When Considering a Centralized Management Solution, Know the Advantages of a Turn-Key Appliance

Posted on August 19, 2011 by Derek Finch

In the server world, an appliance is a completely enclosed turn-key unit, in which the operating system, application software and client interfaces are integrated into one easy to deploy package. Administrators don’t need to spend nearly as much time managing an appliance as they do a typical server. The hardware and software is pre-installed and configured by the manufacturer and is typically a plug and play device. Very secure, hardened appliances also require no management of security tools such as firewalls and anti-virus software. For several years, Raritan has provided its CommandCenter Secure Gateway centralized management solution in the form of an appliance. Rack mounted hardware and virtualized versions are available. The hardware (or physical) appliance is deployed as a two unit “cluster” for easy primary/secondary redundancy. When added scalability is needed, primary units can be set up in a multi-appliance “Neighborhood”.

Other solutions in the market are available simply as Windows or Linux applications and use what’s known as a “hub & spoke” configuration to enable scalability and redundancy. A hub & spoke solution consists of one primary host or “hub” server and one or more secondary “spoke” servers. Access & management application software is installed on each server in the configuration and are identified as either a hub or a spoke. Each hub & spoke server contains a database for storing user, configuration and system information. Each unit also serves as a point for authentication, user access rights, logging and licensing. One of the servers is assigned “hub” status and contains the system’s master database.

Because CC-SG is provided as a completely enclosed turn-key appliance, the operating system, application software and client interfaces are integrated into one easy to deploy package. Conversely, the leading hub & spoke solution consists of a software package which runs on servers that customers must provide themselves, manage and maintain. While CC-SG customers can look forward to an occasional firmware upgrade, hub & spoke administrators have to worry about maintaining server operating systems, firewalls, anti-virus software, spyware, hardware maintenance and much more.

It’s important to note that while the Neighborhood feature is an excellent option for increased scalability and other benefits, the performance of just one CC-SG exceeds the needs of a vast majority of organizations. A majority of customers install only one primary CC-SG, along with a backup unit if desired (i.e. one cluster). And in most cases, when a Neighborhood is deployed, they consist of only two units. Compare this to a hub & spoke configuration, which often includes three or more servers.

Other key benefits of appliances:

Less Network Overhead: Because CC-SG users enter the Neighborhood through only one of the member units – and can then access any target that’s connected to any other CC-SG in the Neighborhood, there is no synchronization of databases among the primary units. In terms of a cluster, the database of a CC-SG primary/backup cluster is kept in sync in real-time. No scheduled tasks are needed. And because updates are constant, they are very small – instead of scheduled bulk updates.

Network overhead in a hub & spoke configuration is considerably higher. Access to target devices is available from the hub or any of the spokes. And each server also has a role in failover and backup. As a result, to ensure accurate rights management, logging and reporting, significant database synchronization – and therefore significant use of the network – is required.

More Secure Access: CC-SG users access all targets – even those directly connected to and managed by other Neighborhood CC’s – through one “home” CC-SG. Users can use any of the Neighborhood units as their home CC-SG, but there is only one possible point of access to the Neighborhood. Administrators can ensure that all management occurs through one point of access.

Hub & spoke users can enter through any server in the configuration, so access rights management can be a significant chore. And, due to CC-SG’s low security profile, Linux-based appliance architecture, it is much more immune to viruses and hacking.

No Single Point of Failure: With the easy implementation of a CC-SG cluster, customers instantly eliminate any single points of failure. It’s worth noting that CC-SG primary units have an extremely high availability rate and the backup is rarely used.

Conversely, hub & spoke solutions often need to utilize a load balancing switch to help improve performance. In such a configuration, however, the load balancer is a single point of failure because it serves as a “front end” to the hub & spokes that all traffic must travel through first. A CC-SG Neighborhood does not require a “super-unit”, hub, or other single point of system management.

Lower TCO: A vast majority of CC-SG customers utilize a single cluster solution, which supports access to several thousand target devices by dozens, and sometimes hundreds of users, depending on the types of tasks performed. When a Neighborhood is deemed to be a good fit, there is often no need to expand past two primary units for maximum performance.

