[BBLISA] Remote KVM?

[Charles Homan]

Greetings fellow admins,

I'm currently investigating the idea of a "remote KVM" for my servers, to
allow our team more direct access when we are not physically on-site.
 Ideally, it would do the following:

- Require login
- Log all access (user, time, and IP)
- Allow (at least) 2 simultaneous connections
- Allow me to switch between servers after I am connected
- Support at least 16 servers

I'm torn about putting it behind our firewall, such that I would have to
VPN in to get to it, and putting it in a DMZ such that I can get to it
without the VPN server being up.  My concern is, if the VPN server is down,
then I'm stuck (and we are off line until someone can physically arrive
on-site.)  On the other hand, I don't really want to give unsavory
individuals easy access and unlimited time to hack my system.  How secure
are these things on their own?  Can they be made to require certificates,
for instance?

Does anyone have a preferred solution for this problem?  Are there any
gotchas I may be missing?  Any advice would be welcome.

Thanks,
Charles
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://www.bblisa.org/pipermail/bblisa/attachments/20121119/55f5ea89/attachment.htm