Raritan's Paragon family of matrix-switching KVMs is a modular solution. The UMT1664 sits between Raritan computer interface modules (CIMs) and the user stations (USTs). A variety of CIMs supports different types of equipment, including PS/2 devices, ASCII/serial devices, Sun Microsystems systems and USB connections. The UST connects to a user port on the UMT1664 matrix switch and provides connectors for a local keyboard, mouse and monitor. Or, the UST plugs into one of the ports on a TeleReach interface unit to provide remote access via the Internet or dial-up line. Raritan representatives told me that the next version of the TeleReach will include built-in USTs. The three components are connected with Cat5 UTP cables that can go up to 500 feet, giving you a theoretical reach of 1,000 feet between the server and the keyboard, mouse and monitor.
Lots of ports in a small space.
Expandable to 10,000 servers.
Up to 64 simultaneous users.
Cat 5 Cabling.
No way to get to a CLI other than through LSMS or serial/modem connections.
Obscure access control.
Because the UMT1664 is a multiuser device, you must mediate usage for any particular server. Paragon gives you three options to control contention for the same systems: private, public view and PC share. Private mode gives one user exclusive access to a system. Public view mode lets a user see the screen of a system controlled by another user. PC share mode, the solution I selected for my tests, lets two users alternately control a system, with that control being shifted based on a time-out schedule set by the admin.
As the UMT1664 administrator, you assign user IDs and passwords and define access rules that go into effect as soon as the user is logged in. You can use a RADIUS server for authentication. Maybe Raritan's group ID scheme is intuitive to someone in some universe, but my jaw dropped when I began to explore the access settings. Users and computers can each be assigned nonexclusive group IDs from 00 to 99, with 00 as the default. Computers with an ID of 00 can be accessed by anyone. Users with a group ID of 00 can access any system. Simple enough. Now let's say you assign a user to a group ID of 05. That user can access systems with group IDs of 00, 05 and 50-59. Why not 15 and 25 and 35 and so on? Assign a user a group ID of 98, and they can access systems with group IDs of 00, 09 and 98. Why 09? After you figure that out, you can assign users to five different group IDs, and systems to eight different group IDs. The system is flexible if incomprehensible--Raritan devotes an entire appendix in the manual to setting access via group IDs.
TeleReach is nearly two years old, but Raritan's April upgrade, at $7,895, includes connectivity via any IE 4.x or later browser, in addition to the 32-bit Windows application. TeleReach Web access requires ActiveX, hence the IE-only limitation. The Web interface is almost identical to the Microsoft Windows application interface--the two schemes share a considerable amount of common code. The Web interface provides from one to four separate remote sessions to whatever you have connected to TeleReach.