Philip Colmer
01-05-2004, 10:05 PM
There are many products available to assist with remote systems management, from the telnet server, Terminal Services, Internet-connected KVM devices, through to hardware built into servers themselves. The drawback to most of the products available, though, is that they (not unreasonably) reproduce the screen on the server. This can make the system unwieldy to manage through the relatively small display of the Pocket PC. What would be better would be an administration product that is tailored for use on mobile devices. Enter Expand Beyond's Mobile Suite …<br /><br /><img src="http://www.pocketpcthoughts.com/images/web/2003/PocketAdminIcons.gif" /><br /><!><br /><i>Expand Beyond have a portfolio of remote management products that can be accessed through Web browsers, including customised layouts for Pocket PCs. The Mobile Suite for Microsoft contains two of those products, specifically for the Microsoft server platforms.</i><br /><br /><span><b>About This Review</b></span><br />I've tried several different approaches to this review, principally because the capabilities of the product are so extensive. At the end of it all, though, I've decided that I do need to explain what the product is capable of doing. To miss a feature might mean that you decide not to buy the product because you think it can't do something you want.<br /><br />To that end, therefore, this is a <b>big</b> review. I've tried to keep the number of screenshots under control, but the review is still big.<br /><br /><span><b>A True Story</b></span><br />Friday - the entire IT Department is out enjoying a Christmas lunch together. The waxing lyrical about the Lord of the Rings is interrupted by a pager going off - software monitoring the Internet Mail Service on the Exchange 5.5 server has noticed that the service has stopped. The monitoring software had been installed because the IMS has a tendency to stop without warning and it can take a while to realise that you haven't received any email for, ooh, the last 30 seconds :wink: <br /><br />Thirty minutes later and a second monitoring system pages the poor on-call person to tell him that SMTP access isn't working, confirming that the IMS has stopped running. There aren't any other alerts, so it is just that service and not the whole Exchange server.<br /><br />The problem, though, is that none of us have got any means of fixing the problem whilst still in the restaurant. There was no choice but to finish the meal, drive back to the office & restart the service. If only …<br /><br /><span><b>Mobile Suite Overview</b></span><br />Expand Beyond's Mobile Suite for Microsoft consists of two products: PocketDBA and Pocket Admin. The products both work in a similar way, namely providing a secure Web interface to administrators for management of the underlying systems. The Web interface has been designed with mobile devices in mind and the server redesigns the layout of the interface according to the device you are using.<br /><br />PocketDBA provides an administrator with live access to any DB2 UDB, Oracle, SQL Server or Teradata database. PocketAdmin allows an administrator to control any Windows environment, from Active Directory, Exchange and IIS through to workstations and servers, with secure command line access to any device that supports telnet. The one exception to the last item is Windows - SSH must be used for command line access to any Windows systems.<br /><br />The cornerstone of the suite is the XBanywhere server. This can be installed on a Linux, Solaris or Windows server - more details can be found near the end of this review in the Specifications section. It is the XBanywhere server that you connect to with a browser. It then communicates directly with the database server (if it is PocketDBA that you are using) or a Windows gateway interface (if it is PocketAdmin you are using).<br /><br />For the purposes of this review, I installed the XBanywhere server on a Windows 2003 server and the Gateway and SSH software on a Windows 2000 server. At the moment, it is not possible to install the Gateway software onto Windows 2003, but Expand Beyond are working on this.<br /><br />Installation of the XBanywhere server is very straight forward - just run the installer, point it at your licence file and accept the defaults, unless you want to do things like change the port numbers used for the Web interface. Expand Beyond's documentation takes you through the prerequisities for the product. This includes thinking about how you are going to secure the communications between the Web browser & the XBanywhere server through SSL, how to control access with RSA SecurID and what ports you need to open on the firewall to permit remote browser access. It is recommended that the server itself is located in the DMZ part of your network topology.