A Console Server Management Unit with a Multi-Level User Directory Provides Unique Capabilities to Each User

Sometimes, a console server management unit can almost be too useful for its own good. In many cases, once network administrators have installed a console server management unit as a part of an out of band management solution, other network professionals within the organization will discover that they could use out of band access to remote network elements too. A typical console server management unit can easily handle the extra user load, but then administrators are faced with the problem of restricting these additional users to appropriate devices and command capabilities. The most practical solution to this problem, is to choose a console server management unit that includes a multi-level user’s directory.

When a console server management unit includes a multi-level user’s directory, this allows network administrators to set up accounts and passwords for a large variety of different types of users, and then set parameters for each account that allow or deny access to specific ports/devices, command functions and status displays. Each user account specifies the ports and attached devices that the corresponding user is allowed to access, determines whether or not the user will be able to use console server management unit functions such as outbound SSH/Telnet, determines which means each user can employ in order to contact the console server management unit, enables or disables access to configuration functions and port connection commands, and also sets filters that determine what type of information will be displayed when status commands are invoked.

This allows network administrators to set up accounts for advanced administrators who are responsible for general network operation, other accounts for medium level users who only need access to specific ports/devices and commands, and also limited access accounts for other users who might only need to review status displays. When a multi-level user directory is properly configured, users who log into the console server management unit via an administrator level account are automatically granted access to all ports and command functions, while users who log in via lower level accounts are denied access to sensitive configuration commands and ports that are connected to devices that they have no business accessing.

An out of band management solution based on a console server management unit can save both time and money for organizations who need to manage network devices located at multiple local and remote installation sites. The entire purpose of a console server management unit is to provide network administrators, IT support personnel and general users with access to a wide range of network devices and command functions. Given the powerful capabilities of a console server management unit and the diverse selection of users who may need to employ its many functions, it’s important to make certain that the console server management unit that you choose for your out of band management solution includes adequate security features to restrict users to only the port access and command functions that are relevant to their job function. The ideal solution for controlling user access to vital remote network management capabilities, is to make certain to choose a console server management device that includes a multi-level user directory which allows multiple user accounts and provides adequate control of the command and port privileges provided to each account.

Link to Original Content

Tags: , , , , , ,

Comments are closed.