One fact of life for every server administrator is remote administration. For UNIX and NetWare users, this task is properly built into the operating system and generally provides all of the functionality required to administer the server. For Windows users, however, things are not quite as simple.
While Microsoft has provided Terminal Services for remote administration, it is not perfect, so other alternatives are usually considered. To help you evaluate your options, we’re going to look at two popular remote administration packages—Virtual Network Computing and pcAnywhere—and compare them with Windows Terminal Services.
Virtual Network Computing
Virtual Network Computing (VNC) is a product of AT&T Labs in Cambridge, UK. Its price tag—free—is one of the many reasons for its popularity. Among the other reasons it’s so popular:
- The viewer, which allows remote control of a server, is very small and can be run from a floppy disk.
- VNC is cross platform, with servers and viewers for almost every conceivable OS, such as Windows, Linux, UNIX, Mac, DOS, and BeOS. In addition, the viewer is capable of controlling any VNC server, even if it is running a foreign OS from the client.
- It’s fast! VNC uses very good compression, which allows it to run very quickly, even over slow links.
- It’s open source. Modifying the code is easy since it’s freely available. This is why there is such a wide variety of OS support for this product as well.
- VNC can be set up to run as a service on Windows machines so that it starts up when the server boots.
- The XVNC server under UNIX can support multiple client connections. Due to the nature of the Windows OS, this is not supported under Windows.
- In the absence of a client, each VNC server also has a small Web server that allows the server to be administered using any Java-enabled Web browser.
VNC’s price tag makes it an ideal choice for many cost-conscious organizations. Also, its cross platform nature makes in desirable in settings where there are multiple operating systems that need to be administered in a consistent way.
A number of enhancements are available for VNC. For example, one of my coworkers has enabled a Windows 2000-based VNC service to start automatically when someone using an SSH-enabled version of the viewer connects to the server. Once the session is completed, the VNC server automatically shuts down. He accomplished this with a combination of the VNC server, client, and Cygwin.
Symantec’s pcAnywhere has been around for a long time. The current version, 10.0, allows direct desktop control of a remote server, as well as full encryption and built-in file transfer capabilities—and its speed is much improved. Here are some of the features of pcAnywhere:
- Direct console access provides an administrator with remote access to the actual server console, allowing full administration of the server.
- Embedded file transfer allows an administrator to transfer files onto and from the server during a remote administration session. This feature could be handy when you’re patching a server and need to upload patch files to the server.
- Serialization, a new feature in pcAnywhere, allows an administrator to set up a specific client-to-host connection. In other words, a serial number is assigned to both a host and to the clients. The host is allowed to be managed only by a client that shares the same serial number.
- It can log activity on the server during the pcAnywhere session. This can help you find problems created as a result of tampering or because of mistakes made during a remote session.
- For enterprises that use a directory, such as NDS or Active Directory, pcAnywhere can be configured to authenticate using that medium, allowing the enterprise to maintain a central point of authentication and administration.
- Unlike other products, pcAnywhere has some built-in security features, such as the Remote Access Perimeter Scanner, which can help to keep your network secure.
Its file transfer capabilities, its ability to use a central directory store for user authentication, and its security features make pcAnywhere an excellent choice for organizations of all sizes. You can download an evaluation version from Symantec’s Web site. pcAnywhere 10.0 retails for $179.95 per license, but you can find it for as low as $120 on e-commerce sites. Symantec also offers bulk licensing for the enterprise edition of the software.
Windows Terminal Services
Windows Terminal Services is designed to allow multiple users to run applications from the server without the need to install each application on a user’s desktop. However, with Windows 2000, Microsoft has implemented a special version of Terminal Services called Remote Administration Mode.
For a service that is included in the operating system, Terminal Services does an adequate job at general remote administration tasks. Terminal Services in Remote Administration Mode allows up to two virtual concurrent connections to the server in addition to the physical console.
However, Windows Terminal Services does have some drawbacks. The main and often deal-breaking drawback is the lack of support for third-party services that need to interact with the desktop. For example, if you’re using Terminal Services to remotely install VNC, you can’t complete the installation since VNC requires user input at the actual console before the service can be used. The primary reason for this is that fact that Terminal Services does not provide access to the actual physical server console as VNC and pcAnywhere do. Instead, it uses a virtual terminal that is incapable of receiving messages that are directly destined for the server console.
If these drawbacks do not pose significant problems, Terminal Services is a fast, easy-to-set-up solution that will allow most administrative functions to be performed. For enterprises that do not like to install client applications on PCs, preferring Web-based administrative solutions, there is an add-on for Terminal Services that Web-enables WTS remote administration. By installing this add-on, the server can be administered using Internet Explorer.
Making the choice
As you can see, all of these products have their advantages. VNC is economical and robust, and it offers the best cross-platform solution, while pcAnywhere offers the most full-featured solution for Windows environments. Windows Terminal Services also provides an excellent solution, and it is already built into Windows 2000; however, it does not contain the advanced options available in the other two packages.
Although we limited this comparison to the incumbent favorites of Windows remote administration, other upstart products, such as Famatech’s Radmin and GoToMyPC, are certainly worth considering as well.
No matter which remote administration package you select, it is important to note that the installation of any remote administration solution poses significant security risks. If care is not taken to choose a product appropriate for the environment, or the product is not properly set up in conjunction with your firewall and other security components, the environment can be severely compromised. Take care to properly install and set up your network for these products, and the task of remote server administration will become much more secure.
What product(s) do you use for remote administration?
We look forward to getting your input and hearing about your experiences regarding this topic. Join the discussion below or send the editor an e-mail.