Out Of Band Management

WHITE PAPER

Out-of-Band Management: the IntegratedApproach to Remote IT Infrastructure Management

EXECUTIVE SUMMARY

For decades, business imperatives for information technology (IT) have remained con-stant – to cut costs and improve service levels and productivity. Although not new or unique,these imperatives have taken on renewed urgency in today's Internet-driven economy. IT isno longer the inwardly focused domain of technology specialists, but rather faces outward,where customers, partners, prospects and remote employees directly interact with anorganization's business applications via the Web. Today, if an application is not availableonline, customers can quickly move to a competitor with a simple mouse click. In short, anorganization's IT infrastructure has become the face of business, taking on a vital role indefining customer experiences that directly impact the corporate brand. As a result, ITperformance has evolved to become vital for business survival.

Faced with this reality, many large businesses have invested in redundant systems to ensure24/7 service availability for their customers, partners, etc. Redundant systems, however, areboth costly to deploy and maintain. Out-of-band management offers businesses a cost-effective, secure and efficient solution to ensure the high level of IT infrastructureperformance needed to meet the demand for continual service availability, and a way tomeet the perennial business imperatives to cut costs and improve productivity.

WHAT’S INSIDE

Traditional approaches to monitoring,maintaining and restoring IT assets arereviewed; out-of-band management ispresented as a more efficient way tocut costs and improve service levelsand productivity.

IT Infrastructure Overview

Typical IT infrastructures in many of today's large enterprises consist of one or multipledata centers and may also include remote sites or branch offices. In some cases, largeenterprises deploy redundant data centers to ensure business continuity and provideconsistent IT service availability in the event of a potential disaster. From an architecturalperspective, data centers share a similar makeup that includes servers, storage andapplications, and a network infrastructure of hubs, routers, firewalls and switches.

Large enterprises may also include remote or branch office infrastructures linked to thecorporate production network through a virtual private network (VPN) using Internetconnections or through a wide area network (WAN) connection. Larger remoteinstallations, such as a warehouse or large department store, may have a small version ofthe data center complete with racks of servers, storage and network infrastructure.Smaller remote offices may be limited to a router, firewall and hub with networkconnections for desktop PCs. Whether an enterprise is large and dispersed across multiplesites, or limited to a single data center, IT managers face the same challenge – to deliverthe highest possible level of performance and availability at minimal cost.

2 AVOCENT WHITE PAPER

Typically, large organizations depend on complex systems management applications (such as HP OpenView, IBM® Tivoli®, CA Unicenter®,BMC PATROL®) to monitor network performance and manage application performance and availability. Small and medium-sizedenterprises may use less expensive network management applications to manage the network. These management tools depend on theproduction IT network to monitor performance and productivity, and perform effectively when network connections remain available.

Local Versus Remote IT Management

The following description illustrates the difference between local and remote IT management. If an IT asset loses its network connection,systems management applications alert the administrator that the asset is no longer available; but because these applications depend on thenetwork infrastructure to manage assets, they cannot provide specific details about the problem, only that the asset is no longer connected.As a result, the traditional approach for restoring assets to the network requires the physical presence of a technician at the asset,regardless of whether the asset is located in the data center or at a remote site. Specifically, a technician must go to the problem devicewith either a crash cart or a laptop, physically plug into that asset to diagnose the problem and finally restore the IT asset to the network.This process is both expensive and time-consuming, and defines the term “local IT management.”

Remote or out-of-band management allows the administrator to access and control IT assets through either network, serial or modemconnections via the network infrastructure or a path separate from the network infrastructure. The administrator is not required to bephysically present. To further clarify, remote management is possible from thousands of miles away or from 20 feet away, whether at thedata center or a remote site. Remote management is therefore achieved through any connection other than a local, physical connection.

Out-of-Band Management Tools

Remote IT management can be realized through the use of out-of-band management tools, which provide secure, alternate paths toremotely access, monitor and manage IT assets throughout the network infrastructure. If an IT asset goes down, out-of-band managementtools can remotely restore it to the network infrastructure, where it can be managed back to productivity in the shortest time possible. Out-of-band management tools minimize the need for local management and site visits, dramatically reducing the time and operational costsneeded to bring IT assets back online. The relationship between the network infrastructure and out-of-band management tools is typicallyconfigured similar to the topology shown in Figure 1.

Router

Administrator

NetworkInfrastructure

Switch

Device

Out-of-BandManagement Tools

Figure 1.

