Out-of-Band Deployment Guide

This post was originally published on ZPE Systems

A third, less common approach is to deploy OOBM devices both top-of-rack and end-of-row. This makes the OOBM network highly resilient to both outages and ransomware attacks, providing a completely isolated management environment while maintaining the flexibility of a ToR deployment. 

Out-of-band deployment best practices

The following best practices can help improve the flexibility, security, scalability, and resilience of out-of-band deployments.

Vendor-neutral platforms

Using vendor-neutral OOBM console servers helps consolidate data center management in a single platform. These devices can manage infrastructure from any vendor and integrate with third-party solutions for security, automation, troubleshooting, and more. Vendor-neutral OOBM deployments reduce management complexity and costs, while ensuring easy scalability.

OOBM security

OOBM devices and networks must be protected against compromise to keep bad actors from commandeering the control plane. The best practice is to use OOBM switches with strong hardware security, SAML integrations for multi-factor authentication (MFA) and single sign-on (SSO), embedded firewalls, and frequent firmware/software updates to patch new vulnerabilities. 

Infrastructure automation

OOBM serial consoles should support automation to improve scalability and efficiency, while reducing complexity and recovery times. At a minimum, they need zero-touch provisioning (ZTP) to automatically configure new infrastructure devices over the network. Advanced solutions like the Nodegrid

Read the rest of this post, which was originally published on ZPE Systems.

Previous Post

Why Paying the Ransom Should Be Your Last Option

Next Post

Tensions Rise with Suspicious European Subsea Cable Cuts