The typical hub & spoke configuration consists of three or more servers. More spokes means more licensing and warranty costs, more cost of administration, more rack space, more network cabling and more power consumption.

Appliance pricing, licensing and maintenance models are more straightforward and simple. They’re also more cost-effective. In a cluster for example, because only one unit at a time is being used to access IT resources, only a single license fee is charged. This saves customers thousands of dollars relative to the typical hub & spoke solution, which requires duplicate licenses for each server.

To summarize, compared to a more complex hub & spoke approach, which can require significant management overhead of multiple 3rd party servers, constant dB synchronization and complex licensing, appliances enlist a straightforward failover and expansion approach. Licensing is straightforward when compared to the often confusing array of licensing options needed to cover a variety of hub/spoke combinations. As a result, a typical appliance-based solution costs thousands less than a hub & spoke deployment.

Posted in Access and Management, Data Center | Tagged , , | Leave a comment

Dominion KX II Release 2.4 Available

Posted on July 18, 2011 by Richard Dominach

 Dominion® KX II is Raritan’s enterprise-class, KVM-over-IP switch that provides anytime, anywhere  remote access and control.  Release 2.4 provides many new and exciting features including (1) mobile KVM access via Apple iPad /iPhone and (2) digital audio over IP for broadcast customers.  The KX II is the first KVM-over-IP switch in the industry with these features.  CC-SG Release 5.2, available in early August, is required for the mobile KVM feature.  

 Release 2.4 has many other exciting features including:  an auto scanning feature with real-time thumbnail views, scripts that automatically execute when connecting/disconnecting from a server, enhanced virtual media for LINUX and MAC users and support for the latest browsers.

 With Release 2.4, the Dominion KX II continues to be the world’s best and most secure KVM switch.  And the only KVM-over-IP switch with mobile KVM access and digital audio.  For more information, see raritan.com.

Posted in Access and Management, Data Center, Government Security Compliance, KVM, Remote Office Management | Tagged , , , , , , , , | 8 Comments

DCIM – How Do I Decide What’s Right For Me and Cut Through All the Hype and Confusion?

Posted on July 15, 2011 by Gary Marks

As SVP of Global Sales and Marketing for Raritan, I have had the opportunity to speak with many different companies around the world that have been considering a DCIM solution. In most cases, the conversation quickly turns to “with over XX companies and growing claiming to have some sort of a DCIM solution out there today, how do I chose the right one?” I can see the frustration on their faces as they try to decide which solution is right for their specific needs. At this point I tell them to take a deep breath and then I try to help them simplify the problem down to some basic needs.

First, let’s identify your top one to two most pressing needs. What problem or problems are you trying to solve? Are they in the areas of asset management, capacity planning, energy management, visualization, change management or environment management? Sure many of the companies that offer solutions in the DCIM space claim to offer all of these features, but do they really solve the problem that you are facing? Chances are not. Don’t try and boil the ocean. Solve for the few biggest problems first.

Next I ask them how, if at all, they are getting the information they need to solve the problem today. Is it in a spreadsheet, on a clipboard at the end of the aisle, in a document on their computer or is it nonexistent? Regardless of the answer, the goal is to get that important information into a system that can provide them with the capability to not only see all the data, but take positive action to solve the problem or problems. You can’t manage what you don’t measure.

Finally, once the problem definition is agreed upon I ask them if they are ready to dedicate the internal resources to make the system a valuable dynamic tool both today and in the future. This is where it is very important to establish up front if the company is planning to deploy and maintain the system themselves or seek outside help for some or all parts of this. It is critical that a statement of work (SOW) is established defining process, timeline and most importantly ownership both internally and externally. This will give all parties involved the ability to set fair and reasonable expectations of the DCIM solution and a high probability of success. It is also critical as the software license, the installation/professional services costs and the ongoing resources costs will make up the total cost of ownership.

At Raritan we know that our customers have many choices of vendors to choose from.  We always strive to not only take the time to understand all the upfront requirements, but also exceed our customers’ expectations with our products and services. We are committed to making every customer a delighted Raritan customer.

