ORF 5 Preview (Part 2): Remote Administration

The first new feature we are detailing in this article series is the Remote Administration in ORF 5.

This feature is pretty much what it sounds: in ORF 5, you can access and manage remote ORF installations with just one click – no more RDP, VNC or walking up to the server room. Sounds good?

There is also more to Remote Administration than just shaving off a couple of minutes here and there: the Remote Access communication foundation that enables this feature also opens up a way for remote ORF components to talk to each other. For instance, ORF 5’s Configuration Synchronization relies on this very same foundation and certain future developments are enabled by this.

A few basic facts:

  • Remote Access can be enabled using the Administration Tool (disabled by default).
  • All ORF management tools are supported (Administration Tool, Log Viewer and the Reporting Tool).
  • Default connections can be configured (useful if you always work with the same server). Shortcuts can be created per management tool for multiple-server scenarios.
  • ORF 5 Setup comes in two versions: a full setup and a freely distributable Management Tools-only setup.

Security and network facts (nobody likes opening ports in the firewall, right?):

  • Accessing the service requires an administrator-configured password.
  • The default communication port is TCP/6242 (can be changed per interface).
  • Communication is HTTP-based – a slightly modified version of the SOAP protocol, typically used for Web Services.
  • The password is never stored directly on the computer (only hash on the server, salted hash on the clients).
  • Secured challenge-response authentication. No plain-text password is sent over the network. VPN can be employed for additional security.
  • Service can be restricted to specific local interfaces/IPs.
  • Access can be granted by client IP addresses.
  • HTTP proxies are supported by the communication protocol.

And now a few screenshots.



What do you think? Will you use this feature? Got any questions? Feel free to comment.

ORF 5 Introduction Articles

Part 1: Introduction

9 thoughts on “ORF 5 Preview (Part 2): Remote Administration

  1. bryon

    this sounds good, but will it allow multiple people to manage ORF at the same time? currently, when 2 or more administrators are in remote desktop to manage orf, we have to yell back and forth for one to close the orf admin tool so the other can open it.

  2. Peter Karsai (ORF Team)

    @bryon:

    Technically, two admins will be able to use the Admin Tool concurrently to manage the same installation, but doing so will result in a conflict situation where the last change will “win”, i.e. the administrator who saves the configuration last will overwrite the changes made by the first administrator.

    Is there any particular reason why two admins work with the same ORF installation concurrently?

  3. Kerry

    Honestly guys, in comparison to giving individual mailbox users control over their own quarantine and white/black lists, this “spectactular new feature” is largely useless.

    Really. What does it do that’s any different to using RDP? If I’m on a PC that has my booksmarks and config info, why would I use this tool in preference to simply using RDP?

    I would only ever allow another high-level admin to use such a tool, and all the while we still come under the huge workload created by having to manually edit everything for the users ourselves.

    While I love ORF, I’m about to ditch it on two Exchange installations, because I can’t give my users enough individual control to manage themselves.

    You’ve had an overwhelming number of votes in the forums for a web-based quarantine and user self-management system, and yet, this is the feature you felt to deliver.

    I just don’t see the point.

  4. Peter Post author

    @Kerry: I understand that the perceived value of this feature is quite low. The real value is mentioned in the third paragraph – it is the communication foundation that works behind the scenes. The Quarantine feature was linked because this foundation is a prerequisite of that feature. It is no secret that Quarantine is on the development roadmap.

    Also, although it makes little difference, it should be noted that development plans follow the feature request tracker with some delay, so when the decision was made about remote administration, it was _the_ top voted feature.

  5. Pingback: Vamsoft Insider » ORF 5 Preview (Part 3): Configuration Synchronization

  6. Uwe

    @Kerry: I second that!
    @Peter: I understand that the communication foundation is a prerequisite to the user manageable quarantine, but I’m in the same situation as Kerry. That remote admin feature is of absolutely no use for us, and if that’s all what’s “in for me” with ORF 5, I’m afraid, I’ve no argument for a SMA renewal to my CEO. The “problem” is, ORF 4, like it is today, is already working perfectly in our environment, and like Kerry, all we’re missing is a web-based quarantine and user self-management system.

  7. Peter Post author

    @Uwe: This is just one of the new features. Another major feature is Configuration Synchronization (the article was published just yesterday) and there are literally dozens of smaller improvements that make the administrator’s life easier. For a long time, we focused on shipping ORF with new major features and dedicated a lot less time to making the overall experience smooth. In this version, we focused more on the experience thing and less on the “major features” (which are definitely an easier sell). We analysed thousands of tech support cases to identify the shortcomings of ORF and the solutions we came up are really ORF 5. We will talk about these later in this series.

    And yes, Quarantine is on the roadmap for ORF :)

  8. Uwe

    @Peter: “Configuration Synchronization” for sure is a big improvement, but unfortunately useless for every small to midsized business like us with only one running instance of ORF. Is there a list of those “literally dozens of smaller improvements” available, which I could use to convince my CEO to renew our SMA?

Leave a Reply

Your email address will not be published. Required fields are marked *

AlphaOmega Captcha Classica  –  Enter Security Code