A Linux Powered Console Server Can Provide Different Access Rights to Different Users

Network administrators and support personnel are often faced with the difficult challenge of fixing problems with vital network elements at remote network equipment racks. Obviously, a network administrator doesn’t have time to travel to remote sites in order to fix problems in person, and that’s exactly why the secure remote access capabilities provided by a Linux powered console server are such a useful tool for both administrators and support personnel.

Rather than taking a long, expensive trip to the remote equipment rack, just to invoke a couple of configuration commands for some remote network device, administrators and support personnel can often take care of problems at remote sites without even leaving their office; an extremely useful capability for anyone involved in managing a network that includes far-flung equipment racks. In some cases, the remote access to console port command functions provided by Linux powered console server are almost too useful for their own good; once the word gets out, everybody suddenly decides that access to the Linux powered console server could help them too.

In cases like this, a Linux powered console server that includes a multi-level user directory can prove exceptionally handy by enabling administrators to create individually tailored user accounts for each person who needs access to the out of band management capabilities provided by the Linux powered console server. A multi-level user directory allows network administrators to easily define separate user accounts with separate levels of command privileges for a broad variety of different types of console server users.

In addition to granting different command access rights to each individual Linux powered console server user account, a multi-level user directory also enables administrators to restrict each user to access to a specific group of console ports on the server, and also allows administrators to determine whether each account will be able to access the Linux powered console server via serial port, Telnet/SSH and/or web and whether or not the account will be able to access features such as outbound Telnet capabilities. In cases where the user will access the Linux powered console server via phone line, a multi-level user directory can also define dialback numbers to help authenticate the user when a dial-up connection is established with the console server.

Once the multi-level user directory has been employed to define a selection of user accounts for the Linux powered console server, this also enables the console server to track access and command activity by each defined user account. Typically, this allows administrators to track port connections and disconnections, login and logout activity for each user account, and also record command activity and configuration changes made by each user.

A multi-level user account vastly simplifies the task of defining specific out of bound access capabilities for a variety of different Linux power console server users, and helps to ensure that each user is restricted to only the ports and command capabilities that are required by their job function. This provides a substantial improvement over Linux powered console server products that only allow two or three registered users, and eliminates the need to have users share accounts or to have access to Linux powered console server command functions that are inappropriate for the user or too sensitive for general access.

Link to Original Content

Tags: , , , ,

Comments are closed.