Rollout: Avocent's SonicAdmin

Stuck at the airport while you're on call, you receive the dreaded message: A server's flaking out and it needs attention now. Avocent's SonicAdmin can give you the access you need over your BlackBerry or Windows Mobile smartphone.

Several options, such as remote Secure Shell (SSH) and Microsoft Remote Desktop, exist for remote management. But each has problems when used on mobile platforms. SSH and telnet programs are great for managing Linux servers and infrastructure gear but are challenging to use with Windows servers. Remote Desktop manages Windows servers but the client included with Windows Mobile 5.0 doesn't handle high encryption and can be difficult to use on the small screen of a handheld device. SonicAdmin Pro's feature set addresses those concerns and is competitive with other remote solutions, such as Expand Beyond's PocketAdmin.Avocent makes three versions of SonicAdmin. SonicAdmin 4.1 ($200 per managed server) lets administrators use smartphones to manage Windows servers, infrastructure gear and Linux servers using SSH. Two new and less expensive products, SonicAdmin QR and SonicAdmin Pro, are for organizations that primarily run Windows servers.

Both QR and Pro let you manage an unlimited number of Windows-based servers for an annual flat fee ($99 per device for QR and $399 per device for Pro). With each product, you can browse Active Directory to select and manage servers and perform many basic management functions. You can view and clear event logs, view and kill processes, manage files, execute batch files, and shut down and reboot servers. You also can reset passwords and manage Active Directory users and groups. SonicAdmin Pro also includes options to administer Exchange servers and run programs at the command line, an option not available in the QR version.

However, neither version can replace conventional server management products, such as Avocent's recently acquired LanDesk or Microsoft Systems Management Server, which manage servers even when the OS is unresponsive, and provide hardware diagnostics, patch management and in-depth reporting tools.

Test Setup

To manage other servers, the SonicAdmin management server must be installed within your Active Directory environment. For our tests at our Syracuse University Real-World Labs®, we installed SonicAdmin Pro on a Dell PowerEdge SC1425 running Windows Server 2003. We used two other SC1425s--one to host Microsoft Exchange 2003 and the other to host BlackBerry Enterprise Server. We then tested two client devices: a Palm Treo 700w running Windows Mobile 5.0 and a RIM BlackBerry 8700c.

Installing SonicAdmin was a breeze. Each step is well-documented and the installer provides tests along the way to ensure the setup is correct. We like SonicAdmin's use of e-mail to provision users' devices. Clicking on the link within the message's text automatically installed the software.

Although the features of SonicAdmin QR and SonicAdmin Pro are not as robust as office-based server- management solutions, the products still let you perform basic tasks remotely. As soon as we logged into the SonicAdmin client, for example, we could browse the Active Directory and select the server we wanted to manage. Besides viewing the system's CPU usage, memory usage and number of processes, we could perform administrative tasks such as resetting user passwords, stopping processes, changing file permissions and managing the Exchange server.

SonicAdmin Pro's command prompt is a powerful tool. It's useful for executing administrative functions that aren't supported by SonicAdmin or for running command scripts to automate administrative tasks.

Unfortunately, the command-prompt feature is not interactive. Although you can execute a command and see its results, if there is any user interaction required, the command won't work. Running netstat, for instance, will list the inbound and outbound connections running on the server properly. However, running ftp ftp.nwc.com to open an FTP connection won't work because the command requires you to enter credentials and execute commands to the server.Keeping Connections Secure

Client devices connect to the SonicAdmin server directly or through BlackBerry's Mobile Data Services secure tunnel. The direct connection, available on BlackBerry and Windows Mobile devices, is done over Port 80 by default, but you can specify any port you want during the installation process. A secure connection between the client device and the server is ensured with 128-bit AES encryption. Still, it's necessary to open holes in the firewall. Unless your business has negotiated with the carrier for static IP support, you won't necessarily have the same IP with each data connection and as you roam geographically your device will change subnets.

SonicAdmin's connection management and encryption mitigate some of the risk of opening a port on the firewall. If you're still wary of opening anything to the entire world, the BlackBerry's Mobile Data Services option or using a mobile VPN may be the best alternatives.

Connection through BlackBerry's Mobile Data Services secure tunnel involves routing data to and from your network using the same secure, outbound-only connection BlackBerry Enterprise Server uses to send e-mail, an option not available on Windows Mobile devices.

Sean Ginevan is a technology analyst with the Center For Emerging Network Technologies at Syracuse University. Write to him at [email protected].0