CONTACT US
1-844-4ZPE-SYS
ZPE CLOUD

Providing Out-of-Band Connectivity to Mission-Critical IT Resources

Home » Data Center Management » Page 5

Data Center Environmental Sensors: Everything You Need to Know

by | Oct 29, 2024 | Actionable Data, Application Hosting, Data Center Management, Data Center Resilience, Failover Connectivity, Micro-segmentation, Minimize Impact of Disruptions, Monitoring & Reporting, Out of Band Management, Power Management, Remote Network Management

According to a recent Uptime Institute survey, severe outages can cost more than $1 million USD and lead to reputational loss as well as business and customer disruption. Humidity, air particulates, and other problems could shorten the lifetime of critical equipment or cause outages. Unfortunately, much of a business’s critical digital infrastructure and services are housed in remote data centers, making it difficult for busy IT teams to keep eyes on the environmental conditions.

Data center environmental sensors can help teams prevent downtime by monitoring conditions in remote infrastructure deployments and alerting administrators to any problems before they lead to equipment failure. This blog explains how environmental sensors work and describes the ideal environmental monitoring solution for minimizing outages.

How data center environmental sensors reduce downtime

Data center environmental sensors are deployed around the rack, cabinet, or cage to collect information about various conditions that could negatively affect equipment like routers, servers, and switches. 

Mitigating environmental risks with data center environmental sensors

Environmental Risk Description How Environmental Sensors Help
Temperature All data center equipment has an optimal operating temperature range, as well as a max temp threshold above which devices may overheat. Environmental sensors monitor ambient temperatures and trigger automated alerts when it gets too hot or too cold in the data center.
Humidity If the air in the data center gets too humid, moisture may collect on the internal components of devices and cause corrosion, shorts, or other failures. Environmental sensors monitor the relative humidity in the DC and alert administrators when there’s a danger of moisture accumulation.
Fire A fire in the data center could burn equipment, raise the ambient temperature beyond acceptable limits, or activate automatic fire suppression controls that damage devices. Environmental sensors detect the heat and smoke from fires, giving DC teams time to shut down systems before they’re damaged.
Tampering A malicious actor who’s able to get past data center security (such as an inside threat) could potentially tamper with equipment to damage or breach it. Tamper detection sensors alert remote teams when data center cabinet doors are opened or a device is physically moved.
Air Particulates Smoke, ozone, and other air particulates could potentially damage data center infrastructure by oxidizing components or clogging vents. Environmental sensors monitor air quality and automatically alert teams when particulates are detected.

These sensors report back to monitoring software that’s either deployed on-premises in the data center or hosted in the cloud. Administrators use this software to view real-time conditions or to configure automated alerts.

Environmental monitoring sensors help reduce outages by giving remote IT teams advance warning that something is wrong with conditions in the data center, enabling them to potentially fix the problem before any systems go down. However, traditional monitoring solutions suffer from a number of limitations.

  1. They need a stable internet connection to allow remote access, so if there’s an ISP outage or unknown failure, teams lose their ability to monitor the situation.
  2. Many of them use on-premises software that requires administrators to connect via VPN to monitor or manage the solution, creating security risks and management hurdles.
  3. Most environmental monitoring systems don’t easily integrate with other remote management tools, leaving administrators with a disjointed patchwork of platforms to wrestle with.

The ideal data center environmental monitoring solution

The Nodegrid data center environmental monitoring platform overcomes these challenges with a combination of out-of-band management, cloud-based software, and a vendor-agnostic architecture.

Nodegrid environmental sensors work with Nodegrid serial consoles to provide remote teams with a virtual presence in the data center. These devices create an instant out-of-band network that uses a dedicated internet connection to provide continuous remote access to all connected sensors and infrastructure. This network doesn’t rely on the primary ISP or production network resources, giving administrators a lifeline to monitor and recover remote data center devices during an outage. The addition of Nodegrid Data Lake also allows teams to collect environmental monitoring data, discover trends and insights, and create better automation to address issues.

Nodegrid’s data center environmental monitoring and infrastructure management software is available on-premises or in the cloud, allowing teams to access critical equipment and respond to alerts from anywhere in the world. Plus, all Nodegrid hardware and software is vendor-neutral, supporting seamless integrations with third-party tools for automation, security, and more.

Schedule a free Nodegrid demo to see our data center environmental sensors and vendor-neutral management platform in action!

