An Overview of IP KVM Switches


This article provides an overview of IP KVM Switches. We see what is an IP KVM Switch, what are the general capabilities of an IP KVM Switch, the security features of an IP KVM Switch, the type of data transmitted and the bandwidth consumed by the IP KVM Switch.

What is an IP KVM Switch:

A KVM switch is a hardware device that enables a user to control multiple computers/servers/network elements from a single keyboard, Video device and mouse. In fact, KVM switching stands for Keyboard Video and Mouse switching. This technology is particularly useful in a Data Center where multiple servers are located in a single place and there is no need to have a separate monitor, keyboard and mouse for each of them.

An IP KVM Switch is basically a KVM switch which works over IP Networks. It sees the various servers through their IP addresses, uses IP infrastructure including the LAN cabling to control the servers, and one main advantage it provides is to remotely control the data center servers.

Capabilities of an IP KVM Switch:

The general capabilities of an IP KVM Switch include remote access and management of servers and network devices. One can also manage virtual servers through a specialized software provided by some of the vendors. The remote access can be done through a browser (web-based), and alternately some of them offer specialized software through which the management can be done. Some of them even support an external modem.

The main advantage of IP KVM Switches is that they offer BIOS level support. They can manage a certain number of servers based on the number of ports that they have (and there is a maximum number of remote devices that can be supported by every IP KVM Switch). The IP KVM Switch transmits the video of the server output over IP, to the controlling station so that the server output can be seen over a remote station and can be controlled. Even the key-board press and mouse movements are transferred over the network to the server. There are USB ports for the key-board and mouse to connect.

While multiple IP KVM Switches can be cascaded and a centralized management for all of them is possible, some of them even offer centralized power management (The power of the servers can be cycled on or off via the power control port). Some vendors support remote media by mapping local media (like CD drives etc.) to a remote server to transfer files or other operations.

Types of data transmission and bandwidth:

In an IP KVM Switch, there are three types of data that are being transmitted between the control station and the servers over LAN. This enables effective management of the servers. They are:

¤ Management data: These are used to start, maintain and terminate the KVM Sessions. They are required for authentication, access control etc. But these type of data occupy very less bandwidth in the LAN.
¤ Keyboard and Mouse data: When a keyboard is pressed in a control station, the make and break of the keys are transmitted over the network to the servers. Same way, the mouse movements and the clicks are also transmitted through a set of messages. This happens with each mouse click/ keyboard press and this also doesn’t occupy much bandwidth in the LAN.
¤ Video data: The screen shot of the server is sent by a video stream. It employs loss-less compression, unlike video conferencing systems, so it occupies more bandwidth. But generally the video data is encoded using a compression algorithm, which sends only the changes from previous video frame and not the entire blocks of video data. This reduces the amount of bandwidth consumed. The bandwidth consumed might be anywhere between 1.5 to 20 Mbps based on the no. of concurrent users (For a 16 port switch).

There are some bandwidth optimization techniques employed by certain IP KVM Switch vendors like when a particular viewing session is minimized in the tool bar, the video stream for that particular session is turned off until the window is re-opened and when multiple windows are opened, any window that is not in focus is updated less frequently.

Security features of an IP KVM Switch:

¤ Authentication and Access control: Some of the IP KVM Switches can integrate with corporate directories like LDAP and provide a centralized authentication of the users and their roles can be determined. Based on their role, they can be selectively offered access only to certain servers or all servers. This provides one more layer of security for combating internal threats and avoids un-necessary tampering of the servers by those who are not authorized to use it.
¤ Encryption: All the data between the KVM Switches and the servers are encrypted by some vendors by using 128 bit SSL/ 3DES standards based encryption.
¤ Failover: Some IP KVM Switch vendors support port mirroring and failover. If one server connected to one port fails, the operation can be seamlessly transferred to a back up server (If any) in another port with all its access rights etc. intact. This provides redundancy.
¤ https remote access: Since remote locations access the server through a browser, IP KVM Switches provide access to them via the secure protocol https.
¤ Logs and session termination: Most of the IP KVM vendors provide the usage reports, logs of the failed attempts etc. to help monitor and audit the anomalous behaviour. Some vendors send the key-strokes required to log out any user when the session is terminated unexpectedly. This helps block the security hole created by not logging out of the session.

excITingIP.com

You could stay up to date on the various computer networking technologies by subscribing to this blog with your email address in the sidebar box mentioned as “Get email updates when new articles are published”