Posted in Uncategorized | Leave a comment

Raritan at Cisco Live!

Posted on July 1, 2011 by Katherine Castro

2011 Cisco Live!
Raritan Booth #849
July 11-14, 2011
Mandalay Bay Resort and Convention Center
Las Vegas, Nevada

Posted in Uncategorized | Leave a comment

Data Center Monitoring

Posted on June 22, 2011 by GregM

Raritan recently contracted with the Datacenter Research Group (part of the Datacenter Dynamics organization) to conduct primary research and produce a white paper on monitoring power and environmental conditions in United States data centers.

The key findings are that most owners and operators of data centers engage in monitoring proving the mantra “you can’t manage what you don’t measure.” However, the research also pointed out some of the inadequacies of past practices.

  • The vast majority of US data centers monitor energy consumption, temperature and humidity, typically on a “continuous” basis.
  • Energy efficiency, carbon output and power quality are monitored irregularly and only within the primary/main facility.
  • In some cases, reporting is led by what the technology can deliver rather than what the facility requires. Reporting is critical in translating “data” into actions.
  • Levels of satisfaction with monitoring and reporting are at best “subdued.” Linking monitoring and reporting to continual improvement processes increases satisfaction levels.
  • There are concerns about the ease of integrating different monitoring processes to provide a “whole of portfolio” picture.
  • As data centers move towards becoming “dynamic” facilities, monitoring needs to move from simple to multivariate analyses, from simple alerts to establishing control and moving from reaction to prediction.

The 14-page research white paper and two-page summary are available at: www.raritan.com/resources/white-papers/power-management/.

Posted in Data Center, Energy Consumption Measurement, Energy Monitoring, Facilities Management | Tagged , , , , , , , | Leave a comment

For Existing CC-SG Customers It’s Easy to Migrate to a Virtual CC

Posted on May 24, 2011 by Derek Finch

My last few blog posts have focused on the benefits of deploying the CommandCenter Secure Gateway as a virtual appliance (VA). Now, with the release of CC-SG 5.1, it’s time to talk about how CC-SG hardware appliance users are shifting over to a “virtual CC”.

First, a quick review . . . In November 2010, Raritan made CC-SG 5.0.5 available as VA – thereby providing customers with two deployment options: physical (i.e. hardware) or VA. Version 5.0.5 was the vehicle for delivering “Virtual CC” to the market; 5.0.5 firmware does not run on the physical appliance.

Now back to the future. I specifically mentioned release 5.1 above because this is the first version of CC-SG firmware that can run on either the physical or the virtual appliance. Because of this, the two appliance types are interoperable and the CC-SG database of one 5.1 unit can easily be copied over to another 5.1 unit – physical or virtual.  As a result, physical appliance owners now have an easy avenue toward moving to a virtual appliance if desired.

Here’s a high level snapshot of the steps involved with migrating to the virtual appliance:

1. Upgrade your physical appliance to 5.0 and then to the latest firmware level (currently 5.1).
2. Order and install the virtual appliance (CCSG128-VA) and licenses, including any add-on license(s).
3. Pause management of all devices being managed by the physical appliance by using the new Pause Management feature in 5.1 that supports performing this action on a bulk basis.
4. Copy the physical appliance database to the virtual appliance (see below).
5. Resume management of the aforementioned devices on the new virtual appliance.

Note that if two physical appliances are operating as a primary/backup cluster, only one VA is needed. The CC-SG VA utilizes VMware’s failover features in lieu of a dual-appliance cluster. This is one of several cost benefits of opting for the virtualized solution. Other benefits include no additional cabling, IP allotment or hardware warranty. And because the first year of software maintenance is included with the VA, support costs are deferred as well.

As mentioned, with this current release, the physical and virtual appliances are interoperable. As a result, customers who’ve considered adding to their CC-SG footprint (e.g. create a CC-SG “Neighborhood) but prefer to go virtual can leave their physical units alone and add virtual appliances to their configuration.

