As a server farm matures, its managers often come to lean on KVM switches, because using a single keyboard, video, and mouse to control a small stack of servers and/or workstations is vastly more efficient. But as a stack grows, managers find themselves tied to the noisy computer room by their switches' limited range.
Enter a new generation of IP-enabled KVMs. The secret sauce of IP allows remote collaboration and control, so the exact same display can be seen in your remote NOC in Sao Paulo, Brazil, while the expert in Paris collaborates from home.
We put three KVMs to the test and found that, although they may share the same acronym, they are each suited to different markets. Avocent and Raritan's higher-end and midmarket solutions move away from the old proprietary KVM cables to sleek new dongles hanging off of CAT5 cables -- pushing your range out to 30 meters. The lower-end StarTech.com KVM uses relatively normal KVM cables to extend your range.
Anyone who has set up a traditional KVM knows the pain of rerouting thick, fixed-length KVM cables through their server racks. Such cable pain is easing now, as KVM vendors pick up the trend toward using the same UTP (unshielded twisted pair) wire -- CAT5 -- that has been used for years with Ethernet. With some solutions offering 30 meters of CAT5 to work with, cleaning up the rat's nest in your server racks isn't quite so daunting.
Our only gripe about this new generation of KVMs is how all vendors have tied their remote power control to their power strips. Being able to remotely power cycle a hung server without driving into the office is even better than sliced bread; but we would have loved a power-down command tied to a customizable macro to accommodate legacy power devices.
Avocent DSR1021 and DSView 3.0 Avocent sent us Version 3 of its DSView console aggregation server software, plus the DSR1021 KVM. After getting over the sticker shock of DSView's required dedicated Windows server, we started to see the benefits of the DSR1021's hub/spoke aggregation: You can allocate resources to follow your organization's layout, while giving all your remote systems administrators a single sign-on.
Well-thought-out touches such as subnet device discovery, a long list of keystroke macros, and several levels of organizational hierarchy make learning to use DSView easy. DSView supports LDAP/NT Domain/Active Directory or Radius authentication to control access with resources grouped by server, location, department, or site.
The DSR1021's initial setup process was a bit disappointing because the network settings can be changed only through the console serial port despite having a perfectly good local console available. The local console interface, OSCAR (On-Screen Configuration and Activity Reporting) gives the user a great deal of control, enough that we wondered why it didn't have the password enabled by default. OSCAR's floating control window names and groups the servers attached to the KVM in a neat, easy-to-read display, all while allowing control over multiple, scalable remote sessions.
Although it isn't an embedded piece of the KVM, DSView is a superb management tool; the UI is simple but powerful. You can set each server's site, location, department, and contact information -- a nice feature to have if you must find one of the servers to fix a problem.
Encryption of the full video stream seems to scream compliance, and the grouped firmware updates spell relief from midnight drives to branch offices. Furthermore, DSView's distributed architecture prevents downtime by providing fail-over to other DSView hubs through a replicated environment.
Although this sounds cool, DSView's hunger for power shows that Avocent really is expecting to have the entire Windows server all to itself. Considering just how much horsepower IIS is capable of serving up, we're still wondering why Avocent so strongly suggests that the server not be shared. With a dedicated Windows server behind DSView, you might also think that a few cycles could be dedicated to supporting, say, Java in addition to ActiveX, but at this time it supports only Internet Explorer 6 or later.
Raritan Dominion KX432 and KX232 Both of the Raritan devices are 32-port KVMs; the KX432 supports four simultaneous remote users and the KX232 supports two. As opposed to Avocent's KVM, Raritan's has an embedded Web server for its remote access -- it doesn't force you to build the infrastructure for large numbers of remote users from the start.
We opened remote sessions from a pen tablet using Java and ActiveX browser plug-ins with IE and Netscape. You're still forced to use a few ActiveX plug-ins for Windows, but full Linux compatibility seems to be close at hand.
Given Raritan's goal of browser-agnostic operations, it would have been nice to be able to hide inactive ports without dongles. User and group profiles can be set only from the Dominion administrative Java applet, but when there, you can limit access to any or all ports, limit power cycle, restrict to view only, and toggle administrative functions on and off.
Raritan's answer to Avocent's DSView is the 1U CommandCenter appliance, which we were not able to review. CommandCenter aggregates the bulk of the Raritan product line into a single address with a single look and feel and provides the necessary horsepower for large numbers of KVMs and serial console servers, adding in TACACS+ (Terminal Access Controller Access Control System) support.
In our experience, the powerful admin applet can get cumbersome, but even without CommandCenter, the Dominion series is capable of delegating responsibility for each port with rights varying from view only to allowing the addition of new users or remote power cycling.
Initial network configuration is performed through an options window on the local console, in contrast to the serial cable setup on the Avocent. We did experience a problem with the KX432 being unable to find the gateway when we plopped it into the DMZ behind a firewall. This was not hard to debug but would have been easier to diagnose if the Dominion at least had ping or traceroute at the local console.
StarTech.com SV841HDI The SV841HDI falls into a much cheaper category of KVM over IP switch. Whereas the other switches in this test accommodate multiple simultaneous interactive users and utilize CAT5 cabling to connect to racked servers, the SV841HDI allows only one interactive user at a time -- although multiple users can view the session -- and uses relatively standard KVM cabling. On the other hand, it costs significantly less than the other solutions -- approximately US$1,495.
The SV841HDI uses specialized cabling to condense keyboard, mouse, and video connectors into a single, 15-pin HD video connector on the back of the unit. The other end of the cable is a standard 15-pin video connector with either PS/2 mouse and keyboard connectors or a USB connector. This eliminates some clutter, but it hardly matches the space savings of the Avocent and Raritan solutions.
The KVM runs a lean Linux distribution and offers serial, Web, and SSH connections to the unit itself. By default, it will request a DHCP address and offer an SSL log-in page, which can be used to configure the device and spawn remote console sessions.
All remote console sessions are driven by VNC (Virtual Network Computing), with the SV841HDI offering a multitude of connection options, including a built-in Java VNC client for SSL and non-SSL connections or a server call-back to a listening VNC viewer on a PC. It's also possible to simply point a VNC viewer at the device IP and log in to the console.
No matter how you connect to the unit, the display is the same. The VNC session contains the server console and a menu bar along the bottom that permits switching between connected servers, video, and input device tuning, session statistics, and unit configuration. It's very complete, if not very attractive.
Of course, it's possible to use the KVM switch as a local switch, too, as the on-screen display handles standard options such as connection naming. Outboard serial and power control is available with the appropriate accessories.
The SV841HDI's performance isn't as solid as the other solutions, as only 8-bit color depth is available to the user, and rapid video resolution changes can confuse the switch for a few seconds. All in all, it's the least-cooked KVM switch in the test, but the price makes it worthwhile for a small shop.
Switching it up The switches in this test definitely represent the breadth of the IP KVM marketplace. With Avocent's concentration in the multilocation, distributed KVM environment, we could easily see DSView sessions being projected at the front of both a primary and secondary NOC for any multinational corporation.
Raritan's modular approach suggests a starting point more in line with the budgets of small to midsize companies, whereas StarTech.com pulls up the low end. Both of the UTP-based solutions work great and can scale, but Raritan seems a slightly better choice for smaller installations because it allows a small number of remote users without the sticker shock of Avocent's dedicated Windows server. And for the small shop looking to provide remote console access via IP, StarTech.com SV841HDI's low price is quite attractive. -- InfoWorld (US)
Join the CIO New Zealand group on LinkedIn. The group is open to CIOs, IT Directors, COOs, CTOs and senior IT managers.