AVOCENT WHITE PAPER 3

An example of how out-of-band management tools may function is presented in the following scenario (see Figure 2). A device or server inthe data center goes down; the network infrastructure remains operational. Using out-of-band management tools and the networkinfrastructure, the administrator accesses the IT asset, diagnoses the issue and, if necessary, power cycles (turns the power off and on) thedevice. In minutes, the asset is restored to the network where it can be managed back to productivity using a systems managementapplication. The benefits in this case include lower labor costs, increased productivity and reduced risk.

Router

Administrator


Switch

Device


A further example of how out-of-band management tools are critical to remote management of IT assets is illustrated in Figure 3. Anetwork switch connecting a rack of servers goes down, losing its connection to the network. In this case, the out-of-band managementconnection to the switch remains available through the network infrastructure. The administrator is alerted by the systems managementapplication that a switch is no longer connected to the network. Using an out-of-band management tool to remotely access the switch, theadministrator diagnoses the problem and restores the switch and all its connected assets back to the network infrastructure.

Router

Administrator


Switch

Device


Figure 2.

Figure 3.


The following is another scenario illustrating the benefits of out-of-band management tools (Figure 4). A router that provides network andInternet access for an entire site goes down. This router provides the network infrastructure connection to all connected IT assets linked tothe network and all the out-of-band management tools. Because the out-of-band management tools cannot be accessed through thenetwork infrastructure, the administrator uses a dial-up connection for access. The administrator is then able to use out-of-bandmanagement tools to connect to the router through a serial port to quickly diagnose the problem. The administrator corrects the error andrestores the router and all its assets to the network. Again, what might have taken hours and a site visit to correct took minutes.

The benefits are clear. Operational costs are reduced and IT asset availability is increased. If redundant systems are not in place, servicelevels are also increased. In short, the fundamental IT imperatives to cut costs and increase service levels and productivity are achieved.

Figure 4.

Out-of-Band Management Tools

Below are descriptions of various out-of-band management tools.

1. Out-of-band management software provides consolidated access, change management and configuration management for disparate out-of-band management tools like serial console servers, KVM switches, power management appliances and service processor managers. It also provides the capability to manage diverse IT assets connected to these out-of-band tools from a single consolidated view. The management software also provides the scalability needed to meet the demands of the largest enterprises.

2. Serial console servers provide remote access to the serial management ports included on some servers and other network IT assets (routers, switches, cables, firewalls, etc.) rather than depending on the network connection.

3. KVM switches or KVM over IP switches access servers through keyboard, video and mouse ports to provide access as if the administrator were physically present.

4. Intelligent power distribution units (IPDUs) provide the ability to power on and off remote equipment for operational control or recovery from software/hardware failures.

5. Service processor managers provide consolidated, centralized access to the service processors embedded on the computer's motherboard. These operate separately from the main CPU, enabling administrators to access, monitor and manage the hardware components of servers. Service processor managers also allow administrators to reboot servers whether or not the main processor or the operating system is operational. Intelligent Platform Management Interface (IPMI), HP Integrated Lights Out (iLO) and Sun Advanced Lights Out Management (ALOM) are examples of established service processor technologies.

Router

Administrator


Switch

Device


Dial-Up Path

AVOCENT WHITE PAPER 5

Out-of-Band Management Return on Investment – One Customer's Perspective

Over a 2-year period, a European telecommunications company used out-of-band management tools to deploy more than 2,000 additionalIT assets within their existing IT infrastructure. These deployments took place without adding additional support staff. In this case, out-of-band management tools enabled the company to reduce operational costs and risk while increasing both IT asset and personnelproductivity as illustrated by the statistics below.

• 92% decrease in overtime labor costs • 50% decrease in deployment time• 33% increase in IT assets per year with no additional staff needed

The company's overall operational costs were reduced as their overtime labor costs were decreased by 92 percent. The time needed todeploy assets dropped by 50 percent, which enabled the company to win in competitive bidding situations as competitors could not matchtheir deployment speed. Personnel productivity increases enabled the company to expand IT assets by 33 percent per year to more than 100sites, without the need to hire additional staff. Within 16 months, the out-of-band management tools paid for themselves in decreasedoperational costs and risk and increased IT asset and staff productivity. Clearly using out-of-band management tools was a cost-effective,efficient and smart business decision.

