Raritan Computer CC-SG User Manual

240 C

OMMAND

C

ENTER

S

ECURE

G

ATEWAY

A

DMINISTRATOR

G

UIDE

Performance

As a CC-SG Administrator,
I added over 500 nodes and
assigned all of them to me.
Now it takes a long time to
log on to CC-SG.

When you, as Administrator, have many nodes assigned to you,
CC-SG downloads all information for all nodes during the
logging process, which slows the process considerably. It is
recommended that Administrator accounts used primarily to
manage CC-SG configuration/settings do not have many nodes
assigned to them.

What is the bandwidth
usage per client?

Remote access to a serial console over TCP/IP is about the same
level of network activity as a telnet session. However, it is
limited to the RS232 bandwidth of the console port itself, plus
SSL/TCP/IP overhead.

The Raritan Remote Client (RRC) controls remote access to a
KVM console. This application provides tunable bandwidth
from LAN levels down to something suitable for a remote dial-
up user.

Grouping

Is it possible to put a given
server in more than one
group?

Yes. Just as one user can belong to multiple groups, one device
can belong to multiple groups.

For example, a Sun in NYC could be part of Group Sun:
"Ostype = Solaris" and Group New York: "location = NYC"

What impact to other usage
that would be blocked
through the active usage of
the console port, for
example, some UNIX
variants not allowing admin
over network interfaces?

A console is generally considered a secure and reliable access
path of last resort. Some UNIX systems allow root login only on
the console. For security reasons, other systems might prevent
multiple logins, so that if the administrator is logged in on the
console, other access is denied. Finally, from the console, the
administrator can also disable the network interfaces when/if
necessary to block all other access.

Normal command activity on the console has no greater impact
than the equivalent command run from any other interface.
However, since it is not dependent upon the network, a system
that is too overloaded to be able to respond to a network login
may still support console login. So, another benefit of console
access is the ability to troubleshoot and diagnose system and
network problems.

How do you recommend
the issue of CIMs being
moved / swapped at the
physical level with changes
to the logical database?

Each CIM includes a serial number and target system name. Our
systems assume that a CIM remains connected to its named
target when its connection is moved between switches. This
movement is automatically reflected in the system configuration
and is propagated to CC-SG. If, instead, the CIM is moved to
another server, an administrator must rename it.

Interoperability

How does CC-SG integrate
with Blade Chassis
products?

CC-SG can support any device with a KVM or serial interface
as a transparent pass-through.

To what level is CC-SG
able to integrate with 3rd
party KVM tools, down to
3rd party KVM port level
or simply box level?

3

rd

party KVM switch integration is typically done through

keyboard macros when the 3

rd

party KVM vendors do not

publicize the communications protocols for the 3

rd

party KVM

switches. Depending on the capability of the 3

rd

party KVM

switches, the tightness of integration will vary.

How would I mitigate the
restriction of four

Currently, the best possible implementation is to aggregate IP-
Reach boxes with CC-SG. In the future, Raritan plans to