<br /><br />Installing the Gateway server can be a little trickier, primarily because of the setting up that needs to be done beforehand:<ul><li>For command-line access to the Windows servers, an SSH server needs to be installed. Expand Beyond do not provide one but do make recommendations instead;<br /><br /><li>If you want to manage Exchange servers, the Exchange administration tools need to be installed on the Gateway server hardware before the Gateway server itself is installed.</ul>Expand Beyond recommend that the Gateway server is installed on your main network and not in the DMZ - in fact, they do not support having the Gateway server in the DMZ. In addition, they recommend the use of SSL to encrypt communications between the XBanywhere server and the Gateway server. The documentation provides step-by-step instructions to achieve this. It is possible to use an internally generated certificate for this purpose.<br /><br />Once all the software has been installed, you need to configure the XBanywhere server so that it knows which machine is the Gateway server and which databases you want to administer. This is done by pointing a browser at the XBanywhere server and entering the administrator username & password. Adding an SQL server to the list of application servers is a bit tricky and the documentation, for once, isn't entirely clear on the subject. There are quite a few bits of information that are required, as can be seen in Figure 1.<br /><br /><img src="http://www.pocketpcthoughts.com/images/web/2003/PocketDBASetup.gif" /> <br /><i>Figure 1: Adding a new SQL server.</i><br /><br />The part that the documentation particularly skips is the port number to use. You can try to infer it from a SQL screenshot that the documentation contains, but it is wrong 8O The screenshot says "1108", but you actually need to use 1433. The "protocol" option is used by PocketDBA when submitting OS commands to the server. As with the Gateway server, only SSH is supported with Windows systems. If you want to administer databases on other operating systems (e.g. Oracle on Solaris), you can use telnet or SSH.<br /><br />The username & password (used for verification purposes at this point) must be valid within the database environment. It is not possible to authenticate against the database server with a Windows account.<br /><br />With the current release of the software, it is necessary to configure the system in advance for each separate database that you want to manage (e.g. Northwind, pubs, master, etc). If you’ve got a lot of databases on a single server, this can get a bit unwieldy, but the Web interface does remember the values you've used after you add a database, so there isn't as much to fill in when you add the next one. Expand Beyond are planning a new release in 2004 that will allow you to specify the database server and then select the database that you want to manage.<br /><br />Setting up the XBanywhere server to manage Windows systems is relatively straightforward. If you want to manage a stand-alone system, all the product wants to know is an alias for the system and its hostname. If you want to manage systems within an Active Directory setup, you need a bit more information, as can be seen in Figure 2. As with SQL databases, the alias is for you to recognise the system by. The forest is the domain name of the Active Directory root and the URL is the address of the gateway server.<br /><br /><img src="http://www.pocketpcthoughts.com/images/web/2003/PocketAdminSetup.gif" /> <br /><i>Figure 2: Adding a gateway server.</i><br /><br />So, you've installed SSH, the XBanywhere server, the Gateway server, configured everything … time to start administering!<br /><PAGEBREAK><br /><span><b>PocketDBA</b></span><br />When you first point your Web browser at the application administration interface on the XBanywhere server, what you see will depend on what you are licensed for. For example, Figure 3 shows the login screen for my test system - licensed to administer SQL Server and to use PocketAdmin.<br /><br /><img src="http://www.pocketpcthoughts.com/images/web/2003/PocketDBALogin.gif" /> <br /><i>Figure 3: Logging into the XBanywhere server.</i><br /><br />The tabs across the top of the web page allow you to select the login for either PocketDBA or PocketAdmin, or to see the XBanywhere version information.<br /><br />Logging into PocketDBA is straightforward - enter an authorised SQL Server username & password and click on Login. Assuming the information is valid, you should then see a screen something like Figure 4.<br /><br /><img src="http://www.pocketpcthoughts.com/images/web/2003/PocketDBAIcons.gif" /> <br /><i>Figure 4: The facilities within PocketDBA.