The Evolution of Out-of-Band Management Technologies

For decades, command line interface (CLI) has been used for remote IT management. The user types pre-defined commands and the ITasset responds in kind with actionable data in text form. All remote IT access to computing and network assets used this interface as well.Administrators first used smart modems via a dial-up connection to access assets with password protection to provide a measure ofsecurity. When serial connections evolved, terminal servers emerged that would provide access to servers and other assets using Telnet, atext-based CLI protocol that provided a means for remote access and control. As security concerns emerged, vendors developed secureconsole servers that used Secure Shell (SSH) to encrypt communications between the IT or network administrator's desktop and theremotely accessed IT asset.

In the mid-1990s, Windows-based servers that used a graphical user interface (GUI) instead of CLI began emerging in corporate datacenters. In response to this, vendors began offering keyboard, video, mouse (KVM) switches that allowed users to use the keyboard,monitor and mouse at their workstation to access and control multiple servers. More recently, KVM over IP switches have emerged thatenable users to remotely access and use KVM switches in remote locations through IP networks. Consequently, KVM over IP switches havebecome important tools for management of Windows-based servers.

Beginning with mainframe and later UNIX-based servers, hardware vendors began placing a service processor on the server motherboardfor the sole purpose of monitoring and providing access to the hardware functions, including the BIOS, unit temperature, power control,etc., even in the event of an operating system crash. While the first service processor technologies and related protocols were proprietary,such as Sun's ALOM and HP/Compaq's iLO, more recently Intel, HP, Dell, IBM and other hardware vendors collaborated to develop anopen standard service processor called IPMI that is now included on many rack-mounted and blade servers built on Intel's X86architecture. IT administrators then used a service processor manager to access, monitor and control servers. In late 2004, the firstvendor-independent IPMI manager emerged.

The challenge facing most organizations is the fact that they use multiple out-of-band management technologies to access and manage awide variety of new and legacy IT assets. Each new technology adds yet another layer of complexity for IT administrators. IT executiveslack the luxury of managing one technology, rather they must manage everything in their enterprise – including all new and legacy ITassets and remote access technologies. The most effective way to manage all these technologies is with a comprehensive out-of-bandmanagement system that provides centralized, consolidated access to all of the out-of-band management tools and the IT assets connectedto them.


Corporate Headquarters4991 Corporate Drive, Huntsville, AL 35805TEL 866.277.1924 FAX 256.430.4030www.avocent.com

Avocent, the Avocent logo and The Power of Being There are registeredtrademarks of Avocent Corporation. All other marks are the property of theirrespective owners.

Copyright © 2006 Avocent Corporation. All rights reserved.

1206-OOBM-WP

Security

Clearly out-of-band management tools provide powerful access to IT assets. This access must be limited to trusted, qualified IT personnel.Any out-of-band management tool must include security features to authenticate IT administrators and to ensure all communicationsremain encrypted and private. While some out-of-band management systems may provide a separate security infrastructure, this adds yetanother layer of complexity, and ultimately an additional point of vulnerability for IT managers who need tools to simplify managementissues, not make them more difficult. Ideally, out-of-band management tools should support industry-standard authentication, directoryand encryption protocols to enable integration with existing security infrastructures.

CONCLUSION

Local management and site visits are people, time and money intensive. Remote or out-of-band management provides a better way – atime-saving, secure and cost-effective method – to ensure that IT assets remain productive and connected to the network. To achieve the ITimperatives to cut costs and improve service levels and productivity, the next-generation IT infrastructure must include out-of-bandmanagement as a fundamental component in its architecture.

However, for out-of-band management to be effective, its components must function as an integrated system, which can be accessedthrough a single, consolidated view, rather than as just another layer of separately managed boxes. Out-of-band management tools mustprovide the ability to be integrated into an organization's existing security infrastructure by supporting all industry-standard securityprotocols and specifications. Designed and deployed correctly, out-of-band management provides the remote IT management capabilitiesthat directly affect an organization's bottom line and provides rapid return on investment.

ABOUT AVOCENT

Avocent (NASDAQ: AVCT) delivers IT operations and infrastructure management solutions for enterprises worldwide, helping customers to reduce costs

and simplify complex IT environments via integrated, centralized in-band and out-of-band hardware and software. Through LANDesk, Avocent also is a

leading provider of systems, security, and process management solutions. Additional information is available at: www.avocent.com.

Documents

Out Of Band Management