Network Computing is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them. Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Review: Console Servers: Page 7 of 19

The ACS16 offers two options for encrypting traffic: SSH (both SSH and SSH2) and IPsec VPN. Cyclades has used the FreeS/WAN version of IPsec as its primary VPN implementation. Enabling a VPN was easy, though we did encounter a couple of quirks in the documentation--the most obvious being an assumption that a road warrior's computer will be running Linux rather than Windows!

After we generated a public key with RSA and edited a couple of files using vi, the VPN was set up and worked as advertised. Cyclades warns of potential difficulties setting up and maintaining a VPN over links involving NAT or DHCP on the client side, but we experienced no problems in our tests when we accessed the ACS16 from a client behind an external NAT router. It is possible, though, that difficulties might arise if the clients' DHCP server renews leases quite often, or if you try to hold a session open for a long time so that the client address ends up different from the address used for the VPN.

The ACS16 has a full-featured firewall built in and can serve as a dedicated device router. If you are building a system for controlling servers and network infrastructure and are looking to reduce total component count, Cyclades has provided a system that can fill both control and routing requirements. In our tests, we found that the ACS16 recovered gracefully from power outages, timing out its connections and leaving no console sessions hanging. Only one Cyclades administrator can be in the system at any one time; we tried to log in from multiple machines to manage the ACS16 and were told that another admin was logged in.

From a flexibility and feature-richness standpoint, the Cyclades is tops in this group, but it does have shortcomings. For example, though the ACS16 can send syslog files to a central server, there are no built-in log-view or reporting facilities. For a device of this capability, that came as a real surprise. True, the AS16 produced detailed log files, with parameters that included the generating host's name and address, the application generating the notice, and options to send alerts generated by various attached appliances to different syslog servers. But these very solid reporting capabilities made the lack of an easy-to-use internal report viewer hurt even more.

Cyclades has built many configuration possibilities into the Web-based and console menu interfaces. To take full advantage of the ACS16's features, however, you'll have to go into the Linux configuration files. That said, if you're comfortable with vi, this is an incredibly rich console server package.