Console Switch? Managing a network remotely...

What devices are commonly used to monitor networks remotely? We'd like to have what I believe is refered to as an OOB (Out of Band) monitoring system which we'd be able to remotely connect to our equipment (firewalls, switches, etc.) via console in the event that there is a networking problem and rebooting the device or simply making changes or corrections would be necessary. I saw the following items which seem to be what we are looking for but is there any competitor to this or something else (or some other method) that is more commonly used?

Console serial port switch ethernet RS232 Device Server Router

Find more posts tagged with

SAVE $250 on Your Boot Camp — Use Code "EXAM26"

Exclusively for TechExams members for Infosec Boot Camps starting before April 30, 2026

View Boot Camps

Comments

DevilWAH

I still have an old CISCO 2509. there are several Terminal/console servers around. Just make sure that what every you go for supports a good back up method to connect in.

That looks like it has a LAN connection to it. however if the network is down between you and it (including your OOB network) your are still stuck.. many will support for example a connecting via a modem, so even if the entire network goes heywire you can still get in. Also very use full if you are remote and lock your self out of a network..

Mrock4

There's a lot of them out there. I have deployed Digi CM's (and use them in my home lab)..and so far the results have been solid. I'm working with a customer now who uses OpenGear devices. I highly recommend NOT getting these things. They've presented more problems than the value they provide.

PurpleIT

There are also some IP KVM options. They may be cost prohibitive on their own, but if you have or are looking at KVM solutions they are something worth considering. I use Avocent.

shodown

I have used quite a few. My favorite is MRV products. Depdending on the design I use it to get to the core gear (firewalls, routers) I have this come in either through DSL/Cable with over SSH to the MRV, or over 3G/4G connection into a router. A must have for any major site. These have saved my bacon more than once.

astorrs

I usually go for either Avocent or Raritan console servers. Both brands are data center staples, have redundant power options, redundant LAN and optionally a backup analog modem. They're hardened, purpose built devices and both companies make dedicated serial console servers or combination KVM-over-IP/serial console servers (especially useful for branch offices).

If you use Avocent for KVM you can integrate the console server with DSView to get a centralized view.

shodown wrote: »

I have used quite a few. My favorite is MRV products.

MRV - those are what became of trusty old Xyplex's!

Saved my ass many times years ago... I'm sure almost no one here remembers DEC LAT...

santaowns

At my work we use avocents and at home i have a digi cm. All are pretty much the same, but as they said you need a backup internet connection for it to truely be remote accessible when your network is down.

jibbajabba

DevilWAH wrote: »

if the network is down between you and it (including your OOB network) your are still stuck..

Old company of mine made the mistake - They also had the PDU management of each leg on the wrong switch (so you powercycle a switch and you get kicked out of the PDU) .. Once I pointed that out they ended up putting a dedicated ADSL line in for the console switch

JohnnyBiggles

Thanks guys, this is really helpful information. But what about pricing on these things? What kind of range do these things go for, for a smaller network for example? (Let's say 8-16 ports with modem connection)

xXErebuS

just look around for something like a Raritan SX16; I don't think an IP KVM (KX) will help you much with networking equipment.

inscom.brigade

question:
Cisco devices; in this case the access server has IOS upgrades for the last 15 years that I am aware.
What I am saying is that my old 2509 has new 2008 IOS.

I am wondering do the Avocent , Raritan , or DigiCM
have software upgrade support through the years?

astorrs

inscom.brigade wrote: »

I am wondering do the Avocent ,Raritan , or DigiCM
have software upgrade support through the years?

Yes of course they provide software updates - as for 15 years worth of updates, no - but do we really care?

I'm sorry a 2509/2511 is fine if you have one on a shelf or are buying it for a lab, but I'm not going to go and buy a used one off eBay and put it in a multimillion dollar data center. No redundant power, no redundant LAN (and freaking AUI ports at that), no internal modem (some people demand this), no FIPS, etc. yet connected to the most critical devices...

JohnnyBiggles

Question: This seems to be what we're looking for when it comes to remotely managing network equipment via console..... but as far as server management, can this work with iDRAC on Dell servers? How does this work? I'm still a little hazy on this whole OOB management thing... is this all done through some interface or through a web browser? Can Putty directly connect to the device once a connection has been established? Someone break his down for me if you can. Thanks.

JohnnyBiggles

astorrs wrote: »

I usually go for either Avocent or Raritan console servers. Both brands are data center staples, have redundant power options, redundant LAN and optionally a backup analog modem. They're hardened, purpose built devices and both companies make dedicated serial console servers or combination KVM-over-IP/serial console servers (especially useful for branch offices).

If you use Avocent for KVM you can integrate the console server with DSView to get a centralized view.

MRV - those are what became of trusty old Xyplex's! Saved my ass many times years ago... I'm sure almost no one here remembers DEC LAT...

Do you have any preference between the Avocent and Raritan products?

Krunchi

JohnnyBiggles wrote: »

but as far as server management, can this work with iDRAC on Dell servers? How does this work?

The IDRAC "Integrated Dell Remote Access Controller" is for remote management of the server only you can troubleshoot with it deploy OS's change bios settings etc. So yes for server management it works great but if the IDRAC has no internet connection or LAN connection it won't work.

If your looking for a Server Monitoring solution you can get Open Manage Essentials for free.

astorrs

JohnnyBiggles wrote: »

Do you have any preference between the Avocent and Raritan products?

Not really. I use Avocent for their 1U LCD console tray with integrated KVM a lot in smaller data centers, so tend to stick with the same vendor for serial console work as well, but I'd be happy with either.

astorrs

JohnnyBiggles wrote: »

Question: This seems to be what we're looking for when it comes to remotely managing network equipment via console..... but as far as server management, can this work with iDRAC on Dell servers? How does this work? I'm still a little hazy on this whole OOB management thing... is this all done through some interface or through a web browser? Can Putty directly connect to the device once a connection has been established? Someone break his down for me if you can. Thanks.

Dell DRAC, IBM RSA, HP iLO, Cisco CIMC, Oracle ILOM - everybody has their own name - are essentially remote KVM and power management for the server. They are usually assigned their own IP address (I always add them to DNS as well, usually by appending the letter "R" to the name of the server [e.g., myserverR]).

To control them you open a web browser and navigate to the IP address you assigned to the management card, using Java, ActiveX or some other mechanism you get a remote console to the server and can perform basic management tasks (e.g., cycle the power) as well as manipulate the BIOS settings, etc. It's as though you are sitting in front of the console during boot as you can see (and control) the POST process, etc.

Some remote management cards require an additional license for advanced features like KVM when the O/S loads or virtual media (allowing you to mount a DVD remotely to the server from an ISO on your client computer - could be thousands of miles away). In the case of Dell this is iDRAC Enterprise I believe (its been a while since I bought a Dell server).

As for how this relates to serial consoles for remoting networking equipment? It basically doesn't, they're separate things (although it is technically possible to do extremely basic serial control of a server, I would just buy the appropriate management card, it's not worth the headache).

If you want a single management interface for all your devices the previously mentioned Avocent DSView allows you to see and control them all from one place be it remote management cards (e.g., iDRAC), serial consoles, VMware virtual machines, KVM over IP consoles, switchable PDUs, etc. But be forewarned it's expensive (and to me unnecessary).