CONTACT US
1-844-4ZPE-SYS
ZPE CLOUD

Providing Out-of-Band Connectivity to Mission-Critical IT Resources

Home » Archives for July 2022 » Page 2

What is a Serial Console’s Role in Modern Enterprise Networks?

by | Jul 27, 2022 | Data Center Management, Data Center Resilience, DevOps, Increase Productivity, NetDevOps, NetDevOps Transformation, Network Automation, Out of Band Management, Power Management, Remote Network Management, Scripting, Serial Consoles, Uncategorized

what is a serial console

Serial consoles have been used to manage business networks since the 80s, but things have changed significantly since then. What is a serial console’s role in modern enterprise networks? In this blog, we discuss the history and evolution of serial consoles as well as the exciting functionality provided by the latest generation.

What is a serial console?

A serial console—a console server, terminal server, serial console router, or serial console switch—is a networking device used to manage other devices. It connects to servers, switches, routers, and other equipment using the serial port (hence the name). Network administrators can then use the serial console to access all connected devices in the data center, server room, or network closet in which it’s installed.

Serial consoles allow admins to manage critical infrastructure without needing to log in to each separate device individually. A serial console also provides out-of-band (OOB) management, creating a completely separate network that’s dedicated to infrastructure management and troubleshooting. OOB management allows you to remotely troubleshoot, monitor, and administer your infrastructure, and more.

How serial consoles have evolved over time

A basic serial console—also called a Generation 1 serial console—provides consolidated remote access to critical infrastructure. It uses a secondary network connection (such as a dial-up modem or cellular SIM card) so admins can control and troubleshoot equipment without relying on the main production network. Using a Gen 1 serial console, admins can access each connected device’s CLI (command line interface).

Gen 1 serial consoles are relatively limited in control, security, and automation. For example, many Gen 1 serial consoles can only manage devices from the same vendor (or a small pool of supported manufacturers). A Gen 1 serial console also lacks in-depth security features like hardware encryption, and generally can’t integrate with third-party Zero Trust Security policies and controls. Plus, most Gen 1s completely lack automation capabilities, or limit you to basic CLI scripts for single tasks.

Gen 2 serial consoles

Frustration over these limitations led to significant advancements in the second generation of serial consoles, or Gen 2. With Gen 2 serial consoles, admins get more control, added security features, and expanded automation capabilities.

For instance, most Gen 2 consoles offer management functionality for third-party devices. These serial consoles also have some built-in security features like Trusted Platform Module (TPM) and frequently support advanced authentication methods like AD/LDAP, Kerberos, and RADIUS. Gen 2 serial consoles also allow for greater automation using Python scripts, APIs, and zero touch provisioning (ZTP).

While Gen 2 serial consoles offer more multi-vendor support than their extremely limited predecessors, they still fall short of true vendor neutrality. For instance, managing third-party and legacy devices often requires expensive adapters or complicated configuration tweaks. Many Gen 2 serial consoles also lack support for Zero Trust integrations such as SAML 2.0 (e.g., Okta, Ping, DUO), making it impossible to completely secure your out-of-band network.

Finally, while Gen 2 serial consoles introduce more automation capabilities, their closed architectures make it impossible to implement end-to-end NetDevOps automation. For example, you might only be able to use one specific scripting language or an approved set of playbooks. It’s also common for Gen 2 serial consoles to only support ZTP of connected devices from the same vendor, so you’re either limited in your automated provisioning capabilities or your choice of infrastructure solutions.

Gen 1 serial consoles provide remote, out-of-band management of multiple devices using CLI commands and scripts over a serial connection. Gen 2 evolved to incorporate more devices, more security features, and more automation capabilities. However, the serial console needed to develop even further to handle the needs of a modern enterprise network.

What is a serial console’s role in modern enterprise networks?

Today’s enterprise network is larger, more complex, and more distributed than Gen 1 serial console developers could have possibly imagined. Network administrators and engineers need to monitor, manage, and troubleshoot infrastructure devices from many different vendors in many different locations. Networks are also constantly threatened by cybercriminals using sophisticated hacking techniques and state-of-the-art malware. Plus, modern businesses must ensure near-constant availability and optimal network performance to stay competitive. Gen 1 and Gen 2 serial consoles simply can’t deliver the control, security, and resilience required by enterprise networks today.

