent on the HQ-based IT administrators to diagnose and correct networking and server problems. Sometimes, this involves traveling to the location to troubleshoot, which can increase the Mean Time to Repair (MTTR) as well as increase costs from travel expenses.

If the problem is critical and must be corrected immediately, then travel might not be an option. Remote access tools become an ideal way to log in and correct IT issues in the branches. Most remote access solutions are segmented into in-band and out-of-band categories.