</i><br /><br />The layout of the screen is very similar when you click on any of the available options. The top row of buttons takes you to the SQL page, the Shell page and the Logout page. If you are working on a specific database, the logout button is removed and clicking on the database name instead, takes you to the logout option. Beneath the buttons is a "crumb trail", showing you where you are in the hierarchy of the interface. Some of the options can go down two or three levels of interface, so it is useful to be able to specify how far back up you want to go. Finally, the page contains the content for the option you are currently looking at. If there is too much content to comfortably display, even with scrolling, the software paginates it. You can then step backwards & forwards through the pages of data, or scroll down to the bottom of the screen and enter a page number to jump to directly. An example of the various aspects of the user interface can be seen in Figure 5.<br /><br /><img src="http://www.pocketpcthoughts.com/images/web/2003/PocketDBAInstanceLogsDetail.gif" /> <br /><i>Figure 5: How the user interface looks.</i><br /><br />The functionality provided by the various icons shown in Figure 4 will now be looked at in more detail.<br /><br /><b>Connection Browser</b><br /><br /><img src="http://www.pocketpcthoughts.com/images/web/2003/PocketDBAConnection.gif" /> <br /><i>Figure 6: Connections.</i><br /><br />The connection browser allows viewing of all current database users and running processes. From here, you can monitor existing locks, view resource usage for the current connection and examine processes that may be blocking other sessions. It is possible to kill sessions from this option.<br /><br /><b>Security Browser</b><br /><br /><img src="http://www.pocketpcthoughts.com/images/web/2003/PocketDBASecurity.gif" /> <br /><i>Figure 7: Security.</i><br /><br />This allows you to manage the users, roles, profiles and their permissions. You can tap on a user or role name to look at more detail. From there, you can manage, assign or revoke permissions of users and roles.<br /><br /><b>Objects Browser</b><br /><br /><img src="http://www.pocketpcthoughts.com/images/web/2003/PocketDBAObjects.gif" /> <br /><i>Figure 8: Objects.</i><br /><br />The objects browser allows you to look at every object stored in the current database, e.g. tables, views, stored procedures, rules, defaults, user defined data types and user defined functions. It is also possible to modify much of what can be seen, for example the permissions on a table, or rebuild an index on a database.<br /><br /><img src="http://www.pocketpcthoughts.com/images/web/2003/PocketDBAObjectsTable.gif" /> <br /><i>Figure 9: Drilling down to a table.</i><br /><PAGEBREAK><br /><b>Storage Browser</b><br /> <br /><img src="http://www.pocketpcthoughts.com/images/web/2003/PocketDBAStorage.gif" /> <br /><i>Figure 10: Storage.</i><br /><br />This allows you to manage the physical organisation of the databases. From here, you can manage filegroups, data files and transaction logs.<br /><br /><b>SQL Command Center</b><br /><br /><img src="http://www.pocketpcthoughts.com/images/web/2003/PocketDBASQL.gif" /> <br /><i>Figure 11: SQL Command Center</i><br /><br />This feature allows you to execute any of the commands that you might execute using the SQL Query Analyzer on a Windows PC. It allows you to create and execute any ad hoc SQL statement. These commands can also be saved for future execution - a very powerful feature, given the difficulties of entering complex text on a Pocket PC :wink: The software allows you to save the command in one of three places, depending on how you want to re-use it: accessible from any user on just that database, accessible from any database by just the current user or accessible by just the current userid on just the current database. The documentation mentions a fourth option - global (any database, any user) - but it isn't available in the user interface, so it isn't clear whether the feature has been removed, never implemented or is still on its way. The SQL command feature becomes even more powerful when you use the ability to have variables in statements. When you execute the statement, you are prompted for the variable's value.<br /><br />When you first enter the SQL screen, the statement shown is the last SQL statement executed by PocketDBA. For example, if you were looking at the jobs & then clicked on the SQL button, you might see a screen like Figure 12. Personally, I'm not sure what Expand Beyond were thinking of when they decided this would be a good idea. Whenever I've gone into this screen, the first thing I've had to do is to cut the existing text :roll: <br /><br /><img src="http://www.pocketpcthoughts.com/images/web/2003/PocketDBASQLJobs.gif" /> <br /><i>Figure 12: The SQL screen after the Jobs screen.