Like many other universities, the University of Illinois in Urbana-Champaign, Ill., has an e-commerce site for downloads and access to academic software. Like many other e-commerce sites, the U of I’s WebStore ran its shop from department-owned, physical servers until it switched to virtual machines, hosted in a data center; in this case the university’s own.
We sat down with Phil Nyman, lead training specialist at U of I’s Technology Services department, to see how his organization handled one of the effects virtualization had on their operation: specifically, how they managed physical USB-key licenses when they had no physical ports in which to plug them.
Q: Tell us a little about Univ. of Ill. Technology Services’ role in the WebStore.
A: Our group provides a variety of applications to students and staff on the three University of Illinois campuses, in Chicago, Urbana-Champaign and Springfield. We also serve people who access software from off-campus; actually, from anywhere in the world.
For a number of these applications–mostly statistical and engineering packages–the license key information is provided by the vendor on a USB key whose contents cannot be copied to a file share. Only a few years ago, these keys could be directly attached to a physical server. Now that the infrastructure has been virtualized — first Hyper-V, now VMware –direct attachment is no longer an option.
Q: So how did you bridge the gap between physical dongles and virtual servers?
A: After investigating software USB emulation solutions, we decided to use dedicated hardware. The SEH myUTN-800 Dongle Server had what we needed–plenty of USB ports, network and power supply redundancy, as well as an easy-to-configure and administer web-based interface.
The SEH myUTN Dongle Server.
The dongle server appears as a device on the network. It just presents the USB keys as drives that you can mount. We control user access to each license key using the dongle server’s port key control feature.
Q: Can you walk me through the customer process?
A: WebStore customers either download applications from a secure file share or access them from our remote application server. If it’s remote access, they just get charged and the process of license verification is transparent. If they download and install the software, they typically provide an IP address, which is then entered into that software’s license manager. Once a key is plugged into the dongle server and that license server makes contact with it, our staff gives the customer an installation code/key.
As far as the user is concerned, the fact that this is a license on a USB key is completely invisible and irrelevant.
Q: How do you get your key back?
A:The software’s license manager automatically updates these keys or revokes them, as subscriptions expire and people renew or don’t. The renewal cycle is set by the software vendor. It’s not something we control.
Q: How often do you have to actually use the administration interface? To what degree is the license provisioning automated?
A: We actually use the administrative interface very little; only when we get a new piece of software that uses a USB key. Once the keys are installed and mounted, the license servers see them and there’s no need to look at anything else. The key gets picked up automatically and presented as a drive.
Q: How did you find the myUTN and who did you purchase it from?
A: I found it on an online search; I saw that SEH had exactly what we were looking for and ordered it from CDW, one of our university resellers.
Q: Who provides tech support?
A: I was initially in direct contact with Mike [Majewski, SEH President, North America] with various setup questions. I haven’t needed any tech support for a long while.
Q: Why did you rule out a software-based license manager?
A: Even if you wanted to go with a piece of software, these dongles would still have to be plugged in somewhere. We determined that a dedicated hardware solution would be more robust and flexible, more enterprise-class and easier to manage. Since the license server virtual machines are by definition not tied to a specific host, they can migrate. If we were to plug a set of these keys into a particular physical machine host, they would lose their connection when the virtual machine moves. So we really needed to present these keys with a static network presence and an IP address of their own, one that wasn’t tied to any specific machine.
Q: How long has the dongle server been in use?
A: It’s been in use 24×7, year-round for about three years.
Q: Has the power supply and network redundancy ever come in handy?
A: The redundancy is helpful, even though we’ve fortunately never needed it.
Q: Do you have any plans to increase the number of dongles you can manage?
A: Yes, we’re now getting a second myUTN-800 unit, for another 20 ports.