Out-of-Band Management: What is it and why do I need it?

Remote IT Infrastructure Management

What is Out-of-Band Management (OOBM)?

While In-Band Management is the ability to administer a network via the LAN, Out-of-Band Management is a solution that provides a secure dedicated alternate access method into an IT network infrastructure to administer connected devices and IT assets without using the corporate LAN.

Secure Out-of-Band Management puts an end to costly onsite visits.

Why do I need Out-of-Band Management?

The primary benefit of an out-of-band management interface is its availability when the network is down, a device is turned off, in sleep mode, hibernating, or otherwise inaccessible. OOBM can be used to remotely reboot devices that have crashed and manage powered-down devices. The core idea is to preserve 24/7 uptime of your network by ensuring you always have access to critical IT assets like routers, switches, firewalls, servers, power, storage, and telecom appliances that operate the organizations' backbone communication framework.

When a Network Administrator needs to monitor, manage, troubleshoot, or re-boot critical IT assets, they will generally access the devices directly over an Ethernet network. However, when 24/7 uptime is expected this single point of access is not enough. When IT assets are in off-site locations, controlled server rooms, or the network administrator is in a different location, they need a secure way to remotely access the USB, RS232/422/485, or Ethernet console management port of every device on the network.

In today's world, organizations find it impossible to work without access to their network computers and enterprise-wide systems. The ability to monitor and manage these networks and keep them up and running is pivotal to their business. The responsibility to ensure that organizations have faultless access to their systems is placed on Network Administrators. They must ensure that servers supplying mission-critical applications are functioning and that the entire network connecting the data to a multitude of users remains functional. When networks crash, so do productivity and profits. And the longer a network is down, the greater the impact on the enterprise.

Is Out-of-Band Management a software or hardware solution?

Software management tools can be used for performance monitoring, and some remote troubleshooting but, they only work when the network is up. During system or network outages, a Console Server is a single hardware solution that provides secure OOBM to monitor IT assets and devices from multiple vendors. A Console Server gives administrators access to multiple USB, RS232, or Ethernet console management ports from anywhere, anytime, and any platform, as if they were locally connected through a direct connection. It can reconfigure, reboot, and reimage remotely across the internet or WANs. Disruption and downtime are minimized by providing better visibility of the physical environment and the physical status of equipment. This ensures business continuity through improved uptime and efficiencies.

When a Console Server is used in combination with a centralized management platform, deployed in the cloud or on-premise, users can achieve secure remote device access and management through a single application. This pairing creates a powerful monitoring and management tool to empower administrators to seamlessly scale deployments, edit configurations, update firmware, monitor system health, schedule tasks, and automate routine actions – all from their preferred location and device. This complete out-of-band management approach is ideally suited to large, distributed enterprises with multiple branches such as banks, insurance companies, hospitals, utilities, retail, and schools, that may not have IT staff on-site.

The best centralized management platforms allow network operations center (NOC) personnel to:

automate regularly scheduled maintenance tasks, including diagnostics and routine checks for remote troubleshooting
track equipment inventory and see how devices are performing
gather statistics and run reports from network data stored in an SQL database
use scripts to automate tasks such as device deployment, check and update firmware levels, and configuration file distribution
reduce the need for manual intervention and ensure smooth operations across your network

What alternate access methods do Console Servers provide?

A Console Server will generally provide one, or more, of the following access methods.

Redundant copper and fiber Ethernet uplink WAN ports provide users with a flexible, cost-effective solution to transmit data from mission-critical equipment over Copper or Fiber-based Ethernet networks.
Integrated high-speed cellular access provides seamless failover to protect against wired LAN failure. It can also be used to transmit serial data or establish a direct serial to serial peer connection, over cellular networks. This is ideal when devices are located where hardwired Ethernet connections are not available but cellular networks, with their affordable data packages, are accessible.
Built-in WiFi network access over dual-band radio antennas for optimal wireless performance, signal reliability, and range.
Integrated V.92 modem connection for a secure and reliable out-of-band connection over the POTS network.

For optimal uptime, it is best to choose a Console Server with multiple access methods, fail-over to OOBM, and fail-back to the primary network.

How secure is using a Console Server for Out-of-Band Management?

While device management through the out-of-band management connection can be done via a network connection, it is physically separate from the "in-band" network connection that the system is serving. Unauthorized users do not have access to the out-of-band network channel because there is no connection to it from the regular network channel, making it very secure. It is best practice to choose a Console Server that offers high-level security features for secure access to critical network devices. Considerations include:

Strong authentication schemes such as RADIUS with RADSec, TACACS+, LDAP, Kerberos, NIS, and RSA to comply with existing network security policies
Secure Remote Access through an OpenVPN or IPSec tunnel to ensure your confidential data is protected and secure
Support for Secure Boot to ensure malware and rootkits cannot compromise the integrity or security of the device. It provides a robust defense against a variety of threats, supports regulatory compliance, and maintains device integrity.
Console Servers with Trusted Platform Module (TPM) 2.0 have hardware-based encryption, secure key storage, platform integrity, and compliance with security regulations.