The new Gen 3 serial console addresses older generations’ limitations through true vendor neutrality, multi-layered zero trust security, and end-to-end automation capabilities.

Total infrastructure control

Gen 3’s complete vendor neutrality makes it possible to extend your automation capabilities—including zero touch provisioning—to every physical and virtual asset in your environment, regardless of manufacturer. Gen 3 serial consoles also give network administrators a virtual presence in remote network locations (like data centers and branch offices) through which they can monitor environmental conditions in the rack, power-cycle and enter the BIOS menu of devices, manage power load distribution, and more.

This control is delivered via high-speed OOB (such as a 5G/4G cellular SIM card), giving you 24/7 remote access to critical enterprise infrastructure, even during an ISP outage. Plus, Gen 3 serial consoles use centralized cloud management, which means engineers can manage and troubleshoot remote infrastructure from anywhere, anytime.

A Gen 3 serial console is based on an open architecture, x86 OS, that supports integrations with your choice of infrastructure solutions, cloud services, and automation toolkits. It also includes flexible port configurations and legacy pinouts to control a variety of devices, such as PDUs, IPMI devices, and environmental monitoring sensors.

Comprehensive security

On a hardware level, Gen 3 serial consoles use features like encrypted disks, UEFI secure boot, and TPM 2.0 to ensure unauthorized users can’t access management functionality. Additionally, the OS is frequently updated and patched against new security vulnerabilities before they can be exploited. The Gen 3 serial console also automatically checks the integrity of all newly integrated hardware and software to ensure there are no backdoor vulnerabilities.

A Gen 3 serial console’s vendor-neutral platform supports easy integrations with a variety of zero trust security controls. For instance, you can manage user access to a Gen 3 serial console through third-party Identity and Access Management (IAM) solutions, allowing you to follow zero trust best practices like 2FA, SSO, and dynamic trust verification. A Gen 3 serial console can also integrate with on-premises and cloud-based network security solutions such as next-generation firewalls (NGFW), Secure Access Service Edge (SASE), and Security Service Edge (SSE).

A Gen 3 console includes robust onboard security features, which reduces the risk of an attacker using a stolen serial console to access your management network (and ultimately, your production systems and data). Its open architecture also enables integration with zero trust security controls and providers.

End-to-end automation

The open architecture of a Gen 3 serial console makes it possible to integrate with your choice of infrastructure automation and orchestration tools, or directly host VMs and Docker containers so you can run your own tools. With a Gen 3 serial console, you can use solutions like Ansible, Chef, Puppet, or Kubernetes to automate deployments. You can also use any API you want to automate any workload you need to, no matter how complex.

Gen 3’s advanced automation capabilities enable full pipeline automation so you can achieve NetDevOps transformation. Gen 3 serial consoles also facilitate immutable infrastructure, allowing faster and more agile deployments, updates, and replacements of critical network resources.

With a Gen 3 serial console, you can create a fully-automated network environment. This allows engineers to work more efficiently and reduces the risk of human error causing an outage or security breach.

Nodegrid Serial Console Plus (NSCP)

A Gen 3 serial console, like the Nodegrid Serial Console Plus (NSCP), gives you complete remote control over every component of your network infrastructure, regardless of location or manufacturer. Nodegrid also secures your OOB management network using zero trust security best practices and comprehensive onboard features. Finally, the Gen 3 NSCP allows you to automate whatever tools you want to use, so you can efficiently manage a complex enterprise network without sacrificing speed, security, or control.

 

Learn more about Gen 3 serial consoles:

→   Comparing the Best Console Servers for Data Centers in 2022
→   What Makes a Gen 3 Serial Console?
→   Why You Need a Next-Gen OOB Console Server

What is a serial console’s role in modern enterprise networks?

Schedule a demo of the Gen 3 Nodegrid Serial Console Plus to see for yourself!

Demo

What Is Hybrid Cloud Infrastructure: Expectations vs. Reality

by | Jul 21, 2022 | Edge Computing, EdgeOps, Modernize Legacy Environments, SD-Branch, SD-WAN, SecOps, Secure Access Service Edge (SASE), Simplify Branch Infrastructure, Uncategorized

what is hybrid cloud infrastructure

Hybrid cloud deployments allow you to combine the best features of public cloud, private cloud, and on-premises infrastructure. But what exactly goes into hybrid cloud infrastructure, and how is it achieved? In this blog, we’ll compare the expectations of a hybrid cloud to the realities of implementation and provide advice on overcoming these challenges.