Schedule a Demo

American Water Cyberattack: Another Wake-Up Call for Critical Infrastructure

by | Oct 18, 2024 | Application Hosting, Data Center Management, Data Center Resilience, Failover Connectivity, Improve Network Security, Micro-segmentation, Minimize Impact of Disruptions, Monitoring & Reporting, Network Automation, Out of Band Management, Power Management, Remote Network Management, Simplify Branch Infrastructure, Vendor Neutral Platform, Zero Trust Security

Industrial water treatment plant with water
The October 2024 cyberattack on American Water, one of the largest water and wastewater utility companies in the U.S., signals yet another wake-up call for critical infrastructure security. Because millions of people rely on this critical service for safe drinking water and sanitation, this attack highlights why it’s so important to address cyber vulnerabilities.

Let’s trace the timeline of the attack, how it likely started, and the best practice architecture that could have mitigated or prevented the American Water cyberattack.

Timeline of the October 2024 American Water Cyberattack

  • Initial Intrusion (October 5, 2024)
    The attack on American Water was first detected in early October, when cybersecurity monitoring tools flagged suspicious activity within the company’s IT systems. Employees reported an unusual system slowdown, and automated alerts indicated possible unauthorized access.
  • Rapid Escalation (October 6-7, 2024)
    Within 24 hours of detection, the attackers had moved deeper into the company’s IT environment. In response, American Water initiated emergency protocols, including isolating key systems to prevent further damage. To contain the breach, critical operational technology (OT) systems — responsible for managing water treatment and distribution — were temporarily shut down
  • Public Notification and Response (October 8, 2024)
    American Water notified federal authorities, including the Cybersecurity and Infrastructure Security Agency (CISA), state regulators, and the public. The company reassured customers that water quality had not been compromised, but certain automated operations had been affected, leading to temporary disruptions in water distribution.
  • Ongoing Recovery (October 2024 – Present)
    As the investigation continued, third-party cybersecurity firms were brought in to assess the extent of the breach and assist in recovery. Manual operations were implemented in areas where automated systems were impacted. While the threat was contained, the company faced a lengthy process of system restoration and reconfiguration.

Impact of the Attack

The impact of the American Water cyberattack appears minimal. A class-action lawsuit was recently filed seeking $5-million in damages on behalf of affected customers, but this is the typical fallout that results from a breach. American Water did not shut down any treatment plants, and although they were forced to temporarily shut down their customer portal, pause billing, and revert to some manual processes, there were no water contamination or public health risks that came out of the attack. Per American Water’s FAQ page, it seems business is nearly back to normal.

However, this shouldn’t diminish the need for utilities providers to shore-up their defenses and ensure resilience of their IT architectures. The Oldsmar, Florida incident is an example of how an error or breach can change water treatment chemistry (in this case, adding too much lye to the water supply) and poison a population. There have also been many attempts by U.S. adversaries in which attackers were able to change water chemistry or disrupt automated operations.

Government agencies like the EPA have been warning that attacks on water treatment utilities are increasing. Lawmakers are also calling for inspections of IT systems, such as to ensure best practices are being followed for managing passwords and keeping remote access from Internet exposure, and considering civil and criminal penalties for those who don’t comply.

How the Attack Likely Happened

The American Water cyberattack is still under investigation. Specifics of how it occurred haven’t been released, but several likely scenarios have emerged based on trends in similar attacks:

  • Phishing or Social Engineering:
    Employees may have unknowingly opened a malicious email attachment or clicked a harmful link, allowing attackers access to the internal network, similar to 2023’s Ragnar Locker attacks. Water utilities and other public services often have large workforces, which makes them susceptible to phishing campaigns.
  • Ransomware:
    There are indications that ransomware may have encrypted key files and systems, similar to what happened during the MGM hack. Ransomware attacks on critical infrastructure have increased in recent years, with attackers locking companies out of their own data and demanding payment to restore access.
  • IT/OT Integration Vulnerabilities:
    Water utilities often rely on a hybrid network where both information technology (IT) systems and operational technology (OT) systems are integrated to monitor and control water purification, distribution, and wastewater management. While this setup improves efficiency, it can also create additional vulnerabilities if the two environments are not properly segregated. Once attackers gain access to the IT network, they can use it as a bridge to reach OT systems, which are typically less secure.
  • Internet-Facing Systems:
    In the past, the Chinese-sponsored hacker group Volt Typhoon took advantage of firewalls that were connected both to the internet and to critical control systems. This approach also takes advantage of a lack of control plane segregation, as hackers can remote-in via internet-facing systems and gain management access to critical systems.

