Cyclades AlterPath Manager E200
The APM can control any Cyclades TS or ACS console server accessible on your network. All management, as previously stated, is done over encrypted SSH connections. One installation scenario suggested in the APM documentation is to create a private network using the second network port. In this situation, you can allow the APM to serve DHCP and automatically manage the network numbering of the managed devices. This also utilizes the APM as a firewall between your public network and your management network.
Cyclades also provided me with an ACS16 for this review. This device is a small Flash-based Linux box with 16 serial ports that can be used to connect to server consoles, modems, terminals or any other serial devices. Each managed device must have basic networking configuration and a root password set. This is done in exactly the same way as the APM—using an included serial cable and an interactive wizard. If you are planning on using the private network approach mentioned above, simply set the device to use DHCP and set the root password.
The initial configuration of the APM is done using a serial cable to a PC or terminal. The APM presents you with a simple configuration utility to get basic networking information, then directs you to continue with a Web browser.
The APM is now ready to configure and manage devices. Log in to the APM's Web interface and click on Devices, then add. Enter a device name (for example, ACS001), device type, model number, network address and root password. The APM then automatically creates entries for each port on the device named similarly to ACS001_00, ACS001_01 and so on. These names uniquely and globally represent every port on the managed devices. They can be renamed later to something a little more meaningful.
Next, customize one or more Profiles (Figure 1) to describe the various types of devices you intend to connect to the ACS or TS units that this APM will control. The default profile is appropriate for most devices with serial consoles that operate at 9,600 baud, 8 bits, no parity and 1 stop bit.
The next step is to do per-console configuration. Then you're ready to connect to the connected devices. This can be done in one of two ways. From the APM's Web interface you simply can click on the console name under consoles, and the APM launches a Java-based terminal emulator. Alternatively, you can connect directly to a console from any SSH client. If the APM's hostname is myapm, your user name is admin and the console name is myserver, you would issue the following command:
The username:consolename syntax is a Cyclades modification of the SSH server running on the APM. It allows very easy access to the console ports. This is my absolute favorite feature.
Up to this point, we have been doing everything as the admin user created during the initial configuration. The APM gives you the ability to create users and delegate control of ports. This is useful in a large data center with a complex management structure.
The APM has the ability to monitor ports and raise alarms based on what it sees. This is done using pattern expressions. Events are classified as Info, Warning or Severe and are sent by e-mail to users listed in the notify list under each console port configuration.
Every console port has a data buffer and log associated with it. These logs can be viewed with the Web interface.
Keeping up to date with software and firmware versions is always a task at the forefront of a system administrator's priorities. The APM simplifies this by automating firmware updates of managed devices. Updated firmware packages are downloaded from Cyclades' Web site then installed on the APM. From there they can be pushed to the managed devices.
The APM provides a simple command-line tool for backup and restore. This provides an easy-to-use way to back up all configuration, logs and the APM system itself to a remote system using SSH. The restore utility does the exact reverse. So many appliance-style devices do not include this vital feature, but the APM does. It is important not to neglect backup and restore when evaluating any appliance-type device. Any device you depend on for day-to-day administrative operation needs to be classified as critical infrastructure and needs to be held to the same backup, restore and disaster recovery requirements as any other system.
One Click, Universal Protection: Implementing Centralized Security Policies on Linux Systems
Join editor Bill Childers and Bit9's Paul Riegle on April 27 at 12pm Central to learn how to keep your Linux systems secure.
Free to Linux Journal readers.Register Now!
- Considering Legacy UNIX/Linux Issues
- Cluetrain at Fifteen
- [<Megashare>] Watch Mrs Brown's Boys Movie Online Full Movie HD 2014
- New Products
- Getting Good Vibrations with Linux
- Memory Ordering in Modern Microprocessors, Part I
- RSS Feeds
- Tech Tip: Really Simple HTTP Server with Python
- Security Hardening with Ansible
- diff -u: What's New in Kernel Development