</i><br /><br /><b>Jobs Browser</b><br /><br /><img src="http://www.pocketpcthoughts.com/images/web/2003/PocketDBAJobs.gif" /> <br /><i>Figure 13: Jobs.</i><br /><br />The jobs browser allows you to view existing jobs and execute, stop, start, enable and disable jobs. From here, for example, you can manually run a pre-defined backup job or a DTS package that has been stored on the system.<br /><br /><img src="http://www.pocketpcthoughts.com/images/web/2003/PocketDBAJobsDetail.gif" /> <br /><i>Figure 14: Detail for the backup job.</i><br /><br /><b>Instance Browser</b><br /><br /><img src="http://www.pocketpcthoughts.com/images/web/2003/PocketDBAInstance.gif" /> <br /><i>Figure 15: Instance options.</i><br /><br />This part of the product allows you to modify the instance configuration properties, view server logs, maintenance plans, all scheduled jobs and backup devices.<br /><br />The interface for the Jobs section is extensive in the amount of detail you can see, but is limited in terms of what you can do. You can enable, disable, start or stop jobs. You can drop parts of a job, e.g. a step or a schedule. However, you cannot edit a step or schedule. From a remote administration point of view, I suppose this is reasonable. I don't think I'd want a DBA to be making large changes remotely without having thought things through. I would view a product like this as being used for emergencies more than anything else.<br /><PAGEBREAK><br /><b>Database Browser</b><br /><br /><img src="http://www.pocketpcthoughts.com/images/web/2003/PocketDBADatabase.gif" /> <br /><i>Figure 16: Database information.</i><br /><br />The database browser is used to view general database information, change database settings or grant database level permissions to a user or role.<br /><br /><b>Shell Command Center</b><br /><br /><img src="http://www.pocketpcthoughts.com/images/web/2003/PocketDBAShell.gif" /> <br /><i>Figure 17: Shell command center.</i><br /><br />This allows you to execute commands in the OS environment on which your database resides. In the configuration under review, this would be Windows, but the Expand Beyond product supports Solaris & Linux as well.<br /><br />You can enter multiple lines of commands, which is useful if you need to do things like change directory, and then click on the submit button. There are options to turn off the row-based formatting (so you just get the output without the tables), setting a timeout, turning on or off the support for variable substitution and saving the command for future use. As with other output, the results are paginated. Unfortunately, there seemed to be a bug in the software so that I couldn't get the subsequent pages of output to display.<br /><br />Clicking on the Service Manager tab takes you to Figure 18. Unlike the service management feature built into PocketAdmin (more on this below), this feature is limited to the services used by the SQL server. Rather than just having the links shown, I would have preferred visual confirmation of the current status of the services.<br /><br /><img src="http://www.pocketpcthoughts.com/images/web/2003/PocketDBAShellServices.gif" /> <br /><i>Figure 18: Managing the SQL services.</i><br /><br /><b>Tuning Browser</b><br /><br />This provides you with a variety of statistics from the system to help you tune or reconfigure parts of the server. Some of the screens are shown below.<br /><br /><img src="http://www.pocketpcthoughts.com/images/web/2003/PocketDBASQLTuningSQL.gif" /> <br /><i>Figure 19: Data and procedure cache statistics.</i><br /><br /><img src="http://www.pocketpcthoughts.com/images/web/2003/PocketDBASQLTuningLog.gif" /> <br /><i>Figure 20: Log statistics.</i><br /><br /><img src="http://www.pocketpcthoughts.com/images/web/2003/PocketDBASQLTuningCache.gif" /> <br /><i>Figure 21: Cache usage statistics.</i><br /><br />It is a shame that Figure 21 doesn't fit properly into the browser. The "Statistic" column could clearly be made narrower, which would help to bring the "Value" column back onto the screen.<br /><PAGEBREAK><br /><span><b>PocketAdmin</b></span><br />If, when you connect to the XBanywhere server, you want to log into PocketAdmin instead of PocketDBA, a valid login presents you with a list of the domains that can be managed from the gateway server selected or you can choose a "non-directory machine". This phrase describes a server or workstation that is not a member of an Active Directory domain. This allows you to manage, for example, NT 4 servers.<br /><br />If you choose a domain, the page will change to something like Figure 22.<br /><br /><img src="http://www.pocketpcthoughts.com/images/web/2003/PocketAdminIcons.gif" /> <br /><i>Figure 22: The facilities within PocketAdmin.