Direct Connect – A Useful Feature for Out of Band Management Applications

In addition to providing out of band access to console port command functions on remote network elements, a full-featured out of band management (http://www.wti.com/c-45-out-of-band-management.aspx) unit should also include functions that allow the unit to easily adapt to the requirements of a wide range of different network based applications. For example, if the out of band management unit will be deployed in a remote network management application that requires automated access to console ports on various network elements, then direct connect capability can often prove to be very useful.

A direct connect feature allows automated network functions to initiate a Telnet, SSH or raw socket session with the out of band management unit, and then make an immediate connection to a specific RS232 port without first being presented with the out of band management unit’s command interface. In most cases, a script or program first establishes communication with a remote out of band management unit, and is then immediately connected to a console port on a network element that is cable connected to one of the serial ports on the out of band management unit. There are many different applications that can take advantage of this sort of capability, including applications that regularly collect data, error messages or status reports from specific network devices.

Typically, a direct connect function will assign unique TCP port numbers to each RS232 serial port on the out of band management unit. When a user or program needs to connect to a network device at one of these serial ports, a command is sent to the out of band management unit that specifies the desired serial port, and a connection to the port is immediately established without further prompting. In some cases, the direct connect feature can also be used to retrieve data from buffer mode ports on the out of band management unit, or connect to serial ports where a modem is installed.

Since the direct connect feature bypasses password prompts, it’s important that the out of band management unit also supports adequate security features to help ensure that only authorized users gain access to direct connect ports. IP address filtering is often used in conjunction with a direct connect function, because it only allows connections from specific, known, administrator-defined IP addresses, and prevents users at other IP addresses from being able to connect to the out of band management unit.

An intelligently designed, full-featured out of band management unit can do a whole lot more than merely provide reliable, secure out of band connections to remote network devices. When deploying an out of band management product as a part of a network administration application, make certain to carefully review the requirements of your application, do the necessary research, and choose an out of band management unit that supports features that will simplify adaptation to your out of band management application. In most cases, the more features that an out of band management solution supports, the easier it will be to adapt the out of band management unit to a variety of different applications.

Link to Original Content

Tags: , , , ,

Comments are closed.