NetDevOps Archives

Opengear EOL: IM7200 Alternative Options

by Jordan Baker | Jun 22, 2023 | Increase Productivity, Minimize Impact of Disruptions, NetDevOps, Remote Network Management, Serial Consoles, Uncategorized

The Opengear IM7200 is a line of out-of-band (OOB) serial consoles, also known as terminal servers, console servers, serial console servers, serial console routers, and serial console switches. The Infrastructure Manager (IM) solution provides consolidated remote management of data center infrastructure. The IM7200 is EOL as of the 31st of March, 2023, with an end-of-sale date of the 30th of September 2023 – click here to see a full list of affected product SKUs. In this blog, we’ll discuss replacement options for the IM7200, including Opengear alternatives that deliver unlimited automation capabilities and complete vendor freedom.

Table of contents:

Opengear IM7200 overview
Opengear migration options: OM2200
- OM2200 features & tech specs
- Opengear OM2200 limitations
Opengear alternative options from ZPE Systems
Opengear IM7200 migration SKUs

Opengear IM7200 overview

The Opengear IM7200 is a line of serial console solutions that provide out-of-band (OOB) management for 8-48 devices. It’s designed to give administrators a dedicated control plane from which to access and manage remote infrastructure in data centers and large IT deployments.

With the IM7200 now EOL, Opengear recommends migrating to the OM2200 series. Let’s take a look at the features, specifications, and limitations of the Opengear OM2200 before discussing some alternative options.

Looking for replacement options for other discontinued serial consoles and branch routers? Try:

Opengear migration options: OM2200

The Opengear OM2200 Operations Manager console server solution provides OOB management for up to 48 devices over serial and/or Ethernet. OOB and failover use dual fiber ports, with an optional LTE-A Pro cellular module available. One of the OM2200’s biggest strengths is its power management capabilities, uniquely supporting over 100 power vendors’ equipment.

The OM series is Opengear’s line of NetOps console servers, which means they support Opengear’s automation modules as well as Python scripts and Docker container deployments. However, Zero Touch Provisioning (ZTP) and RESTful APIs are locked behind an upgraded version of Opengear’s Lighthouse software. In addition, the OM2200 is what’s known as a 2nd generation or “Gen 2” serial console, which means it isn’t vendor-neutral and can’t integrate or host third-party applications for automation or security.

Opengear OM2200 Features & Tech Specs
Notable Serial Console Features	• SSH direct to consoles • Keystroke logging • Alert on cable disconnects • Text pattern match • Multiple concurrent sessions • Automatic device name discovery
OOB Managed Interfaces	• 16, 32, 48 ports
Hardware	• AMD X86, 64-bit CPU • 8 GB DRAM • 64 GB SSD
Automation	• Opengear NetOps modules • Docker • Python • Perl and bash support • Ruby
Automation for End Devices	• Can run playbooks • Python • Lighthouse
Guest OS	• Docker support
Power Management	• Monitor UPS battery status • Automate routine maintenance and load testing • Control PDU outlets via serial, USB, and Ethernet • Enforce remote power permissions and map managed consoles to outlets • Minimize MTTR with out-of-band power control • Uniquely supports over 100 power vendors’ equipment
Hardware Security	• TPM 2.0 • Embedded firewall
Form Factor	Fixed 1RU

Opengear OM2200 limitations

The OM2200 is a good Gen 2 serial console switch that offers some major improvements over the IM7200, but it still falls short of delivering Gen 3 OOB console server functionality in the following ways.

Vendor lock-in: The X86 CPU and Linux-based OS makes the OM2200 programmable and extensible, but Opengear’s Lighthouse management software is not truly vendor-neutral. That means your third-party integration capabilities will be limited to specific supported solutions. If you have a hybrid, distributed, or multi-vendor infrastructure, this limitation could leave gaps in your management and orchestration coverage.
Limited automation: The OM2200 improves upon the 7200 by supporting Opengear NetOps modules and allowing scripting and ZTP within the Lighthouse Automation edition. However, this automation only extends to certain supported end-devices, which means you’ll either need to stay within Opengear’s ecosystem, or manually provision and deploy the rest of your infrastructure.
Lack of security: The OM2200 includes TPM 2.0 security, SAML 2.0 support, and an embedded firewall. However, it does not include additional hardware security like geofencing, BIOS protection, or UEFI secure boot. This increases the risk that a stolen serial console could be used by cybercriminals to breach your OOB management network.