</i><br /><br />As you can see from the previous screenshot, PocketAdmin works on two levels - the domain and the computer. The domain configuration affects those entities stored in Active Directory. The computer configuration affects entities that are local to the selected computer. This can include additional functionality such as Exchange and IIS. The process to select objects such as users or computers is done through the OU browser, as shown in Figure 23. This is a flexible interface that allows you to step down into the OU tree structure to find the object you are looking for.<br /><br /><img src="http://www.pocketpcthoughts.com/images/web/2003/PocketAdminOUbrowser.gif" /> <br /><i>Figure 23: Browsing organisational units & containers.</i><br /><br />As with PocketDBA, the screens produced by PocketAdmin follow a similar structure. The top portion of the screen consists of the domain link (allowing you to choose a different domain or a non-directory computer), the computer link (allowing you to choose a different computer within the current domain), the logout button (allowing you to log off from PocketAdmin) and the Shell button (giving you access to the command line interface. Following the structure set down by PocketDBA, the rest of the screen contains the crumb trail and the content, with pagination buttons if required.<br /><br />The functionality provided by the various icons shown in Figure 22 will now be looked at in more detail.<br /><br /><b>Domain Users Browser</b><br /><br /><img src="http://www.pocketpcthoughts.com/images/web/2003/PocketAdminUsers.gif" /> <br /><i>Figure 24: Domain users.</i><br /><br />This browser allows you to add users to the currently selected domain, or manage existing users. Drilling down the OU to select a user provides you with details on that user including mailbox information if Exchange is being used in your organisation. An example is shown in Figure 25.<br /><br /><img src="http://www.pocketpcthoughts.com/images/web/2003/PocketAdminUser.gif" /> <br /><i>Figure 25: Managing a user.</i><br /><br />From here, you can change the user's password, see what groups the user is in, create, move or delete the user's mailbox, allow or reject email from specified addresses or set mail size limitations. You can also enable, disable or delete the user. Note that you cannot change group membership here. You have to do that with the next tool.<br /><br /><b>Domain Groups Browser</b><br /><br /><img src="http://www.pocketpcthoughts.com/images/web/2003/PocketAdminGroups.gif" /> <br /><i>Figure 26: Domain groups.</i><br /><br />From here, you can manage the membership of existing groups. It is not possible to add or delete groups.<br /><br /><b>Domain Printers Browser</b><br /><br />I could not get this feature to work on my test installation. That said, when it does work, you see what printers have been published in Active Directory. From there, you can see what jobs are in the queue for a given printer and, if there are any, restart, pause or cancel a job.<br /><br /><b>Domain Shares Browser</b><br /><br /><img src="http://www.pocketpcthoughts.com/images/web/2003/PocketAdminShares.gif" /> <br /><i>Figure 27: Domain shares.</i><br /><br />This feature allows you to see a list of all shares that have been published to the Active Directory. It also allows you to publish further shares. There is no facility for removing published shares.<br /><PAGEBREAK><br /><b>Local Users Browser</b><br />As with the domain users browser, here you can add, delete, enable & disable users, change their password and see which groups they are a member of.<br /><br /><b>Local Groups Browser</b><br />As with the domain groups browser, you can see what groups exist and manage the membership of those groups. You cannot delete or add groups.<br /><br /><b>Local Printers Browser</b><br />As with the domain printers browser, you can see what printers are defined for the currently selected computer. If there are any jobs in the queue for a printer, you can pause, cancel or resume the job.<br /><br /><b>Local Shares Browser</b><br />Here, you can see all of the shares defined for the currently selected computer. For non-administrative shares, you can see further details of the share and manipulate the permissions of the share. It is also possible to add new shares.<br /><br /><b>Local Computers Browser</b><br />It is from the local computers browser that you can see general information about the system, browse the defined environment variables, shutdown, reboot or power off the computer and manage IIS or Exchange. It should be noted that only IIS 6 can be managed - earlier versions do not support the programming interfaces that Expand Beyond are using. IIS management is currently limited to stopping, starting or pausing the selected Web site within the IIS configuration. As can be seen from Figure 28, the software doesn't display the proper name for each Web site. Instead, it displays an internal IIS name, which isn't very helpful if you've got more than one site defined.