Out of Band Network Management in the Data Center
When in-band network management paths are unable to provide network administrators with the necessary means to management remote network hardware, an out-of-band network management strategy is a valuable addition to the arsenal of any network administrator who has network elements distributed across wide area networks.
Implementation of an out-of-band management solution allows a network administrator to have full control over all the elements in wide area networks when in-band and IP based management strategies fail. A comprehensive strategy for out-of-band management is a powerful tool in the arsenal of any administrator who desires a robust remote management strategy.
The Serial Console Port For Out-of-band Management
Most network elements, including routers, switches, clustered servers and telco head-end equipment, provide a serial console port for out-of-band connections. These tend to be standard RS-232 serial ports, used by a network administrator to access devices which may not be responding through IP based communications channels. The out-of-band management port is controlled with a terminal emulation software via CLI (Command Line Interface). The out-of-band management serial console port typically gives the administrator the ability to change the root parameters in a network element, as well as other administrative and reporting functions.
Communication with out-of-band management ports
One of the most common means of communicating with a serial out-of-band management console port is through the use of a laptop and terminal emulation software. Through a serial cable connection to the out-of-band management console port, a network administrator can connect to elements in the rack for root access to command and control parameters. In similar fashion, an external modem and POTS line can also be connected directly to the out-of-band management port for remote dial-up connectivity by administrators. When the number of network elements needing to be controlled begins to proliferate, traditional means of RS-232 communications are cumbersome and time consuming. An out-of-band management console server is an economical and convenient solution to simplify this important means of network connectivity.
Serial Console Servers And Out-Of-Band Management
Serial console servers are a comprehensive tool to allow network administrators to access multiple serial out-of-band management ports when there are large populations of network elements in the site. The serial consol port server connects multiple serial RS-232 console ports, and allows the network administrator a centralized point of access. The serial console server can be accessed through a local RS-232 serial port or via in-band communications methods (SSH). Having a secure means of communicating with a serial console server over SSH and subsequent SSH-to-Serial communication sessions with remote network elements is a convenient and robust management strategy for remote trouble shooting.
Security Considerations & Out-Of-Band Management
A critical consideration when implementing an out-of-band management strategy is the security implications of concentrating multiple console ports to a single serial console server. The serial console server should provide strong authentication capabilities for in-band access, including 3rd party authentication support (Radius, TACACS and LDAP). Logging features which control connections, command issues and screen captures are also necessary elements of a secure out-of-band management solution. Most serial console servers offer a variety of in-band security and authentication protocols, in addition to many command logs and audit trail features.
Dial-Up Out-Of-Band Management
A common means of access to remote serial console servers is through a dial-up connection over the PSTN. Gaining dial-up out-of-band access to a serial console server is a critical piece of the overall out-of-band management strategy. Serial console servers have internal modems which utilize 3rd party authentication or local authentication. A full-featured console server will have a self-correcting modem with a watch dog timer or other facilities to ensure that the modem is configured properly and ready to take an in-bound dial-up connection when network administrators remotely connect over the PSTN. Serial console servers can also log the dial-up sessions, provide dial-back security and invalid attempt lock-down as safety measures to ensure desired levels of security.
Serial Console Severs & Power Controllers
When a network administrator employs a serial console server to allow out-of-band management connectivity to the remote site, a number of other tools can be used in concert with the console server to increase the level of command and control. Network power controllers are frequently used in tandem with the serial console server to allow a network administrator to control the power to a network element. The ability to gain access to the console server through an out-of-band session (SSH or Dial-Up) and reboot or control power to specific elements at the site is a convenient way to compliment the total control of the corporate WAN. In addition to power controllers, other network environment tools such as data loggers and environmental sensors can also be connected to the serial console server.
Next Generation Out-Of-Band Management
Moving forward, the serial console server is increasing in popularity and affordability. Some other features which are being added to these useful tools is the ability to have internal temperature and alarm capabilities, more comprehensive logging and reporting of serial console sessions and time-sensitive authentication renewal features.
Summary
A comprehensive out-of-band management strategy using serial console servers is very cost effective when compared to the costs of on-site service calls or other administrative interventions. Having an out-of-band management system in place will compliment your standard SNMP and in-band management tools while creating a more comprehensive approach to remote site management and control in your data center.
About WTI
WTI is a California based company which designs and manufactures serial console servers and power control units. WTI has over 20 years of development experience in the out-of-band management market. WTI units are deployed in wide area networks in several industry sectors and serve multiple out-of-band management approaches. WTI is committed to the continual technological evolution of out-of-band management tools to help the network administrator save time and increase visibility and control of the proliferating number of network elements in the modern data center.