Both the Opengear IM7200 and OM2200 are Gen 2 serial console servers, which means they provide OOB management access as well as some automation functionality to simplify individual network management workflows. However, due to vendor lock-in and minimal hardware security, the OM series falls short of the end-to-end automation and security required for a Gen 3 serial console solution.

Opengear alternative options from ZPE Systems

Another migration option for EOL Opengear console servers is the Nodegrid solution from ZPE Systems. This Gen 3 OOB management platform includes a wide range of serial console servers and integrated branch services routers to choose from, with the Nodegrid Serial Console Plus (NSCP), the Nodegrid Serial Console S Series, and the Noderid Net Services Router (NSR) serving as direct replacements for the IM7200.

Nodegrid Serial Console Plus (NSCP)

The high-density Nodegrid Serial Console Plus comes in 16, 32, 48, and 96 serial RJ45 port configurations as well as providing 2 USB 3.0 ports for a total of 98 managed devices on a single 1RU solution. That means a single NSCP could replace up to 12 Opengear IM7200 serial consoles, saving on hardware costs and optimizing rack space.

Nodegrid Serial Console S Series

The Nodegrid S series, which comes in 16, 32, or 48-port configurations, uses auto-sensing ports to provide seamless management of modern, legacy, and mixed-vendor infrastructure. The S Series RS232 serial console switch is the perfect legacy modernization platform because it allows you to extend automation to end devices that otherwise wouldn’t support it.

Nodegrid Net Services Router (NSR)

The Nodegrid Net Services Router (NSR) is an all-in-one branch networking solution that delivers OOB, SD-WAN, and more in a single box. The NSR has a modular design that lets you customize your solution with extra terminal server capabilities, storage, processing power, or GbE Ethernet ports.

All Nodegrid devices are secured with on-board features like BIOS protection, geofencing, TPM 2.0, and UEFI Secure Boot. An embedded firewall provides additional functionality like multi-site IPSec VPN, advanced authentication, and 2FA and SAML 2.0.

Nodegrid’s hardware can also directly host VMs, Docker containers, and third-party security and automation applications. Plus, the Linux-based Nodegrid OS supports NetOps automation and orchestration via integrations with tools like Docker, Chef, Puppet, and Ansible. In addition, ZPE’s management software, which is available as an on-premises or web-based solution, provides vendor-neutral visibility and orchestration of all your data center and cloud infrastructure behind one pane of glass.