What is hybrid cloud infrastructure?

Hybrid cloud infrastructure involves using a combination of public cloud, private cloud, and on-premises data center environments. True hybrid cloud architecture allows you to move workloads back and forth among these environments safely and securely.

  • A public cloud is what most people think of when they hear cloud computing. Public cloud services are decoupled from the underlying infrastructure and delivered as a web-based application or platform. The actual compute resources are shared amongst many other customers. Examples of a public cloud include Microsoft 365 and Google Apps.
  • Private cloud infrastructure is owned and managed by a third-party provider, but other customers do not share the hardware you use. You rent dedicated storage and compute resources, but have no physical access to or control over the infrastructure. Examples of a private cloud include Microsoft Azure and Amazon Virtual Private Cloud (VPC).
  • An on-premises data center is a data center that your organization has complete control over. It may or may not be on the same premises as your headquarters office. Not all hybrid cloud infrastructures include on-premises environments—only public and private clouds are required.

The public cloud offers many benefits for enterprises, such as scalability and cost savings. However, organizations frequently need greater control over certain data and resources. For example, any company working with healthcare information, or providing services to the federal government, must follow strict privacy and security regulations. That’s why many organizations opt to keep some of their resources in on-premises data centers or private clouds.

That said, keeping these resources isolated from your public cloud services, applications, and data is not always feasible. There’s a need for interoperability and orchestration of workloads among mixed architectures. In a hybrid cloud infrastructure, there is a virtual service that acts as a managed “bridge” between different environments. This allows you to move workloads, applications, data, and other resources around as needed to ensure peak performance without compromising security.

Hybrid cloud infrastructure: expectations vs. reality

The expectation for hybrid cloud infrastructure is that all of your systems, services, and applications will work together seamlessly. Your data and other resources will be portable, so you can move them from one cloud to another without compatibility issues or other headaches. Most importantly, you’ll have a centralized, web-based platform to orchestrate workloads across your heterogenous environment. The reality of hybrid cloud, however, is often much more complicated.

Vendor lock-in

One major hurdle to implementing a hybrid network environment is closed ecosystems. Vendor lock-in can prevent your legacy on-premises solutions from interoperating with cloud hardware and software, and vice-versa. Data and applications designed for traditional infrastructure may be incompatible with cloud platforms. And not only do these systems all need to communicate and work together, but you also need an orchestration platform that can dig its hooks into disparate vendor solutions and control them equally.

Issues with vendor interoperability could force you to rebuild your entire stack just to enable hybrid orchestration. To get around this expensive and time-consuming challenge, you need a hybrid cloud infrastructure orchestration platform that’s based on an open architecture for true vendor neutrality. This will allow you to manage workloads across cloud and legacy environments without replacing the systems and software already in place.

Infrastructure complexity

Hybrid cloud infrastructure reduces the number of physical servers and storage devices you’re responsible for, so you might assume this will reduce the complexity of your network operations. This isn’t necessarily the case. The virtual and physical hardware responsibility is shifted to the cloud vendor, but your team will still need to know how to configure, monitor, and maintain all your cloud services.

In a hybrid cloud infrastructure, there are often many different platforms from different vendors. That means you need people who are experts in all these systems. Plus, you’ll also need a more complex network architecture to support a seamless hybrid cloud environment. That often means purchasing more boxes from more vendors, which your team must also learn to configure and maintain.

One way to reduce the complexity of your hybrid cloud infrastructure is by consolidating your networking stack. For example, you can use high-density serial console switches that provide out-of-band (OOB) management interfaces, network failover, environmental monitoring, and network switching. Similarly, you can look for modular, multi-function devices that allow you to create a custom box that includes all the specific hardware and functionality you need.This will reduce the number of devices in your rack and provide administrators with a single platform to manage all this functionality.

Spiraling costs

Cloud services are often less expensive to deploy and scale than on-premises infrastructure. Instead of a large up-front cost to purchase and install new hardware solutions, you typically pay a smaller recurring fee. When you need more resources, you simply upgrade your services for additional cost without needing to buy and configure more hardware.

