Cerebus X8 Commands LAN Devices Remotely

 
 
By Francis Chu  |  Posted 2001-03-26
 
 
 

Cerebus X8 Commands LAN Devices Remotely


Harried administrators of crowded data centers stuffed with disparate gear can now command up to eight heterogeneous networking devices remotely, thanks to Arula Systems Inc.s Cerebus x8—as long as they have deep pockets.

The secure, out-of-band Cerebus x8 management appliance uses standard VT100 terminal emulation and Java applets to access the administration consoles of servers, switches, routers or appliances via a Web browser. Remotely accessing these devices, which Cerebus accomplishes via serial ports through an IP network or the Internet, can save valuable time during configuration and trouble-shooting sessions, increasing productivity and uptime.

The catch is Cerebus rather steep price: Cerebus x8 costs $3,499, which works out to more than $400 per managed device. Although much more expensive than Symantec Corp.s pcAnywhere remote access software, Cerebus—unlike pcAnywhere—can manage more than just servers: IT managers can plunk the 3.5-inch-high Cerebus on a rack with eight devices and manage the entire rack remotely through the network.

Available since last month, Cerebus x8 supports Windows NT, Linux and Unix servers from such vendors as Sun Microsystems Inc., IBM and Hewlett-Packard Co., along with Cisco Systems Inc. routers and switches, hardware firewalls, and load balancers—basically any networking device with a serial console connection.

The initial configuration of the Cerebus was fairly straightforward in eWeek Labs tests, once the physical connection between the hardware systems and the appliance was established. Cerebus has eight RJ-45 (standard Ethernet) ports for connection to the hardware, but because hardware vendors have different pin-out configurations for their serial console ports, trying to find the right RS-232-to-RJ-45 connector can be frustrating.

For example, we easily connected and accessed the administration console on a Cisco Catalyst 2900XL switch because it has an RJ-45 console port, but we had to try several RS-232-to-RJ-45 connectors before we could connect another switch. After trial and error, we connected the Cerebus to several network devices.

Next, we assigned separate IP addresses to each port to manage the devices from different network segments and then set up users and passwords, enabled SSL (Secure Sockets Layer) encryption, rebooted the port, and accessed the devices with Microsoft Corp.s Internet Explorer and Netscape Communications Corp.s Communicator.

Remote shell game

Establishing remote access to Windows NT servers required the installation of Heroix Corp.s RoboER, which comes bundled with the box. Running as a service in NT, RoboER provides a simple text-based command shell with which managers can remotely monitor and troubleshoot the server.

We used the Cerebus to remotely access an NT server with the RoboER service running and were able to monitor applications and services, view the event logs, edit the registry, and even reboot and shut down the server.

During the remote administration sessions, Cerebus SecureChat feature can be used to communicate in real time, allowing several network administrators to collaborate in problem-solving. The Cerebus also allows the creation of users as observers with view-only permission—useful for training purposes.

Cerebus employs several security features to prevent unauthorized access to the consoles. It provides secured remote sessions through the SSL handshake protocol with 40-bit RC4 encryption. Every time users log in to the console, Cerebus sends out a session-specific ID with a 5-minute timeout. This ensures that no one can recall the log-in information from the local cache and use it to gain unauthorized access to the console.

User log-in names and passwords are protected via MD5 encryption to prevent illicit access to the user/password list.

No provision has been made to manage multiple Cerebus systems, although Arula officials said a software management solution will be available by the end of next quarter.

Cerebus x8


Cerebus x8

USABILITYB
CAPABILITYB
PERFORMANCEB
INTEROPERABILITYB
MANAGEABILITYC

Arulas Cerebus x8 is a capable appliance that can centralize administration of eight networking devices. Although the price per managed device is fairly high, the product is well-suited for Internet service providers and data centers that need out-of-band management tools to ease administration headaches.

SHORT-TERM BUSINESS IMPACT // Cerebus x8 is fairly pricey, but, once implemented, IT managers will see immediate benefits.

LONG-TERM BUSINESS IMPACT // Cerebus should provide a good return on investment over the long run by noticeably increasing the productivity of IT professionals.

Provides an integrated remote hardware-access solution for IP networks; strong collaborative management feature.

Expensive; does not provide centralized management of multiple Cerebus systems.

Arula Systems Inc., Cupertino, Calif.; (408) 996-3400; www.arula.com

Rocket Fuel