Nodegrid features & tech specs

	Nodegrid NSCP	Nodegrid S Series	Nodegrid NSR
Notable Serial Console Features	• SSH direct to consoles • Keystroke logging • Logging to ZPE Cloud, NFS, Local • Alert on cable disconnects • Text pattern match with scriptable actions • Multiple concurrent sessions • Automatic device name discovery • Session sharing for collaboration • IP address per serial port • Secure session logout enforcement • Power control hotkey on serial port • Configurable icon per serial port	• SSH direct to consoles • Keystroke logging • Logging to ZPE Cloud, NFS, Local • Alert on cable disconnects • Text pattern match with scriptable actions • Multiple concurrent sessions • Automatic device name discovery • Session sharing for collaboration • IP address per serial port • Secure session logout enforcement • Power control hotkey on serial port • Configurable icon per serial port	• SSH direct to consoles • Keystroke logging • Logging to ZPE Cloud, NFS, Local • Alert on cable disconnects • Text pattern match with scriptable actions • Multiple concurrent sessions • Automatic device name discovery • Session sharing for collaboration • IP address per serial port • Secure session logout enforcement • Power control hotkey on serial port • Configurable icon per serial port
OOB Managed Interfaces	• 16, 32, 48, 96 ports (1RU)	• 16, 32, 48 ports	• Up to 5 x 16-port RJ-45 Serial modules
Hardware	• Intel X86, 64-bit CPU optimized for running VMs and automation tools • Dual-SIM 5G/4G/LTE, Wi-Fi, and V.02 modem for OOB/Failover	• Intel X86, 64-bit CPU optimized for running VMs and automation tools • Dual-SIM 5G/4G/LTE, Wi-Fi, and V.02 modem for OOB/Failover	• Intel X86, 64-bit CPU optimized for running VMs and automation tools • Dual-SIM 5G/4G/LTE, Wi-Fi, and V.02 modem for OOB/Failover
Automation	• ZPE Cloud • Chef • Docker • Puppet • Python • Ruby • ShellScript • Node.js JavaScript • Red Hat Ansible • KVM Hypervisor	• ZPE Cloud • Chef • Docker • Puppet • Python • Ruby • ShellScript • Node.js JavaScript • Red Hat Ansible • KVM Hypervisor	• ZPE Cloud • Chef • Docker • Puppet • Python • Ruby • ShellScript • Node.js JavaScript • Red Hat Ansible • KVM Hypervisor
Automation for End Devices	• ZPE Cloud • Chef • Docker • Puppet • Python • Ruby • ShellScript • Node.js JavaScript • Red Hat Ansible • KVM Hypervisor	• ZPE Cloud • Chef • Docker • Puppet • Python • Ruby • ShellScript • Node.js JavaScript • Red Hat Ansible • KVM Hypervisor	• ZPE Cloud • Chef • Docker • Puppet • Python • Ruby • ShellScript • Node.js JavaScript • Red Hat Ansible • KVM Hypervisor
Guest OS	• VMs, Docker, Kubernetes, LXC	• VMs, Docker, Kubernetes, LXC	• VMs, Docker, Kubernetes, LXC
Power Management	• Supports major power strips manufacturers • Power management integrated with serial session (escape sequence in the serial session or power buttons in web serial session) • Power control of VMs • Access rights for users & user groups	• Supports major power strips manufacturers • Power management integrated with serial session (escape sequence in the serial session or power buttons in web serial session) • Power control of VMs • Access rights for users & user groups	• Supports major power strips manufacturers • Power management integrated with serial session (escape sequence in the serial session or power buttons in web serial session) • Power control of VMs • Access rights for users & user groups
Hardware Security	• TPM 2.0 • Encrypted solid-state disk • UEFI BIOS with protection • Secure Boot (signed OS • Geofencing	• TPM 2.0 • Encrypted solid-state disk • UEFI BIOS with protection • Secure Boot (signed OS • Geofencing	• TPM 2.0 • Encrypted solid-state disk • UEFI BIOS with protection • Secure Boot (signed OS • Geofencing
Form Factor	Fixed 1RU	Fixed 1RU	Modular 1RU

The Nodegrid Gen 3 serial console solution is an Opengear alternative that serves as a direct replacement for the IM7200 while delivering enhanced automation capabilities and complete vendor freedom.

Watch a free Nodegrid demo to see a Gen 3 console server solution in action.

Watch the Video

Opengear IM7200 migration SKUs:

Opengear IM7200 EOL SKU	In Scope Features	ZPE Replacement Product
IM7208-2-DAC IM7208-2-DDC	8 Serial ports, OOB management	Fixed Form Factor: ZPE-NSCP-T16R-STND-DAC ZPE-NSC-T16S-STND-DAC ZPE-NSCP-T16R-STND-DDC ZPE-NSC-T16S-STND-DDC Modular Form Factor: ZPE-NSR-816-DAC with 1 x 16 port serial module 1 x ZPE-NSR-16SRL-EXPN ZPE-NSR-816-DDC with 1 x 16 port serial module 1 x ZPE-NSR-16SRL-EXPN
IM7216-2-DAC IM7216-2-DDC	16 Serial ports, OOB management	Fixed Form Factor: ZPE-NSCP-T16R-STND-DAC ZPE-NSC-T16S-STND-DAC ZPE-NSCP-T16R-STND-DDC ZPE-NSC-T16S-STND-DDC Modular Form Factor: ZPE-NSR-816-DAC with 1 x 16 port serial module 1 x ZPE-NSR-16SRL-EXPN ZPE-NSR-816-DDC with 1 x 16 port serial module 1 x ZPE-NSR-16SRL-EXPN
IM7232-2-DAC IM7232-2-DDC	32 Serial ports, OOB management	Fixed Form Factor: ZPE-NSCP-T32R-STND-DAC ZPE-NSC-T32S-STND-DAC ZPE-NSCP-T32R-STND-DDC ZPE-NSC-T32S-STND-DDC Modular Form Factor: ZPE-NSR-816-DAC with 2 x 16 port serial module 2 x ZPE-NSR-16SRL-EXPN ZPE-NSR-816-DDC with 2 x 16 port serial module 2 x ZPE-NSR-16SRL-EXPN
IM7248-2-DAC IM7248-2-DDC	48 Serial ports, OOB management	Fixed Form Factor: ZPE-NSCP-T48R-STND-DAC ZPE-NSC-T48S-STND-DAC ZPE-NSCP-T48R-STND-DDC ZPE-NSC-T48S-STND-DDC Modular Form Factor: ZPE-NSR-816-DAC with 3 x 16 port serial module 3 x ZPE-NSR-16SRL-EXPN ZPE-NSR-816-DDC with 3 x 16 port serial module 3 x ZPE-NSR-16SRL-EXPN
96 port not available in IM or OM series	96 Serial ports, OOB management	ZPE-NSCP-T96R-STND-DAC ZPE-NSCP-T96R-STND-DDC