Going virtual has several benefits; consolidation, energy savings – and now it’s an option for deploying the most comprehensive centralized IT management solution available.

Posted in Access and Management, Uncategorized, Virtualization | Tagged , | Leave a comment

How to Calculate Current on a 3-phase, 208V Rack PDU (Power Strip)

Posted on March 14, 2011 by Henry Hsu

Problem Statement

In recent years, extending 3-phase power distribution all the way to server cabinets and racks has become extremely popular in new data center builds — for many good reasons. Principally, for cabinet power capacities above 5kVA, utilizing 3-phase rack power strips ca significantly reduce the copper required to supply such dense loads.

But unfortunately, many users (rightly) find it cumbersome to provision and calculate current (amperage) for 3-phase power in the rack — for example, a typical question would be:

If I plug in a 250W power supply (about 1.2 amps) on this receptacle right here, how will that affect the current that flows through each of the three phases of this rack power strip? Which one will be closest to tripping a circuit breaker?

In North America, where 3-phase, 208V power distribution is wired “line-to-line”, the answer to this question is particularly counter-intuitive. I was astonished to find that the almighty Internet offers virtually no good tools to help answer this question, and so created one together with my colleagues at Raritan (link follows).

Why 3-Phase (208V) Power Strip Loading Is Difficult

With single-phase power strips, loading and provisioning is straightforward: if you add a device to the rack that draws 10 amps — in turn, 10 amps of additional load is drawn from the input line of the power strip.
Continue reading

Posted in Data Center, Energy Consumption Measurement, Power, Power Distribution | Tagged , , , , , , , , | 8 Comments

Dominion KSX II Firmware Update – Release 2.3

Posted on February 21, 2011 by Richard Dominach

The Dominion KSX II combo KVM/IP and secure console server has been upgraded to include all KX II Release 2.3 features, except tiering/cascading.  This includes FIPS 140-2 encryption, Smart Card/CAC and other security features, making it ideal for government, military and other security conscious customers.

The KSX II supports 4 or 8 “true serial” connections for remote/branch office deployments, as well as racks requiring both KVM and serial connections.  A “true serial” connection gives secure console access over IP without the use of an expensive dongle.   In addition,  third party SSH clients can be used in addition to Raritan’s Serial Client with features such as logging, cut and paste, and secure chat.

If you have branch offices or racks with serially and KVM controlled devices then the Dominion KSX II can give you anytime/anywhere KVM and serial remote access.

Posted in Access and Management, Blade Management, Government Security Compliance, KVM, Remote Office Management | Tagged , , | Leave a comment

Bandwidth Usage for KX II HD 1080p Resolution?

Posted on January 7, 2011 by Richard Dominach

A customer recently asked how much bandwidth the Dominion KX II KVM-over-IP access uses, specifically for the full HD (1920×1080) resolution.  This is a common user question.  The answer is as follows.

There is no fixed bandwidth for the KX II products. The bandwidth depends on how much change there is on the video screen at the particular instant. So if there is no change on the screen, then there will be no or very small amount of bandwidth. If the user is playing a movie, then there could be very large bandwidth. Of course with larger video resolutions, then there will be more bandwidth than with a smaller resolution.

There is a feature in the KVM clients to see the amount of bandwidth being used. This can be used to check the bandwidth.  There are several settings to decrease bandwidth, as well as some helpful  tips on managing bandwidth in the KX II User’s Guide called ‘Bandwidth and KVM-over-IP Performance’ that the customer may find useful.

Posted in Access and Management, KVM, Remote Office Management | Tagged | Leave a comment

The Datacenter Journal Provides Good Insight Into the Benefits of the New CommandCenter Virtual Appliance

Posted on December 6, 2010 by Derek Finch

A recent article in The Datacenter Journal provides a quick overview of the new virtual CommandCenter Secure Gateway and sums up its benefits very nicely.  Please check it out here.

One quick and minor correction:  The evaluation version now enables access to sixteen nodes (e.g. servers, virtual machines, routers, PDU).  The previous version supported access to only ten.

Posted in Uncategorized | Leave a comment