Written by Maxim Klimanov
Everybody got used to the fact that an UPS is a very heavy metal or plastic box of a medium size that can only beep when the power goes down. And to this box we trust the security of home computers and audio/video system as well as servers with expensive network devices. Is it possible to get extended information about the UPS state by standard means or system administrators are just doomed to listen to these beeps? One of the ways out can be the use of special ports with the help of which the UPS is connected to the computer and its state is monitored by PowerChute utility. Yet, this solution is not ideal, as for its realization the UPS should be placed near the computer or server it protects. Besides, without add-in cards the UPS can be monitored and administrated only on the computer or server connected to it by special COM or USB-cable. The administration of a group of UPSs turns into a real headache for IT-specialists of any company. A more universal way of UPS administration is when it is connected to LAN with the built-in or additional management card. And this very scheme we are going to study on the example of APC UPS with AP9617 and AP9619 optional management cards. The use of APC UPS management cards allows not being dependent on a certain computer or server. A correct OS shutdown is performed by PowerChute Network Shutdown utility. Yet this utility provides only minimum information needed for correct shutdown of a PC and nothing about UPS operation and settings.
Exterior and Interior design
Management card can be inserted into an UPS through a special connector on the back panel of the device or through a special optional chassis if there is more than one card. In case an UPS is sold without the pre-installed NIC this connector is closed with plastic or metal cover to prevent from penetrating of dust and foreign objects into the device. The process of AP9617 installation into APC Smart-UPS 750 is shown on the photo below.
The card itself is a green printed circuit board with one-sided element location.
The battery is used for the built-in clock. Beside the specified elements there is also WJLXT972C chip (Intel) on the board. Judging by the location of this chipset we can say that it is related with network support. Beside all the above mentioned there is a connector for optional add-in cards and sensors. The review of management system hardware of APC UPS is over here.
Firmware update of the management card can be performed in two ways: via telnet (with the help of XMODEM, TFTP or FTP protocols) or by a special program that goes together with new firmware image. Updating via web-interface is unavailable. Let’s make a brief review of each way.
To make the update via telnet it is necessary to download files with the latest firmware version to a separate FTP or TFTP server. By the time the article was written the files were apc_hw02_aos_355.bin and apc_hw02_sumx_355.bin. On entering the device it is necessary to go over the following submenus: System-Tools-File Transfer.
Here it is necessary to select the desired way of update and proceed to the process of firmware update which is presented below.
It should be mentioned that for successful update both files must be downloaded.
Now let’s turn to the method of updating via special utility upgrd_util.exe. After running the utility it is necessary to specify the IP-address of the management card, the user name and password.
If all the parameters are correct then the next step is to press 1 to continue with the update process. The whole process is shown below and usually doesn’t take more than 5 minutes.
The firmware is updated. Let’s go on to studying its functionality.
Console management and telnet
The use of add-in cards AP9617 and AP9619 with APC UPS gives a wide range of possibilities in UPS management. We have installed management cards into Smart-UPS 750 and Smart-UPS 3000 RM. We also tested Smart-UPS RT 5000 XL in which the management card was inserted at a factory. These devices are equal in configuration that’s why Smart-UPS 3000 RM has been taken as a basis for description of the configuration process. The access speed via console port is 2400 baud.
After entering the correct account information (name and password) the user gets an access to the main menu of the device.
Let’s study more thoroughly some menu categories to see what possibilities give AP9619 and Smart-UPS 3000 RM to administrators.
When addressing to the first category of Device Manager menu the administrator gets information about the connected devices.
The first subcategory, i.e. Smart-UPS 3000 RM contains information about input and output voltage, alternating current frequency, battery charge, load power as well as about voltage maximum and minimum line registered by the device.
Yet the functions of AP9619 are not limited to providing the access to the UPS through the net. It also allows connecting some sensor, for instance, a temperature sensor which goes together with AP9619. In order to get an access to the sensor it is necessary to select the Environment subcategory in Device Manager menu.
Judging by the above displayed output the temperature in the room where the sensor was placed is 17 degrees C. AP9619 makes it possible to specify the temperature limits. Any temperature deviation from the setpoints is reported to the administrator. Such feature of the add-in card is useful in cases when there is no other thermal monitor in the racks which allows turning off a group of servers when the air temperature inside the rack reaches the critical level.
Let’s go back to the main menu and have a brief look at the rest two complicated categories: Network and System. In the Network category one can configure network parameters of the management card. In the TCP/IP subcategory there are all the IP parameters of AP9619. In the rest of the subcategories (DNS, Ping Utility, FTP Server, Telnet/SSH, Web/SSL/TLS, Email, SNMP, Syslog and WAP) one can configure the corresponding protocols and services. Thus, Ping Utility is used for checking network connectivity via ICMP echo-request.