Ready to replace your EOL Opengear IM7200 with a Gen 3 out-of-band serial console solution?

Call ZPE Systems today at 1-844-4ZPE-SYS for a special trade-in promotion.

Uplogix 5000 Local Manager EOL Best Replacement Options

by Jordan Baker | Jan 5, 2023 | Increase Productivity, Minimize Impact of Disruptions, NetDevOps, Remote Network Management, Serial Consoles

A businessman considers two different options, such as which model to replace the Uplogix 5000 Local Manager EOL with

The Uplogix 5000 Local Manager line of serial console servers will go end-of-life (EOL) on December 31, 2025, with software support ending on December 31, 2023. Uplogix recommends the LM83X as a replacement model, but there are some concerns and limitations to be aware of before you make this switch. In this blog, we’ll compare the new LM83X to the Uplogix 5000 Local Manager and discuss an alternative replacement option.

About the Uplogix 5000 Local Manager

The 5000 Local Manager is Uplogix’s flagship serial console, providing out-of-band (OOB) management for up to 38 devices. Management access is delivered via two 10/100/1000 Mbps Base-T Ethernet interfaces, with a slot available for an optional v.92 modem, cellular SIM, RS-232 card, or fiber module.

All Uplogix serial console servers use the Local Manager software platform for monitoring and management. This software includes automation capabilities for routine management, maintenance, and recovery tasks. However, the Local Manager platform does not support the use of third-party automation tools or custom scripts. In addition, while the 5000 Local Manager hardware can access and manage devices from other vendors, the management software is not easily extensible by the customer. That means users are locked into the vendor’s feature roadmap and automation capabilities.

Uplogix 5000 Local Manager tech specs:

System
CPU	Intel 1.3 GHz Atom
RAM	1 GB
Storage	40 GB 2.5″ SSD
Local interfaces	– Up to 38 x RS-232 Serial ports – Up to 8 x dedicated 10/100/1000 Mbps Ethernet ports – 1 x RS-232 Power management port – 1 x RJ-11 Modem port – 2 x USB ports
Management interfaces	– 2 x 10/100/1000 Mbps Base Ethernet interfaces – 1 x RS-232 Console port
Option slots	1 available for field installable internal modems (v.92, cellular, or RS232) or a fiber module
Expansion slots	2 available for: – 8 Port Serial card – 16 Port Serial card – 8 Port Ethernet card (10/100/1000 Mbps)
Power	Dual AC or Dual DC
Features
Vendor-neutral	Heterogeneous device access and management
Security	– Secure Shell (SSHv2) – TACACS and Radius authentication – IP and caller ID filtering – FIPS 140-2 Level 2 – Automatic session management to prevent unauthorized access – Enforces RBAC, command-level authorization – Logging of user access, device changes, and session activity
OOB/Failover	– POTS lines – Cellular modems – Fiber – DSL – Satellite
Device monitoring	In-band or out-of-band data collection every 5 to 30 seconds
Environmental monitoring	– Temperature – Humidity
Remote access	– SSHv2 – Secure access to web-only management interfaces
Automation	Rule-based engine for automation of routine management tasks – No third-party automation – cannot be easily expanded by customer
Remote power management	Monitors and controls power, can remotely restart a managed device

Uplogix ended the sale of the 5000 Local Manager at the end of 2020, with the EOL date set at 12/31/2022. The EOL Uplogix 5000 product SKUs are listed below.