The issue is that these recurring fees can begin to snowball over time, especially if you keep increasing your contract. Many cloud services often come in bundles or packages, meaning you can’t just pick and choose the functionality you need a la carte. So, you could end up paying for features you don’t even need.

Plus, you’ll incur additional costs if you need to rebuild part or all of your on-premises stack to enable hybrid cloud orchestration. The same goes for the networking technology that’s required for hybrid integrations. These expenses can be reduced by following the advice above—using a completely vendor-neutral hybrid cloud orchestration platform. Plus, consolidating and streamlining your infrastructure in as many ways as possible, such as with the hardware itself, but also with the software and management layers. For example, an OS allows you to easily/seamlessly integrate many different solutions, and a management platform allows you to manage everything from a normalized UI—rather than having to spend money on many different specialists.

Implementing a hybrid cloud infrastructure is often more challenging than organizations expect. However, by using vendor-neutral solutions and consolidating your tech stack, you can avoid vendor lock-in, reduce the complexity of your infrastructure, and keep costs in check.

Ready to simplify hybrid cloud infrastructure?

The Nodegrid infrastructure management solution from ZPE Systems enables true hybrid cloud orchestration. Nodegrid’s open architecture and vendor-neutral hardware can get its hooks into all your legacy, on-premises, and cloud solutions, so you have total control over your hybrid environment. With the ZPE Cloud management platform, you can monitor and orchestrate your entire infrastructure from behind one pane of glass.

Plus, Nodegrid’s consolidated networking hardware can help you reduce the complexity of your tech stack while still delivering all the features and functionality you need. Some of the world’s biggest tech companies are benefiting from this, by using Nodegrid to deploy and manage their hybrid infrastructures.

What is hybrid cloud infrastructure, and how can Nodegrid help you achieve it? 

Contact ZPE Systems to learn more.
Contact Us

Ingram Micro Signs Distribution Agreement with ZPE Systems

by | Jul 18, 2022 | News & Announcements, Press Releases, Uncategorized

ZPE Systems + Ingram Micro

Ingram Micro Signs Distribution Agreement with ZPE Systems for Belgium, Netherlands, Luxembourg

The Netherlands, July 18, 2022Ingram Micro today announced a partnership with ZPE Systems Inc., a leader in network infrastructure management and orchestration solutions. This agreement gives partners access to ZPE’s portfolio of hardware, software, and cloud products, which includes the best-in-class Nodegrid Serial Console server, the Nodegrid SR family of services routers, the ZPE Cloud management & orchestration platform, and Nodegrid sensors.

For customers managing data centers or distributed edge and branch locations, ZPE Systems solves network and automation complexity while addressing the increasing demand to make IT more secure, reliable, and scalable. For resellers, this means having the ability to offer a proven yet flexible open platform to address customers’ evolving needs, with modular, Intel-based hardware providing limitless WAN/LAN connectivity, easy 5G upgradeability, Generation 3 out-of-band remote access and automation, and the power to host third-party applications and virtualized network functions.

Cybersecurity

Legacy network devices do not meet modern requirements for securing, automating, and scaling enterprise networks, due to interoperability issues and closed architectures. As customers struggle against security and downtime-inducing network challenges, this partnership will enable them to deploy ZPE’s Cybersecurity-as-a-platform (CAAP) to address disaster recovery, human error, and ransomware using best-of-breed vendor solutions of their choice. They can deploy these solutions directly on the programmable Nodegrid hardware and software, manage from anywhere via ZPE Cloud, and ultimately extend the capabilities of infrastructure, connectivity, and cybersecurity teams.

“IT systems are more connected but also more distributed,” said Marcel van Zwienen, Senior Sales Engineer, ZPE Systems. “Companies in every industry are now demanding fully customized environments that address their specific requirements. With this partnership, customers can now use ZPE’s platform to do exactly that. They can mix and match physical and virtual solutions of their choice for reliable, secure global networking.”

The Linux-based Nodegrid OS, which runs on every Nodegrid Serial Console and Services Router device, enables multi-vendor freedom in IT. This allows infrastructure, connectivity, and cybersecurity teams to deploy and manage their choice of hardware, software, and SaaS solutions — from cooling and smart PDUs, to switches and servers, to NGFWs, SD-WAN, and SASE integrations. The Nodegrid platform integrates with new and existing infrastructure, providing secure Generation 3 out-of-band access, NetDevOps automation capabilities, and enterprise-grade security that address modern business demands.