The Solution: Isolated Management Infrastructure (IMI)

As with the global CrowdStrike outage, the most important takeaway from the American Water cyberattack is that organizations need the ability to recover fast. Remote access solutions help with this, but it matters how these solutions are architected and which capabilities they offer.

The traditional approach is to gain remote access via a direct link to the affected systems. The problem with this is that when these systems are breached, encrypted, or offline, it’s impossible to remote-into them. This requires teams to physically connect to and revive systems (as with the CrowdStrike incident), or worse – completely replace their infrastructure, as Merck did during the 2017 NotPetya breach.

Traditional remote management via direct link
Instead, organizations are turning to a best practice architecture that has been used by hyperscalers and large enterprises for years. This solution is called Isolated Management Infrastructure. IMI creates a management network that is connected to but completely independent of production network equipment, an architecture that resembles out-of-band (OOB) management. This gives teams a lifeline to their main IT and OT systems, including servers, switches, sensors, controllers, and other critical assets, even when their main systems are offline.
IMI is a lifeline to production assets

Here’s how IMI and out-of-band management could have helped mitigate the effects of the American Water attack:

  • Enhanced Containment: By isolating the network used for system control and monitoring, OOB management could have ensured that even if the primary network was compromised, attackers would not have been able to access or disable key operational systems. This would have limited the need to shut down OT systems and prevented widespread operational disruption.
  • Faster Recovery: With isolated management infrastructure, administrators would have been able to access critical systems remotely, even during the attack. This capability enables faster diagnosis of the issue and restoration of services without relying on compromised networks. In the case of a ransomware attack, for example, OOB management can help initiate recovery operations from backups, minimizing downtime.
  • Reduced Attack Surface: By creating an independent network with fewer access points and stricter controls, OOB infrastructure reduces the chances of attackers exploiting vulnerabilities. It’s an additional layer of security that complicates attempts to breach sensitive control systems.
IMI with Nodegrid2

30-year cybersecurity expert James Cabe recently published a walkthrough of how to do this. Read his article, What to do if you’re ransomware’d, to see how to deploy the Gartner-recommended Isolated Recovery Environment that lets you fight through an active attack.

Get the Blueprint for Building IMI

The American Water cyberattack is another wake-up call for critical infrastructure providers to rethink their cybersecurity strategies. Isolated Management Infrastructure is the key approach to retaining control during an attack, but requires the robust capabilities of Generation 3 out-of-band to ensure rapid recovery. To help utilities and essential services fortify their infrastructure, ZPE Systems recently created a blueprint for building IMI. Download the blueprint now to follow the best practices architecture and become resilient against cyberattacks.

BlueprintPDF
Download Blueprint

Using Isolated Management Infrastructure to Access the Debug Port of Open Compute Project (OCP) Devices in AI Deployments

by | Oct 14, 2024 | Data Center Management, Data Center Resilience, Micro-segmentation, Network Automation, Out of Band Management, Remote Network Management

Data center computers large facility with servers storage. Illustration AI Generative

As artificial intelligence (AI) workloads grow more demanding, data centers are turning to specialized hardware like Open Compute Project (OCP) cards to meet their needs.

OCP cards, known for their open-source architecture and scalability, have become popular in AI-driven infrastructures due to their flexibility and cost-efficiency.

However, managing and troubleshooting these cards — especially in large-scale AI deployments — can pose significant challenges, particularly when it comes to accessing debug ports for diagnostics.

In this post, we’ll explore how isolated management infrastructure (IMI) offers a secure and reliable solution for accessing the debug ports of OCP cards used in AI systems. We’ll also discuss the importance of debugging in AI, the obstacles that come with large-scale deployments, and the role of IMI in overcoming those hurdles.

OCP Cards in AI: A High-Performance Solution

Open Compute Project cards have become central to AI and machine learning (ML) environments due to their powerful compute capabilities, scalability, and open-source design. These cards are often integrated into large data centers tasked with training AI models, running inference operations, and handling massive data streams.

With OCP cards, companies can optimize their data center hardware for specific workloads without being tied to proprietary solutions. This open-source approach allows for flexibility in AI infrastructure, but it also introduces challenges when managing such hardware at scale, especially when components fail or need troubleshooting.

The Importance of Debugging and Monitoring in AI

Debugging and monitoring are critical components of maintaining AI infrastructure. AI model training, in particular, places heavy demands on hardware, making performance consistency a key factor. Any malfunction at the hardware or software level needs to be identified and resolved quickly to avoid costly downtime.

