Jetro COCKPIT 3.6 SR1
Jetro Platforms, with their R&D centre based in Israel, delivers with Jetro COCKPIT a complete Server Based Computing product based on Microsoft Terminal Services and the RDP protocol.
What does offer Jetro in this market space where still more and more players are attending?
- Published Applications and application access management;
- Scaleable Load Balancing;
- Printing solution;
- Software license metering;
- Monitoring and reporting facilities;
- Secure access via the Internet;
- Virtual Desktops;
- And more.
The heart of the COCKPIT product is the COCKPIT Server. This component manages and controls all other components and features of the product. This component needs to be installed on a server with Internet Information Server enabled, preferably on a non Terminal Server. The COCKPIT server functionality can be implemented in a clustered solution so no Single Point of Failure is created with this component. From this COCKPIT component all tasks and administration will be carried out. Beside IIS the product uses an MSDE database which is installed automatically during the installation process. The installation is started using COCKPITserver.exe. To communicate with Active Directory, a username and password needs to be provided. The manual of Jetro mentions strictly that this account needs to have administrative privileges within Active Directory on the server where COCKPIT server is installed (Domain Admins). Further the installation exists of the usual default questions like accepting license agreements and choosing the destination folder for the product.
After installing the COCKPIT server the Terminal Server can join the COCKPIT product via the installation of the COCKPIT Agents. Also this installation is a single executable. In the installation process you need to choose which components of the agents you would like to enable. There are a total of four available:
- Terminal Server Agent.
This agent arranges the communication between the TS server and the COCKPIT server;
- Directory Connector
Arranges communication with the Domain Controller over the WAN;
- COCKPIT Secure & Universal Connector
Connector agent for communication with Thin Client & Connection via the DMZ (Internet);
- COCKPIT Print Terminal
Agent for the Print solution within Jetro COCKPIT.
If you install the Directory Connector you need to provide this component with a username and password just like the installation of the COCKPIT server.
The manual is not mentioning anything about unattended installations although the installation executable is using an MSI for the installation process.
As mentioned in the Agent installation there is also a Universal Connector. This connector makes it possible to use a default RDP to connect to the COCKPIT environment with mostly all features of the product. This component can be installed on a Terminal server, but also on a dedicated server. Because all default RDP client use this component to connect to the COCKPIT environment a dedicated server is a good choice in bigger environments.
Jetro also delivers a complete print solution with their product. To use this print solution you need to use the Jetro MSI based client with the printing feature built in. With the Jetro print solution print jobs can be printed using a universal printer driver. The driver supports both the PDF and EMF formats. Also printing to a PDF file is supported. If the Jetro client can not be installed (for example Thin Clients) the Print Terminal feature of the Agent component can be used. This terminal acts as in intermediate and handles all print jobs for those systems without the local COCKPIT client installed.
For a secure connection via the internet you can install the DMZ component on one or more server in the DMZ.
Now that all components are in place it's time to configure the environment. Configuring COCKPIT is done using a web based administration page, so you can actually administer the environment from any system with a web browser.
First you need to add your Terminal Server manually in the console using the host option in the left pane. If you add a server it's disabled by default. Selecting the server you can enable the server and configure other settings like IP-addresses and communication ports.
Also if you are using a Print Terminal this can be added manually in the console via the Printing option.
Via the Applications section logically applications can be added. Because the configuration is done web based, I personally find it a little bit less convenient to set all the options. For example you need to use Application Delivery Configuration to specify which servers are hosting the application. Beside the default configuration options like icon, working directory, parameters with COCKPIT you can configure if the application should be accessed via RDP, HTTP or should be started locally on the client. Via the security policy you specify who can use the application. The configuration of this should be done in advance via the Security polices option in the left pane. This is pretty time consuming because for every different assignment of users to an application you need to configure a new policy. Something to think about is to create a policy that denies access. In this way you can specify which user are not allowed to start the application in stead of allowing the application for a specific user group.
For each application you can also configure a scheduling policy. With a scheduling policy you can configure between which times on which days the application may be started. Using the groups tabs, you can configure folders in which the applications will be stored within the client. With Content Redirection configured file extensions will be automatically started on the local client in stead of the Terminal Server.
All the general settings can be found at the tabs on the home page of the console. For example at the server settings tab configuration of settings like restricting users to one workstation, two factor authentication, COCKPIT administrators, COCKPIT cluster setting, configuration of the Universal Connector can be performed. At the user profile settings tab, configurations can be created how applications are presented to your end-user. Jetro calls this a Dashboard. Within each dashboard four tabs are available. At the tab client you can for example configure auto starting of the client, single sign on and the placing shortcuts of Jetro managed applications in the start menu and/or desktop. At the dashboard tab you enable (or disable) the dashboard. If you enable the dashboard the user will get a full desktop, if disabled the user will be presented with published applications. At the printing tab you select which print solution that should be used (native RDP or Jetro's solution) and the configuration of your print choice. At the last tab you can configure some specific TS session settings.
At the host option the load balancing properties needs to be assigned and can be created. Load Balancing within COCKPIT is implemented in detail. Every load balancing policy can exists of one or more counters. All counters within the Windows Performance monitor can be assigned to load balancing policy. For every counter a weight (less or more important than the other counters) and a critical value needs to be assigned. The selected counters combined with the server factor value is the load degree of the server. This value will be translated to three states: low, medium, high. In the load balancing policy you define at which load degree which state will be reached. Although the configuration is very extended, this can also make it pretty difficult to configure you load balancing policies.
Managing the environment
Most of SBC products lacks tools or features to monitor your Terminal Server infrastructure. Jetro's COCKPIT is partly an exception of this rule. Via the monitoring option you can view using queries on a specific server, which user with which application is active (or disconnected) at this moment. Queries can be created based on server, username or application executable.
COCKPIT second managing section is the reporting feature. With this reporting feature (again with queries) overviews can be created of the usage of your COCKPIT environment within a defined timeframe. The report shows on which server from which client by which user which application is started and when the application is ended.
With the user part you can easily get an overview using queries of users and their assigned applications.
For shadowing and other managing options you should use the default Microsoft Terminal Server utilities.
Connecting to the Jetro Cockp-IT environment
Via the COCKPIT server a web client (ActiveX) can be downloaded and also a full MSI based client is available. The ActiveX client does not include the printing solution in comparison with the full client.
When the client is started the user is already connected to one of the Terminal Server agents and will be logged on (also if you are using published applications) to that server. Because of this behaviour it takes some time before the applications are showed to the user within the client., but if the application is available on that same server the application is available really quickly.
COCKPIT handles the integration with the local applications and remote applications partly smooth when activating a remote application, while local applications are on top. If the remote applications are minimized and you open one of them the other applications stay minimized and don't pop-up. If another remote application is minimized and you choose another remote application the other applications also will be show in front of the local application.
With COCKPIT Jetro is presented on the SBC market with a product that definitely can compete with other solutions. Jetro offers all basic features that should be included in a SBC product (Published applications, load balancing, Secured Internet access) and some additional features like their printing solution, possibility to schedule application usage and the possibility to assign local applications. Jetro also include also a very in detail configurable load balancing policies and monitoring/reporting functionality. The web based administration tool makes it possible to administrate the environment from every system, but is makes using the console sometimes a less logical.
- Additional features available like Jetro's Printing solution and the scheduling feature;
- The product is well documented;
- Web based console can be used from every system.
- Assigning application to users is not intuitive using the security policies;
- Client is automatically logging on the user on one of the Terminal Server agents servers;
- Console is not always convenient.