Edge

“Partnering with Ingram Micro adds tremendous value to ZPE ​​Systems’ Edge Transformation Partner Program,” said Steven Jehring, Vice President, Global Sales, ZPE Systems. “Partners gain more financing options, while customers gain the freedom to choose a partner that can address their unique needs. Ingram Micro provides top-notch support, pre-sales services, and global fulfillment capabilities that will be crucial to accelerating partner sales and transforming customer networks at the data center and edge.”

Become a ZPE Systems Partner

To learn more or become a ZPE Systems partner, click the button below.

 

Become a partner

About Ingram Micro Inc.

Ingram Micro helps businesses Realize the Promise of Technology™. It delivers a full spectrum of global technology and supply chain services to businesses around the world. Deep expertise in technology solutions, mobility, cloud, and supply chain solutions enables its business partners to operate efficiently and successfully in the markets they serve. Unrivaled agility, deep market insights and the trust and dependability that come from decades of proven relationships, set Ingram Micro apart and ahead. More at http://meta.ingrammicro.com.

 

Read the source version on Dutch IT Channel.

Nodegrid OS Version 5.6 – Product Updates

by | Jul 14, 2022 | Product Updates

The goal of every release is to reduce complexity and improve security for our customers, and the new Nodegrid OS version 5.6 is no different.

Some of the improvements which we implemented in Nodegrid OS 5.6 are:

  • Improvements to a Nodegrid deployment process by providing:
    • Global APN Database which turns the deployment of LTE connections to a 0-Click process, when deploying new Nodegrid appliances in Gateway profile mode
    • Configuration Staging feature, which provides security to administrators and prevents misconfigurations to Nodegrid appliance which might cause a connectivity loss. This improves the resistance of the Nodegrid solution
  • Improvements to our Edge compute capabilities, by simplifying the deployment and connectivity to the deployed systems. Enabling even faster and simpler deployments of the workloads like SD-WAN or Next-Gen Firewall appliance onto your Edge compute Nodegrid appliance, by:
    • Expanding IP Passthrough capabilities to be useable with deployed virtual appliances. This simplifies especially the connectivity of WAN interfaces to a SD-WAN or Next-Gen-Firewall applications, and allows them interact with the WAN interfaces as if they would be directly available on the VM
    • Simplifying file sharing between virtual appliances and from the Nodegrid, to make it even easier to deploy and configure the appliances.
  • Continued improvements to our security by introducing new security features as well as continuous security updates

Our full list of improvements are readily available to all of our customers in our support portal or through your ZPE Cloud account. If you’d like to see the full list of release notes please email support@zpesystems.com

Making Deployment and Management Easy for a Large Retailer

by | Jul 12, 2022 | Case Studies, Pillar 2 - Critical Remote

Simplified retail edge & critical remote access

Making deployment and management easy for a large retailer

A major retail company requires networking that can keep up with demand. However, having large distribution centers and enormous showrooms can push the limits of their connectivity. Internal operations rely heavily on data for logistics and inventory purposes, while customer-facing interactions need strong networking for product availability and order processing transactions. To accommodate rapid business growth, the retailer sought a branch networking solution that they could scale quickly and manage easily.

The Challenge

With traditional edge solutions deployed, the company became accustomed to high support & maintenance costs. However as business began to increase significantly, expansion became critical — but their existing system could not keep up.

The Solution

The company discovered that only Nodegrid could deliver the capabilities they needed for rapid growth. They chose a powerful combination of Nodegrid Services Router (SR) devices: the Net SR (NSR), Gate SR (GSR), and Link SR (LSR).

The Results

The combined Nodegrid solution streamlined the company’s edge networks along with their management efforts.
Instead of requiring a separate switch in the MDF and a dedicated cellular device in each IDF, the retailer needed only the NSR in the MDF. This all-in-one device eliminated the network switch and centralized these critical functions while extending capabilities to each IDF. Connecting the LSR or GSR at the department level also reduced their stack by eliminating the need for purpose-built cellular appliances throughout each store.

Read the Full Case Study