If you’re experimenting with Web conferencing, first look at a hosted service, such as WebEx or Microsoft Live Office. But the costs can add up quickly, especially if you have many users across your company engaging in Web conferencing. We found Juniper Networks Inc.’s NetScreen Secure Meeting appliance (SM-3000) makes both performance and economic sense for midsize to large firms looking to add Web conferencing abilities.
The SM-3000 is a 1U, rack-mounted appliance that connects quickly and easily into your network infrastructure. A serial console connection is used briefly to configure the basics: network configuration, choosing an administrator name/ password and setting the host name.
The first time you connect, you will need to set the time zone and feed it your license key. From that point on, you use an SSL connection to drive the comprehensive and customizable Web-based dashboard that provides an excellent summary of what the SM-3000 is doing and how it’s performing.
You can create and manage all your users in the locally stored database. The SM-3000 can authenticate users against several external directory services. We pointed the SM-3000 to a Microsoft Active Directory server and a Novell eDirectory server, but the SM-3000 also can authenticate against generic Lightweight Directory Access Protocol, RADIUS and other directory services (see How we did it at www.nwfusion.com, DocFinder: 4934). You are free to define numerous roles within the SM-3000, defining who can simply participate and who can create new meetings.
The SM-3000 is flexible and lets you modify scores of settings to provide the level of security you need. On an internal deployment, you can relax browser cookie requirements and allow roaming addresses. But if you want the outside world to access the SM-3000, you might want to tighten things up, such as mandating longer SSL key lengths and not using persistent browser cookies.
Getting the users ready
Users can participate in the Web conference with a browser equipped with a Java Virtual Machine (JVM).
Meeting participants fall into two categories: authenticated or guests. Authenticated participants will authenticate to the SM-3000, locally or through one of your directory services. Once authenticated, users are greeted with a schedule of the day’s meetings to which they are invited. If they have rights to create new meetings, buttons appear that can schedule meetings or launch an instant meeting. ‘
Invitations are sent to external users (clients and customers) via e-mail. A link in the e-mail takes them to a sign-in screen for that meeting. The meeting number is encoded in the URL, and the participant must provide the generated password for the meeting and his name.
It is interesting that security must be relaxed from the defaults to allow guest users. The defaults specify that only authenticated users can participate in meetings, and only people who are invited can join. You first must let unauthenticated guests connect and then let meetings be joined with a password. For example, if you wanted a client to join a meeting, he would receive an e-mail invitation to the meeting and how to link to it. He would connect as an unauthenticated guest and would only be allowed to join if he could supply the meeting password.
For true security, the invitation can be sent without the password.
The user who starts the meeting is called the Conductor and is the only one required to be an authenticated user. The conductor has control over all aspects of the meeting, such as when it ends and who has what permissions. As other participants join, they receive Viewer permissions and can watch everything that happens.
There are two remaining permissions that the Conductor can choose to share: Presenter and Controller rights. Presenters can share an application from their desktops for others to view. If the Presenter would like someone else to remotely control the application, Controller rights are granted. In a team presentation, team members can take turns controlling the application.
While it’s true that participants only need any browser with a JVM, if they want to be more than viewers, we suggest using Internet Explorer on a Windows machine. The system works fine on a Mac OS X device, but there are some known issues with the built-in Safari browser. If you run a meeting on various flavours of Linux, you can only be a participant. We used Red Hat and SuSE distributions.
Meetings with the SM-3000 revolve around sharing applications. There is a chat function built into the client, but that’s it. The client is downloaded as participants join the meeting, so there is nothing to install on client machines. If you want to use a whiteboard, the conductor needs to launch the Windows Paint application. If you want to poll members, you’re out of luck. But if you want to share applications, the SM-3000 works very well.
Presenters can share applications in a full screen, but the best resolution is a modest size (1,024 by 768 pixels). The system can go higher, but the larger the presenter’s desktop, the more bandwidth it takes to keep updating as application changes occur. If participants have a smaller screen, they can’t see everything without scrolling. A setting on the SM-3000 lets you limit the colour palette to 16 bits from 32 bits to save bandwidth.
Other drawbacks include no ability to record meetings, or the associated chat text for later playback. If the presenter just shares a PowerPoint presentation, it is easy to give the same presentation to another person at a different time. But if the meeting is more free form, such as drawing, chatting and working collaboratively, it becomes more difficult to re-create.
The SM-3000 excelled at transferring control to other meeting participants. This function makes the system a great way to remotely troubleshoot a participant’s desktop. The advantage is that a Web browser is all that’s needed on the remote machine for remote control to happen. Further, you can conduct an SSL-encrypted sharing session without the hassle of installing VPN or other security software ahead of time.
The SM-3000 might not be the ultimate Web conferencing device, but it does what it was designed to do very well. Easy to set up and manage, the system gets you up and running meetings in a short time. It shares applications very well and provides great flexibility in letting participants control the meeting.
How we did it
We installed the SM-3000 in our labs on a 100M bit/sec. Ethernet connection as directed in the setup documents. From there, we used the included serial cable to connect our Dell Latitude C840 and ran HyperTerminal to give the SM-3000 an IP address.
We then connected to the SM-3000 over HTTP using Internet Explorer to complete the few remaining configuration steps. It took us all of five minutes before we were connected with a Web browser, and logging in. Five minutes after that, we launched our first meeting.
We conducted and participated in meetings with several desktop systems, including Windows XP, Mac OS X, SuSE and Red Hat Linux.
Berkley is the manager for LAN Support Services at the University of Kansas. He can be reached at [email protected].