Magazine Article | November 1, 2002

The Battle For Server Access

Source: Field Technologies Magazine

Don't make your production staff and your IT team compete for time on your servers. With KVM tools, you can let everyone have (secure) access.

Integrated Solutions, November 2002

1:53 a.m.: The phone rings at the IT director's home. The voice on the other end of the line is that of the night manager in the call center. "Hi. Sorry to bother you, but none of our order takers can get into the database. We can't process orders. We can't tell what's in stock. We're stuck."

3:38 a.m.: The IT director is now driving home after having gone to the data center to reboot the system. Just another sleep-depriving crisis for IT. No big deal.

Late night reboots were part of a much bigger deal for Johann Stoessel, logistics supervisor, information services, for the Sonic chain of drive-in restaurants. The need to head back to the office reflected inflexibility in terms of managing the corporate data center. Inside the center, servers were connected to a single administrative console. Not only did that setup prevent remote access (and, hence, turn IT staff into road warriors), but it also left IT competing with the company's program developers for time in front of the console.

What Sonic needed was a data center management solution that would give multiple people, sitting in front of multiple screens, simultaneous access to servers. It also needed a solution that could provide remote IP (Internet protocol)-based server access. Sonic addressed both concerns by adopting IP-enabled KVM (keyboard, video, mouse) technology.

Data Center Security - Close The Door, Open Some Windows
Fighting for elbowroom in the data center was a daily occurrence at Sonic, where development staff regularly reconfigure databases, do number crunching, and generate reports. "The development staff believed that sitting in the data center would make it faster for them to load CDs onto the application servers or access the SQL databases," Stoessel says. "But, if we needed to get on the print server, reset a user password, or do a network status check, we'd have to move them out of the way."

In addition to disrupting the efficiency of both IT and development, the setup compromised the security of Sonic's data center. Anyone at the console could access any of the servers in the data center. The company's internal audit team was not pleased about the lack of access control measures.

From Conflict To Collaboration
A KVM switch is fundamentally designed to give an administrator access to several servers or peripherals from one workstation (i.e. from one keyboard, video, and mouse). At Sonic, this capability has been extended to multiple workstations across the enterprise, including laptops used for remote access. In the new arrangement, each server in Sonic's data center is connected to one of four daisy-chained KVM switches from Avocent. Three of the switches are eight-port Avocent DS1800s, which can accommodate remote IP-based access. Since the KVM switches are attached to Sonic's Ethernet LAN, users can access data center servers and server management tools from any desktop onto which the KVM client software has been loaded. A central authentication server connected to the KVM switches confirms user identities and authorization levels, securing access to each server.

Stoessel reports that the KVM switches have made the battles for server usage a thing of the past. In fact, if he needs to get on a server that a developer is currently using, he can. The KVM system supports multiple simultaneous access. The middle-of-the-night commutes have also gone by the wayside, as IT staff can connect to the system from home over IP.

Finally, the new architecture has brought procedural benefits in addition to eliminating the headaches that drove the initiative. "We can now monitor server backup without having to keep going into the data center," says Stoessel. "And, with the ability to allow simultaneous log-ins to the same server, we can have two people working on the same problem or training together."