KVM over IP: keyboard, video and mouse streamline systems management

Computer Technology Review, Oct, 2004 by C.C. Fridlin

Today's distributed computing environment poses challenges for network administrators, to be sure. Computers, peripherals and networking equipment are often spread around the building, around the campus--even around the world in branch offices. And, the mission-critical nature of those computers and equipment for most businesses today means that downtime--or even slow time--is not tolerated. Nevertheless, the imperatives of network administration (security, reliability and cost-effectiveness) remain.

Centralize and Standardize

To help achieve centralization of control, many IT departments have implemented KVM (keyboard, video, and mouse) switching systems, which evolved from the impracticality of having separate keyboards, monitors and mice for each system within a server room. KVM facilitates access to connected devices from a single console station. Access that provides administrators a means to monitor and manage connected devices as if they were at the device--right down to the bios level. Early analog KVM units helped simplify administration of high-density server racks, but distance limitations required that they be placed near servers, handicapping their utility. And, they required proprietary cabling to all devices to be managed, adding a layer of complexity that made adding devices a chore, as well as using valuable space. And, with all that, the number of users for which the systems could provide access was limited.

Digital IP-Based KVM

Introduced in 2000, digital IP-based KVM systems overcome limitations in traditional KVM, and deliver many more benefits for managing heterogeneous distributed networks. IP-based connectivity delivers four major advantages. First, and most obviously, it eliminates the need for specialized cabling, as it leverages existing infrastructure. Second, IP-based connectivity removes distance and other limitations of analog KVM systems, for a more flexible centralization of control. Since digital KVM signaling is based on the IP protocol, network administrators can control servers and other devices in the data center--or across the globe--from any computer with a Web browser. It also means that almost any number of users and devices can be added or altered without complex reconfiguration, because it identifies devices by IP address. Finally, client software can leverage IP technology to provide substantial administrative control. This control includes session sharing, monitoring of server status, keyboard emulation of multiple platforms and centralized logging. Such software also supports administrative flexibility with macros, window resizing and graphical representations of KVM appliances and attached servers.

[ILLUSTRATION OMITTED]

How it Works

With a digital KVM over IP system, the administrator connects to the targeted remote computer via viewing software on the local machine. The remote system is connected to a KVM appliance that takes the analog video output of the target computer, digitizes it, and sends the data across the IP network to the administrator's screen. As the administrator presses keys or moves the mouse, the viewing software application transmits the information back across the IP network to the remote KVM appliance, which passes keystroke and mouse information to the target device. The target device acts on that keystroke and mouse information, resulting in a change in the video display--mouse movement, new windows, characters, etc.

Security is always a concern in networked environments. Encryption, bolstered by multiple levels of centralized network control based on the Windows NT security model, provides network-level security. Users can have varying levels of access and control--especially useful when employing outside contractors. Permissions and access levels can be set per user down to individual devices. The security model minimizes risks from intrusions or unauthorized access, and chronological audit logs can track users and activities for another level of security. Network downtime can cost companies hundreds of thousands of dollars per minute. The centralized control offered by a KVM over IP system speeds troubleshooting, minimizing downtime.

Other Alternatives

Some companies rely on remote control software installed on target devices for control access. Remote control software does enable network administrators to issue commands and retrieve performance and other information, but with serious limitations. These software-only solutions rely on the operating system, so if the target device has crashed, there's no access. Setup is an issue as well. The software must be installed on each device to be managed, affecting computing overhead and creating administrative burdens. And remote control software does not provide BIOS-level access to servers, as KVM does, so remote reboot is not possible. Nor can it offer the ability to initiate power cycles and interact with devices during power up sequences that KVM can. Routers and other devices must also be excluded from such remote control and management schemes.