One way to troubleshoot hardware-related problems is by accessing the debug ports of OCP cards. Debug ports provide administrators with direct access to diagnostics, enabling them to monitor system health and perform necessary repairs. However, accessing these ports can be difficult, particularly in AI deployments where hardware is distributed across large data centers.

The Challenges of Accessing Debug Ports in AI Deployments

In a large AI deployment, accessing the debug ports of individual OCP cards can present several obstacles:

  • Physical Access: High-density data centers make it challenging for technicians to reach hardware components physically. In many cases, the OCP cards are housed in remote locations, requiring specialized tools for diagnostics.
  • Security Risks: Allowing unrestricted access to debug ports can introduce security vulnerabilities. If these ports are not properly secured, cyber attackers could exploit them to gain control of critical infrastructure.
  • Network Disruptions: During system failures, it can be difficult to access the network and troubleshoot the issue. When the primary network goes down, relying on that same network to manage hardware can delay recovery efforts and worsen the outage.

These challenges make it essential to adopt a secure, remote solution for managing OCP cards and their debug ports, especially when it comes to AI environments where any downtime can disrupt business-critical operations.

How Isolated Management Infrastructure (IMI) Works

Isolated management infrastructure (IMI) is a dedicated, separate network used exclusively for system management and maintenance. Unlike the primary network that handles day-to-day operations, the management network is isolated to ensure uninterrupted access to critical systems, even during outages or security incidents.

OOB management network isolation with the Nodegrid platform.

Image: Isolated Management Infrastructure physically separates management access from production assets.

By implementing IMI, administrators can remotely access the debug ports of OCP cards without affecting the main production network. This setup not only secures the debug ports but also ensures that troubleshooting can be done in real-time, even if the primary network is down.

Benefits of Using IMI for OCP Debug Ports:

  • Secure, Controlled Access: Since the management network is isolated, it limits access to only authorized personnel. This reduces the chances of an attacker compromising critical hardware through exposed debug ports.
  • Reduced Downtime: IMI enables administrators to access, troubleshoot, and repair systems quickly, minimizing downtime during failures or performance issues. Even during major network outages, IMI ensures out-of-band (OOB) access to the OCP cards’ debug ports.
  • Lower Security Risks: By separating management traffic from regular operations, IMI reduces the attack surface. It becomes more difficult for hackers to use network vulnerabilities to gain unauthorized access to critical infrastructure.

Out-of-band management for OCP servers

Implementing Isolated Management for OCP Debug Access

To implement isolated management infrastructure for accessing the debug ports of OCP cards, follow these steps:

  • Network Segmentation: Physically separate your management network from the production network. Ensure that management traffic is not routed through the same pathways used for regular operations.
  • Use Out-of-Band Management Devices: Deploy dedicated OOB management hardware that allows for remote access and control of the OCP cards, even when the primary network is unavailable. This can include IPMI (Intelligent Platform Management Interface) or SSH (Secure Shell) for secure communication.
  • Integrate with Monitoring Systems: Combine IMI with automated monitoring and alerting systems. This way, any anomaly detected in the AI environment will trigger a response, allowing administrators to quickly access the OCP card’s debug port for diagnostics.

Security Benefits of Isolated Management Infrastructure

In addition to improving accessibility, IMI enhances security across the board in AI environments. Here’s how: 

  • Limited Access Points: Isolating management infrastructure limits the number of entry points for attackers, significantly reducing the attack surface.
  • Controlled User Access: Only authorized users can access the isolated network, meaning that internal threats and insider attacks are also mitigated.
  • Compliance and Auditing: For industries with strict regulatory requirements, IMI provides clear documentation and control over system access, helping organizations meet compliance standards and pass security audits.

Real-World Example

Consider a scenario in a data center where an AI model’s training process experiences sudden instability. The system administrator, located remotely, uses IMI to securely access the OCP card’s debug port through an OOB management interface.

The problem is quickly diagnosed and resolved without needing physical access to the hardware, minimizing downtime and ensuring that the AI model’s training can continue uninterrupted.

Deploy IMI with Nodegrid to Strengthen AI Environments

As AI infrastructures grow, so do the risks and complexities associated with managing them. The October 2024 cyberattack on American Water, which impacted their operational technology and water distribution, highlights the need for robust, secure, and isolated management networks to avoid large-scale disruptions.

