Console management is the set up, configuration, and maintenance of serial devices, including servers, switches, routers, and telecom gear. Most of these devices offer EIA 232 serial port(s) as a primary console port for management. IT administrators can manage serial devices locally or remotely through the device’s console port.
Local and Remote Console Management
Local console management uses a physical connection to the device in order to perform set up, maintenance and repair tasks. Typically, an administrator would go to a failed device with a crash cart or a laptop and physically plug into the device to diagnose and fix the problem.
Remote console management provides access to the console port of a device on the network via a TCP/IP Ethernet connection or by telephone via a modem-to-modem connection. A whole selection of console management tools and technologies has evolved to meet these needs. One of the most common devices used for remote console management is a console serial switch, also referred to as a console server. A serial console switch can provide access to multiple serial ports locally through its console port.
Local and remote console management can be achieved via the regular network infrastructure (in-band management) or a dedicated management channel (out of-band) used for device maintenance.
In-band Management: In-band management uses the same network that connects the devices being managed. Control and management data share the same network as the user data. Many in-band management tools are provided as integrated functions of the operating system and hardware platform. For example, managed devices can be accessed on the in-band network through common protocols, such as Telnet or SSH. SNMP polling allows an administrator to determine faulty behavior or connection problems.
A significant limitation of in-band management is its vulnerability to problems such as an operating system crash or the loss of a network connection. The failure of a single device on the network could potentially prevent management connectivity throughout the network itself.
Out-of-Band Management: Out-of-band management is the use of a dedicated management channel for device maintenance. It uses an interface that does not rely on the proper functioning of the operating system, applications, protocol stacks and the production network. Using out of band management, a network device can be accessed, reconfigured and recovered in the event of a failure of normal in-band management methods, such as an operating system crash or a network connection failure. Out-of-band management addresses the limitation of in-band communication by employing a management channel that is physically isolated from the data channel.
The most common out-of-band management solution involves connecting each device’s serial port to a console switch. This allows the monitoring of Boot process and console access which may not be available using typical in-band management. Depending on BIOS support it also allows access to BIOS information through the console port.
Console serial port switches can provide form factor and multiple port flexibility for up to 32 ports in a 1U form factor. Products that include flexible options to remotely access managed devices in an out-of-band management network are ideal products for data centers and high performance clusters.
Another type of out-of-band management solution involves a computer with a Baseboard Management Controller (BMC) that has its own processor, memory, battery, network connection, and access to the system bus. The BMC can monitor the computer for critical events, send alerts and log events, and perform management functions. Out-of-band management can also be done by connecting the managed devices to a separate Ethernet network. An administrator can access the devices remotely via SSH or a VPN tunnel to the out-of-band management network.
Console Serial Switch
A console serial switch is a device that provides single point serial port access for multiple devices with serial console port(s), such as routers, switches, servers. The Console Serial Switch typically has one or more Ethernet ports and multiple serial ports. The console switch provides the capability of using a host on the network to connect simultaneously to the console ports of multiple devices. It also provides complete in-band and out-of-band management for switches, routers, and other devices using a Telnet session or a Web Interface (HTTP). The connected devices can also be accessed securely using a console switch that supports a secure shell (SSH) or through a secure web session (HTTPS).
Secure Remote Access: Both Telnet and SSH protocols are supported by most of the hosts used to access the console switch. By launching a Telnet or SSH session directly to the console switch, the user would be presented with the command line interface of the console switch. Many console switches provide web-based management software that can be accessed through a browser using HTTPS. These interfaces allow the administrator to access attached devices or to control the console switch itself.
Telnet communication is a plain text communication and is not encrypted leaving sensitive information vulnerable. SSH and HTTPS communications are encrypted and secure. After authentication a pair of public keys is exchanged between client and server. All communication is then encrypted using the received public keys. Only the corresponding private key holder can decrypt the messages. Using these industry standard protocols, an administrator can access the serial console port of an attached data center device as if using an actual crash cart.
Secure SSH Console Serial Port Switches offer a broad set of secure access methods that meet the needs of different customers. Look for switches that support Secure Shell (SSH v2), individual port authentication, HTTPS for enhanced security, and dial-in access support, so that only known users at specific locations can access the switch.
Remote, Centralized Management: The ability to monitor and control managed multiple remote servers makes the console switch a powerful tool. Through console redirection, administrators can access the BIOS and operating system processes of a managed server through the serial port. Console redirection sends a managed server’s system output to the serial console port and accepts inputs from the console port.
In Windows, EMS console redirection starts as soon as Windows begins to load and is available until the Windows graphical interface becomes active. Once the Windows graphical interface is active, the special administrative console takes over. In other operating systems, such as Linux or FreeBSD, console redirection remains active after the OS has loaded. Redirection is accessed through a serial console login.
Scalability and the switch’s control methods are important issues to consider when centrally managing larger deployments. Scalability varies with different console switches. Some switches support as few as four devices, while others support a larger number. Maintaining large deployments of servers can be simplified with a console switch. For control, a well-designed graphic interface and the ability to configure complex events (data capture, notificatin, and scripting) enhance an administrator’s ability to manage multiple devices and minimize down time.
Administrator’s can securely manage up to 32 devices with a high end Secure SSH Console Serial Port Switch. Features like: easy-to-use web-based interfaces, menu-driven device selection and diagnostic and event management features will be very useful in allowing administrators to quickly locate the source of equipment failures and correct them.
Environmental Monitoring: Another way that console switches can maximize uptime is by detecting external environmental threats that can cause managed devices to fail. Excessive heat and rapid temperature changes in a data center, server room, or network closet can damage equipment. Low humidity levels can produce electrostatic discharge, interfering with hardware and causing system damage. Some consoles switches include sensors that detect these environmental threats and sends alerts so the threat can be addressed.
Secure SSH Console Serial Port Switches monitor multiple environmental conditions, including: temperature, humidity, and water detection. The switch also supports contact sensors. When a sensor goes out of a defined range, the system will notify you via email, LEDs, web page, or SNMP trap.
Look for console serial switches that provide complete in-band and out-of-band management of local and remote devices, as well as remote environmental monitoring of server rooms. Features such