Out-of-Band Management: What is it and why do I need it?

Remote IT Infrastructure Management

What is Out-of-Band Management (OOBM)?

While In-Band Management is the ability to administer a network via the LAN, Out-of-Band Management is a solution that provides a secure dedicated alternate access method into an IT network infrastructure to administer connected devices and IT assets without using the corporate LAN.

Why do I need Out-of-Band Management?

The primary benefit of an out-of-band management interface is its availability when the network is down, a device is turned off, in sleep mode, hibernating, or otherwise inaccessible. OOBM can be used to remotely reboot devices that have crashed and manage powered-down devices. The core idea is to preserve 24/7 uptime of your network by ensuring you always have access to critical IT assets like routers, switches, firewalls, servers, power, storage, and telecom appliances that operate the organizations' backbone communication framework.

When a Network Administrator needs to monitor, manage, troubleshoot, or re-boot critical IT assets, they will generally access the devices directly over an Ethernet network. However, when 24/7 uptime is expected this single point of access is not enough. When IT assets are in off-site locations, controlled server rooms, or the network administrator is in a different location, they need a secure way to remotely access the USB, RS232/422/485, or Ethernet console management port of every device on the network.

In today's world, organizations find it impossible to work without access to their network computers and enterprise-wide systems. The ability to monitor and manage these networks and keep them up and running is pivotal to their business. The responsibility to ensure that organizations have faultless access to their systems is placed on Network Administrators. They must ensure that servers supplying mission-critical applications are functioning and that the entire network connecting the data to a multitude of users remains functional. When networks crash, so do productivity and profits. And, the longer a network is down, the greater the impact on the enterprise.

Is Out-of-Band Management a software or hardware solution?

Software management tools can be used for performance monitoring, and some remote troubleshooting but, they only work when the network is up. During system or network outages, a Console Server is a single hardware solution that provides secure OOBM to monitor IT assets and devices from multiple vendors. The Console Server gives administrators access to multiple USB, RS232, or Ethernet console management ports from anywhere, anytime, and any platform, as if they were locally connected through a direct connection. They can be used to reconfigure, reboot, and reimage remotely across the internet or WANs. Disruption and downtime are minimized by providing better visibility of the physical environment and the physical status of equipment. This ensures business continuity through improved uptime and efficiencies.

Out of Band Network Access

What alternate access methods do Console Servers provide?

A Console Server will generally provide one, or more, of the following access methods.

  1. Redundant copper and fiber Ethernet network access. Any dual combination of 10/100/1000Base-T Copper Ports and 100/1000Base-X SFP Fiber Ports can be used to meet unique network access requirements. This design provides users with a flexible, cost-effective solution to transmit data from mission-critical equipment over Copper or Fiber-based Ethernet networks.
  2. Built-in high-speed LTE with HSPA+, UMTS, EDGE, and GPRS/GSM fallback networks to protect against wired LAN failure. It can also be used to transmit serial data or establish a direct serial to serial peer connection, over cellular networks. This is ideal when devices are located where hardwired Ethernet connections are not available but cellular networks, with their affordable data packages, are accessible.
  3. Built-in WiFi network access over dual-band radio antennas for optimal wireless performance, signal reliability, and range.
  4. Integrated V.92 modem connection for a secure and reliable out-of-band connection over the POTS network.

For optimal uptime, it is best to choose a Console Server with multiple access methods, fail-over to OOBM, and fail-back to the primary network.

How secure is using a Console Server for Out-of-Band Management?

While device management through the out-of-band management connection can be done via a network connection, it is physically separate from the "in-band" network connection that the system is serving. Unauthorized users do not have access to the out-of-band network channel because there is no connection to it from the regular network channel, making it very secure. It is best practice to choose a Console Server that offers high-level security features for secure access to critical network devices. Considerations include:

  • Strong authentication schemes such as RADIUS, TACACS+, LDAP, Kerberos, NIS, and RSA to comply with existing network security policies
  • Built-in usernames and passwords and support for encryption protocols such as SSH, SSL/TLS, IPSec VPN, SNMPv3, Telnet, and HTTPS for secure management sessions
  • Packet filtering to ensure the Console Server can be kept secure from unauthorized access
  • Support SLIP and PPP for remote user dial-in

What about the cost?

