Tools Tablet Sys Admin Lead image: © Peter Bernik,
© Peter Bernik,

Using a tablet as a portable management console

Mobile Manager

Using a tablet as a portable management console makes sense but could make you too accessible. By Ken Hess

With the dozen or so tablet computers on the market, surely you have one by now. If not, you really must buy one. Tablets are not only lightweight, ultra-portable, and capable of performing any remote administrative tasks, but they also give you that freedom that you never had before. But, that freedom that you so desperately seek might also bring along a lengthier chain attached to it. How can you have both freedom and a chain attached? System administrators understand the concept like no other technology professional.

In the "old" days, you carried a pager that tethered you to your workplace. It was lightweight, handy, and relatively inexpensive to deploy and maintain. A needy customer, user, or manager always had you within reach, if needed. And, no matter how far away you fled, somehow the signal could reach you.

During the post-pager revolution (The 1990s), you received a new device that offered two-way communications: The ubiquitous cell phone. The cell phone could not only initiate and receive voice messages but text messages as well. The chain tightened just a bit more with that kind of access.

Today, not only is your cell phone your constant companion, it's capable of voice, text, video, email with attachments, and applications to connect you to your corporate environment from almost anywhere.

Still, it's not enough. A phone is limited in size and usability for complex tasks. But, there's a solution: A tablet computer.

The tablet computer is the new portable sweat shop. You're chained to the job. You're available 24/7x365 with a device that can deliver what you need for almost as long as you need it with no wired tethers. You are free to roam about as long as you either have a WiFi or cellular connection within reach of your location. And, these days, that's available almost anywhere you go.

Tablet Selection

My personal tablet computer of choice is the Apple iPad because of its support, popularity, and extensive app selection (all screenshots and apps shown are Apple iPad 1). The iPad has many advantages over its competitors and a single, but significant, disadvantage: Price. The iPad is expensive but its usability, stability, and market uptake make up for a large part of its price disparity.

Mobile Flash support is no longer a disadvantage of Apple's products because Adobe recently announced that they are dropping support for Flash on mobile platforms.

You can remove some of the cost issue by purchasing the 16GB model with WiFi and 3GB for US$ 629 (iPad 2). The original iPad similarly equipped costs about half that amount. Don't worry about the 16GB of space on the iPad because space is not at such a premium. Most apps only consume a few megabytes of space. One year after purchasing my iPad, I have used less than 4GB of my 32GB, and I have hundreds of apps, a few songs, and two movies on it.

If you don't like, or can't afford, Apple's iPad, you have several choices in the Android market, and HP's TouchPad with its webOS is a bargain these days.

Before selecting a tablet, check out available system administrator-oriented client applications, such as VPN, SSH, RDP, VNC, VMware View, Citrix Receiver, DaaS, Database tools, and network testing tools.

In the Toolbox

System administrators require a complete set of tools on any device used for support. Up to now, the support burden rested on the laptop computer. The tablet, as a support device, must have the capability of connecting to the corporate network via VPN or other secure portal and of providing the sys admin with an equivalent array of client and diagnostic tools with which to work.

Fortunately, app programmers and tablet vendors anticipated the need to use the tablet as something more than an Angry Birds game console. The iPad's App Store hosts dozens of sys admin tools, only a few of which are showcased here.


If you have Unix or Linux systems in your environment, you'll require a paid SSH client program. The iSSH app from Zingersoft is a multiprotocol app, in that it supports SSH, Telnet, Raw, temporary connections, tunneled RDP, and tunneled VNC. An added bonus is that it also supports X applications. The downside to iSSH is its US$ 9.99 price tag, but there's nothing else like it in the App Store. It features extensive functionality, stability, frequent updates, and a responsive developer who created a Google group specifically to enable users to drive the app's further development and fixes.

For those of you who'd like to "try before you buy," this SSH example will demonstrate some of iSSH's functionality. Setting up a new connection to a Unix or Linux system is done simply by supplying the configuration manager with a connection description and a hostname or an IP address. Then, save the configuration and select it from your connections list on the main iSSH screen.

You'll receive the standard SSH key verification prompt before connecting. Accept the key to continue to the remote system (Figure 1). Enter your username and password at the prompts to log in to the system. Upon login, you'll be presented with a shell prompt and an extended keyboard; the app offers additional keys at the top of the screen (Figure 2).

Accepting the SSH host key for your iSSH remote host connection.
Figure 1: Accepting the SSH host key for your iSSH remote host connection.
Successful login to a remote Linux system.
Figure 2: Successful login to a remote Linux system.

Although you may log in to multiple systems simultaneously via SSH and swipe (page) among them, you can only have a single X session. Figure 3 is a screenshot of an open X session with the "xeyes" application running. The other object in the screenshot is the multifunction widget that contains right and left mouse buttons, a trackpad, arrow keys, and the keyboard.

X Window session running xeyes and the iSSH multifunction widget.
Figure 3: X Window session running xeyes and the iSSH multifunction widget.

You have a choice of either twm or dwm for X sessions in iSSH. The twm implementation allows you to specify geometry and screen locations for your X apps. The dwm implementation is not as complete as twm, but some sys admins prefer it. Twm is iSSH's default window manager.