By integrating isolated management infrastructure into your AI data center, you can ensure quick access to critical systems like OCP devices, reduce the impact of system failures, and improve security. ZPE Systems’ Nodegrid is a Gen 3 out-of-band management platform that allows you to deploy IMI in your data center environment, and it’s the only out-of-band management built to manage OCP cards. It can integrate or directly host third-party applications for automation, security, and much more, consolidating an entire tech stack into a single, cost-efficient solution.

Schedule a demo to see how Nodegrid gives remote access to OCP cards and strengthens your AI deployments.

Top 5 Data Center Mistakes and How To Avoid Them

by | Oct 9, 2024 | Data Center Management, Data Center Resilience, Increase Productivity, Micro-segmentation, Minimize Impact of Disruptions, Network Automation, Out of Band Management, Power Management, Remote Network Management, Serial Consoles, Streamline Deployments, Zero Touch Provisioning (ZTP), Zero Trust Security

Top 5 Data Center Mistakes and How To Avoid Them

Data center deployments require careful planning and execution. The sheer complexity makes it easy to stumble into common pitfalls that can compromise uptime, security, and scalability. After talking with hundreds of customers, we’ve compiled the top five data center mistakes organizations often make during deployments, with tips on how to avoid them.

1. Overlooking Isolated Management Infrastructure

In the data center, the focus is bringing production infrastructure online, including power, cabling, racks, servers, and network gear. But many project managers and architects say they wished they’d given more attention to setting up proper management infrastructure. This oversight usually leads to business challenges down the line, especially when management access relies on the production infrastructure. When a device fails or goes offline, there’s no choice but to go on-site to manually troubleshoot and recover. Many professionals admit to making this data center mistake and wish that they had considered this early in the planning process. Incorporating something called Isolated Management Infrastructure from the start can avoid this challenge, since it provides a dedicated management plane through which teams can access production gear without relying on the production network. 

Tip: Make management infrastructure a priority in your initial planning stages. This proactive approach can prevent complications later.

IMI

2. Neglecting Automation for Configuration and Scaling

Many data center implementors focus heavily on the “rack and stack” initial setup, but fail to automate processes for configuration and scaling operations. This data center mistake often leads to days’ or weeks’ worth of manual, repetitive work, while also exposing the organization to human error. A lot of people we talked to wish they’d invested just a few weeks into automating essential tasks such as switch setup, VLAN configurations, and IP address assignments, which would have saved them lots of time later on and likely helped to prevent errors. Additionally, if rearchitecting is needed, automated systems allow for quick reimplementation, minimizing the time and complexity involved. 

Tip: Dedicate time to automating routine processes. This investment will pay off in enhanced operational efficiency and reduced human error.

3. Inadequate Out-of-Band Management

When people think of out-of-band (OOB) management, a common misconception is that it is solely about Ethernet switches. However, it’s crucial not to overlook the importance of having management access to your entire device stack. Low-level access can be essential for system recovery and management. The recent CrowdStrike outage is a perfect example – when the failed devices needed to be reimaged, typical out-of-band management solutions were inadequate at providing this type of low-level access. Generation three out-of-band serial consoles, like the Nodegrid Net SR, give Ethernet, serial, and USB access, allowing teams to remote-in at the BIOS level to revive failed devices. Using this kind of comprehensive out-of-band – on a fully isolated management plane – helps teams remotely recover and confidently automate processes.

Tip: Ensure that your OOB strategy includes robust serial console access to enhance system reliability and recovery capabilities.

IMI with Nodegrid2

4. Ignoring Security Best Practices

Zero trust security is no longer just advisable, it’s essential. The typical approach is to establish direct connectivity to devices to configure, troubleshoot, upgrade, etc. But this comes with unnecessary risks, often exposing management ports to the Internet and leaving you at risk of attack. Without a fully isolated management plane and zero trust security controls, how would you recover if you were ransomware’d? This is why it’s essential to implement security controls like role-based access and multi-factor authentication, and ensure complete separation of management and production networks. 

Tip: Prioritize security by adopting a zero-trust approach and implementing rigorous access controls to safeguard your data center.

5. Cutting Corners on Out-of-Band Management

In the race for implementing AI, it’s crucial to invest in AI data center infrastructure. But organizations often cut corners on their ability to manage the underlying infrastructure that powers AI. Management access should not stop at ethernet switches; it should extend to encompass serial console access, PDUs, jump boxes, 5G connectivity, routing, WAN links, and a centralized cloud hub with secure tunnels to colocation sites. Using a comprehensive and centralized platform like Nodegrid consolidates many management devices into one while giving remote control to optimize AI’s underlying infrastructure. Aside from enhancing efficiency, this approach minimizes waste and energy consumption, which addresses environmental, social, and governance (ESG) concerns. 