Our customers’ security is a top priority for us. We picked the Perle unit because it offered the port density we were looking for and provided enhanced security features such as SSH with no expensive add-ons. - Fred Chagnon, Systems Administrator, Allstream

What about the cost?

Perle Console Servers do everything at a fraction of the cost of the discontinued Cisco servers. They proved to be a high-quality, reliable, and secure alternative. - John Rumbles, Engineer at Lockheed Martin

Using a Console Server for out-of-band management reduces costs. Numerous studies can be found that show the average annual downtime cost to an organization can be more than $1 million. Depending on the size of your organization downtime cost can range anywhere from $10,000 to $5 million per hour.

Console Servers maximize system administrators' productivity. A single interface provides them with simultaneous connectivity to multiple appliances and system consoles from any location. Most Console Servers offer Port Buffers of varying sizes to ensure data from the attached devices is not lost. Without Port Buffers, any data sent from a device, while an administrator is not attached, is lost. With Port Buffers, this data is captured and can be viewed later to aid in problem diagnosis. Cost savings come from:

The ability to continually support sales and payment transactions.
Saving administrators' valuable time and costs.
Minimizing expensive training.
Reduced HR and travel costs.

Why choose a Perle IOLAN Console Server for Out-of-Band Management?

A Perle IOLAN Console Server at every IT location, used in combination with our PerleVIEW Centralized Management Platform, is a powerful solution for secure remote data center management and out-of-band management of IT assets.

Dependable connectivity. Multiple Ethernet connections for always-on redundant copper and SFP fiber network access as well as optionally integrated Cellular connectivity ensure automatic failover
Secure centralized management. Cloud-based and scalable, with high availability
Support for all console management interfaces. Ethernet Management Ports, RS232 serial ports, and USB 3.0
Enterprise network security. Integrated firewall, two-factor authentication and support for all corporate AAA security services, including TACACS+, RADIUS with RADSec, LDAP, Kerberos, NIS and RSA
Cisco compatible. Straight-through patch cables to Cisco switches, routers, and firewalls save time and money during install.
Full IPv4/IPv6 routing capabilities. Support for RIP, OSPF, and BGP protocols
Durable and reliable. Every IOLAN is made from certified components with high MTBF rates to withstand the harshest conditions. An open-source platform and enterprise-grade security ensure you have the best value in one box.
Lifetime warranty. The best service and support in the industry

With advanced failover to multiple networks and Zero Touch Provisioning (ZTP), an IOLAN Console Server is ideal for data center management and remote management of IT assets from anywhere in the world.

Schedule a customized IOLAN demo with a Perle Technical Engineer

Book A Demo

What are people saying?

By placing a Perle Console Server in that room,we can get gear racked and powered immediately.We then configure everything from our desks instead of out on the data center floor with a laptop.

- John Progar, Network Engineer, Rackspace Hosting

Above all, we are impressed by the stability of the IOLAN Console Servers during operation. As far as I can remember, the IOLANs have been running without a reboot ever being necessary. We are very satisfied.

- A member of the Bielefeld IT Service Center team

…the perfect solution for support staff that need always-on remote OOB access to their core network devices. The appliance is easy to manage, its modular design makes it very flexible and its tough security measures allow access to be strictly controlled.

- Dave Mitchell, Binary Testing

Perle IOLAN Console Servers offer a best-in-class OOBM platform for businesses that are seeking to deploy and manage complex infrastructures across multiple remote data center locations.

- Andrew Froelich, for InfraMomentum

OOBM use Cases

Predictable Failover and Operational Flexibility for OOB Management in Complex Data Centers - An Inframomentum Insights Report
Advanced OOBM Tactics Simplify and Reinforce Remote Data Center Access - an interview between Network Computing and Perle Systems
OOBM of Cisco Routers, Switches, and Firewalls - Why to use a Perle IOLAN Console Server
OOBM in Education Environments - Implementing Remote IT Infrastructure Management at Universities and School Systems
OOBM in Heathcare - Implementing Remote IT Infrastructure Management in Hospitals and Medical Offices
OOBM in Government - Implementing Remote IT Management in Government Network Infrastructures
OOBM of Windows Servers - Perle’s Simple EMS/SAC Web Interface
OOBM of UNIX Solaris Servers - Understanding the “break-safe” feature

Manage your remote assets securely and with ease.

Schedule a customized IOLAN Console Server demo with a Perle Technical Engineer

Book A Demo Now!