Using a Console Server for out-of-band management leads to cost reduction. Numerous studies can be found that show the average annual downtime cost to an organization can be more than $1 million. Depending on the size of your organization downtime cost can range anywhere from $10,000 to $5M per hour.

Console Servers maximize system administrators' productivity. A single interface provides them with simultaneous connectivity to multiple appliances and system consoles from any location. Most Console Servers offer Port Buffers of varying sizes to ensure data from the attached devices is not lost. Without Port Buffers, any data sent from a device, while an administrator is not attached, is lost. With Port Buffers this data is captured and can be viewed later to aid in problem diagnosis. Cost savings come from:

  1. The ability to continually support sales and payment transactions.
  2. Saving administrators' valuable time and costs.
  3. Minimizing expensive training.
  4. Reduced HR and travel costs.

Why Choose a Perle Console Server for Out-of-Band Management?

  • Up to 50 Console Management Ports that support RS232/422/485 RJ45, Ethernet RJ45, and USB 3.0 Interfaces. The modular design allows users to swap, upgrade, and scale any combination of 16-port interface cards to support all types of admin ports in one Console Management solution.
  • Dual 10/100/1000 Ethernet connection for always-on redundant copper and SFP 1G/2.5G fiber network access with automatic failover when a primary link goes down
  • Optionally integrated LTE Cellular (with failback support), WiFi, or V.92 modem for multiple alternate access methods when the network is down
  • Support for all AAA security services used in corporate networks, including TACACS+, RADIUS, LDAP, Kerberos, NIS, and RSA. And, to further protect IDs and passwords from someone 'snooping' on the network, SSH/SSL/TLS, IPSec VPN, SNMPv3, Telnet, and HTTPS secure management sessions are supported.
  • Straight-through patch cables to Cisco switches, routers, and firewalls save time and money during install.
  • Assign an IP address directly through the front panel display and keyboard without a direct PC connection. It is also a convenient way to monitor and troubleshoot all console ports as well as the dual power supply activity.
  • Perle Console Servers are made from certified components with high MTBF rates that can withstand the harshest environments. An open-source platform and enterprise-grade security ensure you have the best value in one box. Also, we provide the best-in-class Lifetime Warranty.
  • Full IPv4/IPv6 routing capabilities with support for RIP, OSPF, and BGP protocols

What do users like about Perle IOLAN Console Servers?

Perle Console Servers do everything at a fraction of the cost of the discontinued Cisco 2610 Access Servers. They proved to be a high-quality, reliable, and secure alternative. - John Rumbles, Engineer at Lockheed Martin
When we first start building a new room, we have very little connectivity, but we still need to get switches racked and configured. By placing a Perle Console Server in that room, we can get gear racked and powered immediately. We then configure everything from our desks instead of out on the data center floor with a laptop. - John Progar, Rackspace network engineer
The Perle Console Servers have a very good interface which we have found easy to install and use. We need to be sure that all the equipment we use is reliable. And it is. - Frank Wang, Principle Network Architect at SmartSky Networks
The Above all, we are impressed by the stability of the IOLAN Console Servers during operation. As far as I can remember, the IOLANs have been running without a reboot ever being necessary. We are very satisfied. - A member of the BITS Network Team
Our customers’ security is a top priority for us. We picked the Perle unit because it offered the port density we were looking for and provided enhanced security features such as SSH with no expensive add-ons. - Fred Chagnon, Systems Administrator for Allstream Internet Services & Infrastructure.
Perle’s IOLAN SCG is the perfect solution for support staff that need always-on remote OOB access to their core network devices. The appliance is easy to manage, its modular design makes it very flexible and its tough security measures allow access to be strictly controlled. - Dave Mitchell, Binary Testing.

Hi!

Have a Question? Chat with a live Product Specialist!

Have a Question?

We can provide more information about our products or arrange for a price quotation.


email-icon Send an Email
contactus-icon Send an Email callus-icon Call Us
×

Send us an Email