The System category allows the administrator to manage the list of users that have an access to the device, to configure time/date parameters and to get the additional information about the connected devices.
The review of console capability is over here. Yet, we can’t but mention about some problems that we came across while UPS administration. Shortly before the article was ready, we bought racks and IBM UPS 7500. APC AP9619 cards were installed in these UPSs. UPS7500 is supplied with the USB-Serial cable that should be used when all the available COM-ports are occupied or there are no COM-ports at all. The attached disk didn’t have drivers for our test system, Microsoft Windows Vista Ultimate x64 Rus. There was the model name "AP9833 - APC USB to Serial Smart Signaling Cable" on the package of the controller. Unfortunately, the official APC web-site didn’t give us any information about this cable. Addressing to a web search engine was not very effective because of the lack of comprehensive information. Yet, we got an idea about the device we had. Drivers for the above mentioned OS were found here. We consider it a bit strange that the vendor didn’t mention about such adaptor on its site.
When addressing to the UPS via a web-browser the user is required to enter the user name and password.
Upon successful authentication, the administrator finds himself in the AP9619 first page. On this page there are several log entries of the UPS operation as well as presence and absence of alarm. On the whole, the web-interface is equal to the console and has many features in common.
Let’s pass on to the UPS tab. It contains such categories as Overview, Status, Control, Configuration, Diagnostics, Scheduling, Sync Control, PowerChute® and About. In the Overview category there is some general information about the device loading and battery charge.
A more detailed information about the device current status can be found on the Status page.
The main device power parameters are placed in the subcategories of the Configuration menu.
The subcategories of the PowerChute® menu allow configuring the interaction of AP9619 with the technology of the same name.
All the parameters of the additional sensors are placed in the menu categories in the Environment tab.
The Logs tab allows configuring the log parameters.
Let’s go on to the last tab – Administration. It contains four groups: Security, Network, Notification and General.
The web-interface group Network duplicates the features of the same-name console menu.
The configurations of AP9619 triggers for different events are made in the Notification group.
The general configurations are in the General group. Here the user can configure the time and the UPS identification, as well as preferences in temperature measure; and get the information about serial number, MAC-address, card uptime etc.
The brief review of the web-interface is over for now. Let’s test the UPS network management card in work.
In order to check the network self-protection of the management card we performed network scan with the help of Positive Technologies XSpider 7.5 (Demo build 2000). We found only three open TCP-ports: 23 – Telnet, 80 – HTTP and 443 – HTTP SSL. The most interesting additional data are presented below.
TCP-443 HTTP SSL
The availability of the cross site scripting doesn’t have a direct negative effect on the management card itself or on the UPS. Yet, it allows attacking other users addressing to the card web-server.
We measured the current load passing through the devices connected to the UPS with the help of an amperemeter. The value read with the help of the amperemeter and the data displayed in the web-interface were almost the same. It is worth mentioning that the UPS spends part of the received energy on its own needs that’s why it is necessary to take into consideration that the consumed power exceeds about 10 percent the one that goes to the powered devices.
At the beginning of the article we specified the main topic as the management and monitoring of the UPS, so let’s hold to this idea up to the end of the testing. With a great number of UPSs located in different racks and even at different computer centers there appears a serious problem in management of the scattered UPSs and in the data acquisition. As after the installation of AP9617 or AP9619 the APC device becomes available by SMTP protocol we decided to gather the statistics by means of this protocol and then display it in the form of a diagram. For these purposes we used a freeware MRTG – MultiRouter Traffic Grapher which is good not only for gathering statistics on the quantity of sent data via network interfaces but also for displaying any other numerical information. For this part of the testing we chose APC SmartUPS 750 with the installed AP9619 card to which were connected additional external temperature and humidity sensors. With the help of MRTG it is possible to collect and to store in the web-form such UPS parameters as input and output voltage, output current, battery load and capacity, temperature of the battery and of the external sensor, the cause of the last battery use, the management card network activity. For displaying the received text and diagram data we used freeware HTTP-server – Apache. By the time the article was written the latest stable MRTG and Apache versions were 2.16.2 and 2.2.8 respectively. The daily measurement of the input voltage is shown below.
Here the testing is over.
On the whole we find the tested management system quite satisfying. The advantages of this system are the following.
- Configuration flexibility and simplicity in installation.
- The possibility of connecting additional sensors (in some management card models).
Still there were some negative moments such as the price of the management cards. At that moment AP9617 and AP9619 cost $200 and $400 respectively which is equal to the price of cheap UPSs. The unavailability of firmware upgrade via the web-interface makes the process of changing the AP9617/9619 firmware more difficult.
When the article was almost ready we found out that APC released two new management cards – AP9630 and AP9631 as an alternative for the existing ones. Nevertheless everything said in the article about AP9617/9619 is valid for the new management cards as well.