<br /><br /><img src="http://www.pocketpcthoughts.com/images/web/2003/PocketAdminIIS.gif" /> <br /><i>Figure 28: Managing IIS.</i><br /><br />If the selected computer is running Exchange, two additional tabs appear, allowing you to review the queues (Figure 29) and the connectors (Figure 30). If you are using Exchange 2003, you can list all of the messages that are in a queue and freeze, thaw or remove individual messages. The table layout for the queues could do with a bit of time spent improving it - taking up five lines for each row means that (a) you don't see many queues on a screen, (b) you lose the column headers off the top of the screen too quickly and (c) it is just too darn hard to figure how which cell matches onto which column.<br /><br /><img src="http://www.pocketpcthoughts.com/images/web/2003/PocketAdminExchangeQueues.gif" /> <br /><i>Figure 29: Exchange queues.</i><br /><br /><img src="http://www.pocketpcthoughts.com/images/web/2003/PocketAdminExchangeConnector.gif" /> <br /><i>Figure 30: Detail of an Exchange connector.</i><br /><br /><b>Local Events Browser</b><br /><br /><img src="http://www.pocketpcthoughts.com/images/web/2003/PocketAdminEvents.gif" /> <br /><i>Figure 31: Events browser.</i><br /><br />The local events browser allows you to drill down the events log of the currently selected computer. As you can see from Figure 31, the list of event logs shown is dependent on the logs available from the computer. The server selected in this example is a Domain Controller. Selecting a log takes you down to the next level, where you can clear the log or page through the events (Figure 32). You can then click on a specific event entry to see the full detail (Figure 33).<br /><br /><img src="http://www.pocketpcthoughts.com/images/web/2003/PocketAdminEvents2.gif" /> <br /><i>Figure 32: Looking at the application events.</i><br /><br /><img src="http://www.pocketpcthoughts.com/images/web/2003/PocketAdminEvents3.gif" /> <br /><i>Figure 33: Looking at a specific event entry.</i><br /><PAGEBREAK><br /><b>Local Processes Browser</b><br /><br /><img src="http://www.pocketpcthoughts.com/images/web/2003/PocketAdminProcesses.gif" /> <br /><i>Figure 34: Process browser.</i><br /><br />From the processes browser, you can click on a process to get further information on the process or to kill that process. Some of the additional detail available can be see in Figure 35.<br /><br /><img src="http://www.pocketpcthoughts.com/images/web/2003/PocketAdminProcessDetail.gif" /> <br /><i>Figure 35: Process detail.</i><br /><br /><b>Local Services Browser</b><br /><br /><img src="http://www.pocketpcthoughts.com/images/web/2003/PocketAdminServices.gif" /> <br /><i>Figure 36: Services browser.</i><br /><br />From the services browser, you can select the service of interest and then stop or start it, or change the startup method for the service (automatic, manual or disabled).<br /><br /><b>Shell Command Center</b><br />This is identical to the shell command center feature offered by PocketDBA.<br /><br /><b>Performance Monitoring</b><br /><br /><img src="http://www.pocketpcthoughts.com/images/web/2003/PocketAdminPerfmon.gif" /> <br /><i>Figure 37: Browsing the performance categories.</i><br /><br />To utilise the performance monitoring feature, you can to start by selecting the performance category required. Once you've done that, the criteria for that category will be displayed. Once you've selected the criteria, the monitoring process will start and you can view a graph that tracks the results, as shown in Figure 38.<br /><br /><img src="http://www.pocketpcthoughts.com/images/web/2003/PocketAdminPerfmon2.gif" /> <br /><i>Figure 38: Page faults being monitored.</i><br /><br />Unlike PerfMon on a Windows PC, only one criteria can be monitored at a time, and the system will only keep samples for up to a minute, after which you just see the last minute's worth. Those limitations aside, this is a fantastic way of being able to drill down into specific areas of interest. On a Pocket PC, it can be a bit awkward paging through the options available, so it might be useful in a future version to be able to bookmark favourite categories & criteria to make it easier to pick the monitors you tend to favour more than others.<br /><br /><span><b>PocketAdmin Console</b></span><br />Although both PocketDBA & PocketAdmin provide a command line interface to the servers that are managed by the suite, the design of the user interface is limited to enter a command, submit it, see the results. For a typical administrator who is trying to troubleshoot a problem, the flow is more likely to be "try a command, try a different command, look at the output, try a third command", i.e. the ability to be able to retain the output from previous commands would be useful.