Wednesday, September 10, 2014

Two sides of the out-of-band story

When we talk about out-of-band connections at Uplogix, there are really two sides to that story. The serial connections from an Uplogix Local Manager (LM) to the console ports of the devices it's managing, and the out-of-band connection to the NOC that is brought up by the LM if/when the primary network fails. Both operate independently of the network to ensure that Uplogix doesn't require a functional network to manage the network.

Like a crash cart you never unplug
Uplogix takes advantage of the console connection that's available on most devices to communicate with the device at the lowest level, interacting directly with the device instead of going through a network connection. Monitoring can occur more frequently and with greater detail than traditional SNMP monitoring tools over the network because management traffic isn't added to the network and the device isn't taxed with polling that takes away from its primary functionality.

By using the CLI interface with a device, an Uplogix LM has access to all of the same data that an on-site technician could access manually. This includes anything that a vendor would put into their MIB, and in most cases, a wide array of additional statistical, log and environmental data.

    What about when you don't have a console port? Virtual ports allow users to manage a device with an Uplogix LM through an IP interface instead of a console connection. While dependent on a network connection, it is useful for cases where the device does not have an available console port (or one at all), situations where the device is physically too far away for a serial connection, and when the number of devices needing management exceeds the maximum number of hardware serial interfaces on a Local Manager.

Secure remote access
Uplogix Local Managers are the most reliable and secure out-band-access solution on the market today, with unique capabilities to ensure that when you need access, you get it. Uplogix Local Managers feature an array of communications, secure access and automation capabilities not found in commodity console or terminal servers. 

Connectivity options include:
  • V.92 modem
  • Cellular (GSM and CDMA) including support for non-circuit switched service with SMS triggered “phone home”
  • Secondary Ethernet
  • LEO satellite
  • You can also configure multiple options and use rules to decide which option to use and when
The remote access provided by Uplogix is highly secure. With security-conscious customers ranging from military and federal organizations to financial, retail and healthcare, Key features include:
  • Highly flexible role based multi-user remote access.  Provide the right level of access based on level of trust, skills and responsibilities.
  • Radius and TACACS+ authentication.  Network independent maintenance of AAA policies with password caching.
  • Network independent audit of all administrative interactions and system responses for regulatory compliance including auditor/auditee privilege management
  • Console session management with auto-logoff of idle sessions
  • Rule based and SMS triggered “Phone Home” capability that establishes a connection when problems occur or based on customer defined rules
  • Ring Back feature refuses first connection attempt (immune to war dialing)
  • Meets stringent requirements having obtained FIPS 140-2 Level 2 certification
Out-of-band is all about your perspective
For Uplogix, we're about out-of-band from both sides: our management connections over a device's console port, as well as a secondary link to remote gear—wherever it might be. Once you aren't using the network to manage the network, it's a whole new world of possibilities.