OK. NO TCO OR ROI HERE. WE LIED.
ORF 5 Preview (Part 2): Remote Administration
Posted on February 21st, 2011 by Peter | Permalink

The first new feature we are detailing in this article series is the Remote Administration in ORF 5.

This feature is pretty much what it sounds: in ORF 5, you can access and manage remote ORF installations with just one click – no more RDP, VNC or walking up to the server room. Sounds good?

There is also more to Remote Administration than just shaving off a couple of minutes here and there: the Remote Access communication foundation that enables this feature also opens up a way for remote ORF components to talk to each other. For instance, ORF 5′s Configuration Synchronization relies on this very same foundation and certain future developments are enabled by this.

A few basic facts:

  • Remote Access can be enabled using the Administration Tool (disabled by default).
  • All ORF management tools are supported (Administration Tool, Log Viewer and the Reporting Tool).
  • Default connections can be configured (useful if you always work with the same server). Shortcuts can be created per management tool for multiple-server scenarios.
  • ORF 5 Setup comes in two versions: a full setup and a freely distributable Management Tools-only setup.

Security and network facts (nobody likes opening ports in the firewall, right?):

  • Accessing the service requires an administrator-configured password.
  • The default communication port is TCP/6242 (can be changed per interface).
  • Communication is HTTP-based – a slightly modified version of the SOAP protocol, typically used for Web Services.
  • The password is never stored directly on the computer (only hash on the server, salted hash on the clients).
  • Secured challenge-response authentication. No plain-text password is sent over the network. VPN can be employed for additional security.
  • Service can be restricted to specific local interfaces/IPs.
  • Access can be granted by client IP addresses.
  • HTTP proxies are supported by the communication protocol.

And now a few screenshots.



What do you think? Will you use this feature? Got any questions? Feel free to comment.

ORF 5 Introduction Articles

Part 1: Introduction

9 comments
  1. Comment by bryon
    posted on March 4th, 2011 @ 09:59 pm GMT+0000

    this sounds good, but will it allow multiple people to manage ORF at the same time? currently, when 2 or more administrators are in remote desktop to manage orf, we have to yell back and forth for one to close the orf admin tool so the other can open it.

  2. Comment by Peter Karsai (ORF Team)
    posted on March 7th, 2011 @ 10:28 am GMT+0000

    @bryon:

    Technically, two admins will be able to use the Admin Tool concurrently to manage the same installation, but doing so will result in a conflict situation where the last change will “win”, i.e. the administrator who saves the configuration last will overwrite the changes made by the first administrator.

    Is there any particular reason why two admins work with the same ORF installation concurrently?

  3. Comment by Kerry
    posted on March 7th, 2011 @ 10:45 am GMT+0000

    Honestly guys, in comparison to giving individual mailbox users control over their own quarantine and white/black lists, this “spectactular new feature” is largely useless.

    Really. What does it do that’s any different to using RDP? If I’m on a PC that has my booksmarks and config info, why would I use this tool in preference to simply using RDP?

    I would only ever allow another high-level admin to use such a tool, and all the while we still come under the huge workload created by having to manually edit everything for the users ourselves.

    While I love ORF, I’m about to ditch it on two Exchange installations, because I can’t give my users enough individual control to manage themselves.

    You’ve had an overwhelming number of votes in the forums for a web-based quarantine and user self-management system, and yet, this is the feature you felt to deliver.

    I just don’t see the point.

  4. Comment by Peter
    posted on March 7th, 2011 @ 02:44 pm GMT+0000

    @Kerry: I understand that the perceived value of this feature is quite low. The real value is mentioned in the third paragraph – it is the communication foundation that works behind the scenes. The Quarantine feature was linked because this foundation is a prerequisite of that feature. It is no secret that Quarantine is on the development roadmap.

    Also, although it makes little difference, it should be noted that development plans follow the feature request tracker with some delay, so when the decision was made about remote administration, it was _the_ top voted feature.

  5. Pingback by Vamsoft Insider » ORF 5 Preview (Part 3): Configuration Synchronization
    posted on March 7th, 2011 @ 03:00 pm GMT+0000

    [...] entire process utilizes the same communication foundation as introduced in our previous Remote Access article. Thanks to this, administrators can grant Config Sync-only access to the subscriber [...]

  6. Comment by Uwe
    posted on March 8th, 2011 @ 10:30 am GMT+0000

    @Kerry: I second that!
    @Peter: I understand that the communication foundation is a prerequisite to the user manageable quarantine, but I’m in the same situation as Kerry. That remote admin feature is of absolutely no use for us, and if that’s all what’s “in for me” with ORF 5, I’m afraid, I’ve no argument for a SMA renewal to my CEO. The “problem” is, ORF 4, like it is today, is already working perfectly in our environment, and like Kerry, all we’re missing is a web-based quarantine and user self-management system.

  7. Comment by Peter
    posted on March 8th, 2011 @ 12:14 pm GMT+0000

    @Uwe: This is just one of the new features. Another major feature is Configuration Synchronization (the article was published just yesterday) and there are literally dozens of smaller improvements that make the administrator’s life easier. For a long time, we focused on shipping ORF with new major features and dedicated a lot less time to making the overall experience smooth. In this version, we focused more on the experience thing and less on the “major features” (which are definitely an easier sell). We analysed thousands of tech support cases to identify the shortcomings of ORF and the solutions we came up are really ORF 5. We will talk about these later in this series.

    And yes, Quarantine is on the roadmap for ORF :)

  8. Comment by Uwe
    posted on March 9th, 2011 @ 12:20 pm GMT+0000

    @Peter: “Configuration Synchronization” for sure is a big improvement, but unfortunately useless for every small to midsized business like us with only one running instance of ORF. Is there a list of those “literally dozens of smaller improvements” available, which I could use to convince my CEO to renew our SMA?

  9. Comment by Peter Karsai (ORF Team)
    posted on March 15th, 2011 @ 08:14 am GMT+0000

    @Uwe: Yes, we will introduce many of those features in later articles in this series.

Comment this post