Better known as Windows Terminal Services, Remote Desktop Protocol, or RDP, is the Windows sys admin's best friend and most used tool. At last count, the App Store listed more than 60 apps from a search for RDP. My personal favorite is Hana Mobile's iRemoteDesktop Free, which is a free version of their iRemoteDesktop (US$ 4.99) app. The free version has some unobtrusive ad displays but no nagware or disabilities. (Note: After iRemoteDesktop Free installs on your iPad, its label is RDesktop, so don't be confused by the change in name.)

Figure 4 shows you a screenshot of iRemoteDesktop in action on a Windows Server 2003 system. At the top of the screen, you can see the various widgets for keyboard, connection list, mouse/trackpad, special keys, functions keys, and actions. The problem with iPad apps is that there are no standard gestures for them. Gestures are the taps, swipes, and motions that allow you to interact with your apps. You have to learn the gestures for each app via the online Help or vendor's website.

Connected via the iRemoteDesktop Free app to a Windows Server.
Figure 4: Connected via the iRemoteDesktop Free app to a Windows Server.

Typically, you can't smoothly move the mouse cursor from one location to the next. Instead, you have to use a tap for the new location. To right-click the "mouse," tap and hold your finger on the spot where you want to right-click. You can also use the mouse/trackpad to scroll the mouse cursor from one location to another or to right- and left-click, if you prefer. This app allows both.

iRemoteDesktop Free allows multiple connections to be open simultaneously and lets you switch among them. If you must connect to "jump" boxes to traverse networks, you can next your RDP sessions as you normally do with the desktop version of RDP.


Some sys admins avoid using or allowing Virtual Network Computing (VNC) on their networks because of its higher bandwidth requirement compared with that of RDP, PCoIP, or Citrix ICA. However, its bandwidth usage has improved with maturity because of various compression techniques. The other issue that sys admins have with VNC is that, by default, it is less secure than comparable protocols, although users can set up tunneled connections that remove that complaint as well.

Both RDP and VNC are cross-platform protocols. You can select a single protocol to run remote displays on your networks and choose one protocol over the other for various reasons. If you use VNC, you have fewer choices on the iPad for client software, but the existing ones are all good.

As I stated earlier, you can use iSSH for tunneled VNC connections or select a separate VNC client with which to connect to VNC servers.

The VNC client app that I use is MochaSoft's Mocha VNC. Both a free version (VNC Lite) and a paid version (VNC, US$ 5.99) are available. The paid version has keyboard and mouse enhancements that any sys admin would want in a VNC client. By comparison, the Lite version has too many disabilities to be useful for heavy users of VNC.

One particular feature of Mocha VNC that I really like is that during a new remote system connection setup, the app browses the network and allows you to select your VNC server system from a list. Unfortunately, the browse action is a NetBIOS browse and not a VNC server browse, so you'll have to know beforehand which system you want to select. Although not perfect, the browse utility still saves time and confusion for a busy sys admin.

The Mocha VNC app also has a Wake-on-LAN (WoL) feature that is handy for connecting to systems that users have powered down. Note that MochaSoft also has an RDP app with features similar to its VNC app: WoL and NetBIOS browse.

Figure 5 shows a Mocha VNC client connected to a Windows Server 2003 system. Along the bottom is the widget toolbar, which from left to right includes: Extended keyboard, extended keys, utilities, Enter key, full screen, and screen lock. I prefer to set the screen to full and lock it as soon as I connect to a remote system using this app so that mouse movements don't cause the desktop to move around the iPad's screen.

A Mocha VNC-connected remote Windows Server showing the widget toolbar.
Figure 5: A Mocha VNC-connected remote Windows Server showing the widget toolbar.

Web Browsers

If your corporate intranet uses Flash or Java for some of its sites, you'll need a better browser than Safari to navigate them. Several browsers for the iPad can handle Flash. The downside is that they're all cloud-hosted, which might not work under some conditions on your network.

The Puffin browser (Figure 6) is a fast, clean browser, and for only US$ 0.99, it's an inexpensive connectivity test. Puffin also can connect to web-based desktops that require Flash or Java support. Its clean design stays out of the way so valuable screen real estate isn't cluttered with browser toolbars and buttons.

The Puffin Flash and Java-compatible web browser with the tools widget.
Figure 6: The Puffin Flash and Java-compatible web browser with the tools widget.

Many companies have replaced traditional desktop towers with laptops. Laptops have long been billed as the take-anywhere device because of their inherent mobile capability. Although size, weight, and short battery life have kept them from fulfilling that ultra-mobile dream, they are portable and they do make good mobile desktop computers but with certain restrictions: the need for electrical outlets and a WiFi access point or wired connectivity.

Alternatively, tablets are ultra-portable, have long battery lives, and require no wired or WiFi connectivity to be useful. The days of using tablets as sys admin support tools are here. The problem now for you, as a system administrator, is that this new accessibility to the corporate network and its resources means more accessibility to you as well. The days of proclaiming that you "Couldn't get a signal" are coming to an end, and your days of untethered access are gone. The upside is that you can play a few rounds of Angry Birds between calls.