<br /><br />With that in mind, Expand Beyond also provide the PocketAdmin Console. This is a very simple to use application that establishes an SSH connection between your Pocket PC and the system you are trying to connect to. A useful feature of the console is the ability to create macros, thus avoiding the need to manually enter useful & often used commands like "netstat -a".<br /><br />Another important use of this application is the ability, once you've set up the secure connection to the SSH server, to then telnet on to other systems that might not be actively managed from the software. Such systems might include routers & firewalls.<br /><br /><span><b>Gotchas</b></span><br />Some problems were experienced with a few of the features during the writing of this review, specifically around adding users to domain groups, looking at domain printers and moving onto the next page of a set of results. These problems may be down to the test environment I was using, or it may be that I've found some bugs in the product. Expand Beyond's Technical Support team are currently trying to reproduce my reports in order to determine the cause(s).<br /><br />Beyond that, the only other quibble I've got is that, as pointed out during the review, some of the tables could do with a slightly better layout in order to fit more information onto the Pocket PC display.<br /><br /><span><b>Where To Buy</b></span><br />The product can be bought directly from <a href="http://www.xb.com">Expand Beyond</a>. Prices for the Mobile Suite start at $2,500 for managing between one and 10 objects, and go up to $50,000 for an Enterprise license. An object is a CPU under PocketDBA, a workstation or server under PocketAdmin for Windows and any host you wish to connect to under PocketAdmin Console.<br /><br />Please contact their Sales department ([email protected]) for pricing for licences to suit your needs. A 30 day trial can be requested.<br /><br /><span><b>Specifications</b></span><br />The XBanywhere server can be installed on Windows 2003, Windows 2000 (service pack 2 or later), Windows NT 4 (service pack 6a), Sun Solaris (version 8 and 9) or Red Hat Linux (version 7.3 and 8.0). An X virtual frame buffer (Xvfb) is required for Solaris and Linux use.<br /><br />SSH from OpenSSH or SSH.com is required for command-line access to Windows systems, and optionally for Solaris or Linux systems (telnet is supported as an alternative).<br /><br />Approximately 100MB if free disc space is required to install XBanywhere. A minimum of 256MB of free RAM is recommended. For Windows & Linux, a Pentium II process or better is recommended. For Sun Solaris, a 250MHz or better SPARC processor is recommended.<br /><br />The Gateway software can be installed on Windows 2000 (Service Pack 2 or later) or Windows XP Professional. It is not currently supported on Windows Server 2003. The OS installation will also require IIS, .NET Framework v1.1 and MDAC v2.7. If you have an Exchange infrastructure you want to manage, the Exchange Administration software must also be installed on the Gateway system.<br /><br />The PocketAdmin Console software requires an ARM or XScale processor device. The documentation states that it is compatible with Pocket PC 2002 and 2000 (subject to the processor restriction). I can't see any reason why it wouldn't work with Pocket PC 2003, but I didn't have such a device to test it on. A list of tested devices is available at <a href="http://www.xb.com/faqs.html">http://www.xb.com/faqs.html</a>, along with details of wireless modems that have been tested.<br /><br /><span><b>Conclusions</b></span><br />The product is relatively straightforward to install, requiring two servers in a typical environment. That's all - there aren't any agents to install onto the managed systems, which is of great benefit as it minimises the impact on the deployment of the product and makes it easier to maintain as new releases come out. That everything can then be managed from a Web browser is just fantastic.<br /><br />The documentation is clear and contains lots of practical examples so that it is clear how the product can be used.<br /><br />The Mobile Suite is an extremely powerful product that is very easy to use. It makes good use of technology to deliver a low bandwidth yet sophisticated user interface. I have used both version 2.2 and 2.3, and I am impressed with the way Expand Beyond continue to develop and enhance the product. They are working on a new release for later on in 2004 and, from the replies they've sent me, are clearly open to suggestions as to what features would be useful to see in the product.