Tip: Avoid the partial out-of-band management deployment. A complete system not only supports resilience and security but also contributes to sustainability goals.

 

Addressing these common data center mistakes can significantly enhance operational efficiency, security, and scalability. By prioritizing management infrastructure, automating processes, ensuring adequate out-of-band access, implementing robust security measures, and investing wisely in management systems, organizations can build resilient data centers equipped to meet the demands of today and the future.

Marcel van Zwienen gives a walkthrough of ZPE Cloud for remote device management.
Watch Marcel's Demo

See ZPE Cloud in action with this video demo

Senior Sales Engineer Marcel van Zwienen gives you a hands-on demo of ZPE Cloud in this video. Watch Marcel take you from signing in to gaining remote access for troubleshooting, to showing how to apply configuration changes automatically across device fleets. Watch now at the link below.

BlueprintPDF
Download Blueprint

Use Our Blueprint to Avoid Data Center Mistakes

Our blueprint shows how to deploy an isolated management infrastructure, which gives you secure remote access to recover from outages and automate operations. Download now for the complete guide.

Perle Console Server Replacement Options

by | Oct 3, 2024 | Data Center Management, Data Center Resilience, Improve Network Security, Increase Productivity, Minimize Impact of Disruptions, Monitoring & Reporting, Out of Band Management, Power Management, Remote Network Management, Serial Consoles, Zero Touch Provisioning (ZTP), Zero Trust Security

NCSP Back side

Perle offers two console server solutions for out-of-band (OOB) management of data center infrastructure: the IOLAN SCG and the IOLAN SCR. The SCG is available in both fixed and modular form factors, while the SCR comes in four models with different combinations of 56 managed ports, allowing companies to choose the OOB management hardware that best suits their environment. Unfortunately, IOLAN solutions suffer from hardware and software limitations that can curb scalability and limit agility. This guide discusses Perle console server replacement options that enable streamlined growth through automation capabilities and vendor freedom.

Quick Links:

 

Key takeaways

  • Perle IOLAN SCG appliances offer out-of-band console server management for up to 48 devices in a fixed or modular form factor. Perle IOLAN SCR console servers come with four different managed port configurations for added flexibility.
  • Perle console servers offer some automation capabilities, like auto-discovery and zero-touch provisioning, as well as comprehensive firewall functionality. However, their underpowered hardware and closed management software prevent Guest OS hosting or third-party infrastructure automation and orchestration.
  • The Nodegrid platform from ZPE Systems overcomes these limitations with robust CPU, RAM, and storage, as well as vendor-neutral software. It enables data center scalability by providing high-density serial port configurations and supporting 3rd-party automation.
  • Nodegrid can also run networking, security, edge computing, AIOps, and more, consolidating the data center tech stack and improving operational efficiency.

 

Perle IOLAN console server overview

Perle IOLAN SCG console servers provide out-of-band management for up to 48 infrastructure devices. Fixed-form-factor models use copper Ethernet for networking and OOB, while the modular version has options for Wi-Fi, cellular, and dial-up. The modular series also has three expansion bays that support any combination of 16-port RS-232 or USB serial modules.

Perle IOLAN SCR console servers come in four different models with up to 56 managed serial, USB, and Ethernet ports, as well as optional cellular integration.

Click here to compare Perle console server tech specs.

Perle console servers have automatic LLDP (Link Layer Discovery Protocol) discovery and can extend zero-touch provisioning (ZTP) to end-devices. They come with an embedded firewall, OpenVPN and IPSec VPN, and AES encryption. The PerleVIEW cloud-based management software provides centralized monitoring and control of all connected data center infrastructure.

 

Why consider Perle console server alternatives

IOLAN console servers have an underpowered 500 MHz core 32-bit ARM processor, 4GB of flash storage, and 1GB RAM. This hardware may be sufficient for basic infrastructure management workflows and ZTP, but it prevents Guest OS hosting and more advanced automation. The Perle platform also doesn’t integrate with any third-party automation or orchestration solutions.

An inability to fully automate infrastructure management workflows – or to orchestrate those tasks that can be automated – ultimately limits operational efficiency and data center scalability. Consequently, IT teams can’t effectively support the needs of the growing business, adapt to strategy changes, or focus on revenue-driving innovations like artificial intelligence and machine learning (AI/ML).

What’s needed is an open platform that can manage any device, automate any workflow, and work with third-party software to provide a fully integrated infrastructure orchestration experience.

 

Perle console server replacement options from ZPE Systems

Nodegrid is a family of vendor-neutral console server solutions from ZPE Systems. It comes in four models:

  1. The Nodegrid Serial Console Plus (NSCP) is a robust platform offering up to 96 managed serial ports in a 1U rack-mounted form factor for hyperscale data centers and cloud service providers.
  2. The Nodegrid Serial Console S Series provides up to 48 auto-sensing ports to unify management of legacy, modern, and multi-vendor data center environments.
  3. The Nodegrid Net Services Router (NSR) is a modular solution that can be customized with a range of serial, networking, storage, and compute cards to adapt to any use case.
  4. The Nodegrid Serial Console Plus Core Edition (NSCP-CE) is ideal for break-fix deployments while providing more robust security capabilities than comparable solutions.

Nodegrid devices come with Intel x86-32 bit processors, robust (and upgradable) internal storage and RAM options, and a Linux-based Nodegrid OS. The NSCP, S Series, and NSR support Guest OS and Docker containers for third-party applications. That means they can directly host infrastructure automation and orchestration (like Ansible, Puppet, and Chef), security (like Palo Alto’s next-generation firewalls), and much more. Plus, it can extend this automation to legacy and mixed-vendor devices that otherwise wouldn’t support it.

All Nodegrid models can use a wide range of USB environmental monitoring sensors to help remote teams maintain optimal conditions in the data center. Nodegrid hardware protects the control plane with advanced security features like BIOS protection, UEFI Secure Boot, self-encrypted disk (SED), Trusted Platform Module (TPM) 2.0, and a multi-site VPN using IPSec, WireGuard, and OpenSSL protocols. The Nodegrid OS and the ZPE Cloud management software are also Synopsys-validated as achieving industry-leading security.

 

 

Which Nodegrid serial console is right for you?

Use Cases
Serial
Network
CPU
Guest OS
Docker Apps
Storage
RAM
Wi-Fi
Cellular
Power
Data Sheet
Nodegrid NSCP
Hyperscale data centers and cloud service providers
16 / 32 / 48 / 96
2 SFP+ & 2 ETH
Intel x86_64 quad core
1
1-2
32GB SSD
4GB DDR4
Optional
Optional
Single or Dual AC

Dual DC

Download
Nodegrid NSC S Series
Mixed legacy, modern, and multi-vendor environments
16 / 32 / 48
2 SFP+ or 2 ETH
Intel x86_64 dual core
1
1-2
32GB SSD
4GB DDR3
Optional
Optional
Single or Dual AC

Dual DC

Download
Nodegrid NSR
Modular and adaptable to any use case
16 / 32 / 48 / 64 / 80
2 SFP+ & 2 ETH
Intel x86_64 quad core or 8-core
1-6
1-4
32GB – 128GB
8GB DDR4
Optional
Optional
Single or Dual AC

Dual DC

Download
Nodegrid NSCP-CE
Break-fix solution for data centers, colocations, and branches
16 / 32 / 48
2 SFP & 2 ETH
Intel x86_64 dual core
0
0
16GB SSD
4GB DDR4
Optional
Optional
Dual AC

Dual DC

Download

Future-proof your data center with Nodegrid

Perle console servers deliver unified, out-of-band management of remote data center infrastructure with some basic automation capabilities, but their closed architecture and underpowered hardware limit extensibility and scalability. Nodegrid improves upon outdated console server solutions with a vendor-neutral platform that supports unlimited innovation and growth with less management complexity.

To learn more about Perle console server replacement options, schedule a demo of the vendor-neutral Nodegrid platform.

 

Perle IOLAN console server tech specs

Use Cases
Serial
Network
CPU
Guest OS
Docker Apps
Storage
RAM
Wi-Fi
Cellular
Power
IOLAN SCG (Fixed)
Data centers
16 / 32 / 48
1 ETH
ARM 32-bit 500MHz single core
0
0
4GB Flash
1GB
No
No
Single AC
IOLAN SCG (Modular)
Multiple
Up to 50
2 SFP or 2 ETH
ARM 32-bit 500MHz single core
0
0
4GB Flash
1GB
Optional
Optional
Dual AC

Dual AC

IOLAN SCG (Modular)
Large data centers
24 / 32 / 40 / 56
2 SFP (SCR256)

2 SFP & 2 ETH (SCR226, 242, 258)

ARM 32-bit 500MHz single core
0
0
4GB Flash
1GB
Optional
Optional
Dual AC

Ready to replace your outdated Perle console server?

 

We know that replacing outdated, EOL devices takes a lot of effort. That’s why ZPE now offers a complete package of budget-friendly products and engineering services to help streamline the process.

Click here to see how we make it easy to upgrade to next-gen out-of-band management.

View our guide

How Oxidized Network Backups Improve Resilience

by | Oct 2, 2024 | Data Center Management, Data Center Resilience, Increase Productivity, Minimize Impact of Disruptions, Out of Band Management, Remote Network Management, Serial Consoles

How Oxidized Network Backups Improve Resilience

A network administrator configures an enterprise networking device.

Network outages are extraordinarily expensive and disruptive to business, with recent EMA research finding that outages cost an average of $14,056 per minute in 2024. While these outages have numerous possible causes, two of the largest and most preventable are human error and configuration issues. Enterprise networks keep growing bigger and more complicated, with factors like network decentralization, the use of network automation solutions, and the constant threat of cybersecurity breaches contributing to management complexity and the risk of costly mistakes.

Oxidized is an open-source network configuration backup and change management tool that can help prevent human errors and malicious actors from disrupting network services. It also accelerates recovery from equipment failures and ransomware attacks without increasing network complexity. This guide explains how Oxidized network backups can improve resilience, or the ability to withstand adversity and continue business operations with minimal disruption.

What is Oxidized, and how does it work?

Oxidized is a lightweight tool that automatically backs up network device configurations and tracks changes. It supports more than 130 operating systems and easily integrates with third-party network management tools like LibreNMS.

Oxidized uses REST APIs to pull configurations from network devices and send them to a Git repository or network management platform. Administrators can configure it to make backups according to a specific schedule, and it automatically pulls a new version (called a diff version) whenever a device’s configuration is changed. Teams can view diff versions in the Oxidized web UI as well as whichever Git repository or management platform the backups are being sent to.

Viewing Oxidized network backup diff versions in the web UI.

Viewing diff versions in the Oxidized web UI. Source

How Oxidized network backups improve resilience

Network resilience is the ability to minimize business disruptions when adverse events occur, such as ransomware attacks, botched updates, natural disasters, and equipment failures. Oxidized network backups improve resilience in numerous ways. For example:

  1. Administrators can easily roll-back device configurations to a previous version if a change causes problems. This significantly shortens the duration of outages or service degradations.
  2. Teams can quickly deploy known-good configurations to replacement devices when equipment failures or ransomware breaches happen, significantly accelerating recovery times.
  3. Configurations can be monitored with version control to prevent unauthorized changes from proliferating unnoticed, helping teams stop ransomware and other malicious actors in their tracks.

Enhancing network resilience with out-of-band management

Network backups are crucial, but they’re only one piece of the resilience puzzle. Another best practice for minimizing business disruption is to isolate the network control plane with out-of-band (OOB) management. OOB moves all network management and infrastructure control functions to an entirely separate network that runs parallel with the production (or in-band) network but doesn’t rely on any of the same infrastructure or services. It allows teams to perform management, troubleshooting, backup, and recovery workflows remotely on a dedicated connection, such as secondary Fiber or cellular LTE, that remains available even if the in-band network goes down from an equipment failure, ISP outage, or ransomware attack.

By isolating management interfaces and workflows on a separate network, OOB management helps prevent malicious software or people from accessing them from a breached production system. For example, running Oxidized backups on the OOB network ensures that teams can safely deploy configs to new or rebuilt equipment without risking ransomware reinfection, speeding up recovery times and reducing financial impacts.

Minimize business disruption with Oxidized + Nodegrid

Nodegrid is a vendor-neutral out-of-band management platform that uses console servers and integrated branch services routers to isolate your control plane without the need for parallel infrastructure.

OOB management network isolation with the Nodegrid platform.

OOB management network isolation with the Nodegrid platform.

Nodegrid’s open architecture and extensible management software allow you to integrate, host, and run your choice of third-party services and solutions. You can use it to deploy network automation, run next-generation firewall software, host recovery tools, or even deliver services while the primary network or systems are down. With the combination of Oxidized network backups and Nodegrid OOB, you can minimize the impact of adverse events without driving up costs or complexity.

Deploying Oxidized network backups with Nodegrid OOB helps reduce the duration, expense, and hassle of downtime. Schedule a Nodegrid demo to learn more.

Schedule a Nodegrid Demo