Uplogix 5000 EOL replacement option: The Uplogix LM83X

Uplogix released a new Local Manager serial console to replace the 5000: the LM83X. This model can manage up to 104 devices through the use of three expansion bays for additional serial and Ethernet ports. In addition to two 10/100/1000 Base-T Ethernet interfaces, the new Local Manager has a 1-Gbps SFP port for faster management access.

The LM83X runs on the same Local Manager software platform as its predecessor, which means it also suffers from vendor lock-in and limited automation capabilities. In addition, the Uplogix platform has some advanced security features like FIPS 140-2 Level 2 certification and support for Radius authentication, but it doesn’t support SAML 2.0 for cross-domain single sign-on. That makes it difficult to extend Zero Trust Security best practices to the out-of-band management network, which can leave the entire enterprise vulnerable to an attack.

Another crucial consideration is that Uplogix was just bought by Lantronix, one of its biggest competitors. It’s still unknown how Uplogix will be integrated, leaving existing customers uncertain about the future of their hardware and software support contracts.

Uplogix 5000 Local Manager vs. LM83X tech specs:

	Uplogix 5000	Uplogix LM83X
System
CPU	Intel 1.3 GHz Atom	Not listed
RAM	1 GB	Not listed
Storage	40 GB 2.5″ SSD	256 GB NVMe
Local interfaces	– Up to 38 x RS-232 Serial ports – Up to 8 x dedicated 10/100/1000 Mbps Ethernet ports – 1 x RS-232 Power management port – 1 x RJ-11 Modem port – 2 x USB ports	– Up to 104 x RS-232 Serial ports – 1 x USB-A port – 1 x USB-C port
Management interfaces	– 2 x 10/100/1000 Mbps BaseT Ethernet interfaces – 1 x RS-232 Console port	– 2 x 10/100/1000 BaseT Ethernet ports – 1 x 1-Gbps SFP port
Option slots	1 available for field installable internal modems (v.92, cellular, or RS232) or a fiber module	1 available for field installable internal modems (v.92, cellular, or RS232) or a fiber module
Expansion slots	2 available for: – 8 Port Serial card – 16 Port Serial card – 8 Port Ethernet card (10/100/1000 Mbps)	3 available for: – 8 Port, 16 Port, or 32 Port Serial cards – 8 Port Ethernet card (10/100/1000 Mbps) – LCD keypad
Power	Dual AC or Dual DC	Redundant internal universal power
Features
Vendor-neutral	Heterogeneous device access and management	Heterogeneous device access and management
Security	– Secure Shell (SSHv2) – TACACS and Radius authentication – IP and caller ID filtering – FIPS 140-2 Level 2 – Automatic session management to prevent unauthorized access – Enforces RBAC, command-level authorization – Logging of user access, device changes, and session activity	– Secure Shell (SSHv2) – TACACS and Radius authentication – IP and caller ID filtering – FIPS 140-2 Level 2 – Automatic session management to prevent unauthorized access – Enforces RBAC, command-level authorization – Logging of user access, device changes, and session activity
OOB/Failover	– POTS lines – Cellular modems – Fiber – DSL – Satellite	– POTS lines – Cellular modems – Fiber – DSL – Satellite
Device monitoring	In-band or out-of-band data collection every 5 to 30 seconds	In-band or out-of-band data collection every 5 to 30 seconds
Environmental monitoring	– Temperature – Humidity	– Temperature – Humidity
Remote access	– SSHv2 – Secure access to web-only management interfaces	– SSHv2 – Secure access to web-only management interfaces
Automation	Rule-based engine for automation of routine management tasks – No third-party automation – Not easily expandable	Rule-based engine for automation of routine management tasks – No third-party automation – Not easily expandable
Remote power management	Monitors and controls power, can remotely restart a managed device	Monitors and controls power, can remotely restart a managed device

Alternative Uplogix 5000 EOL replacement options from ZPE Systems

The Uplogix Local Manager solutions are what’s known as second generation, or Gen 2, out-of-band serial consoles. That means they provide heterogeneous device management, built-in security features, and some automation capabilities. However, they fall short of true vendor neutrality, which makes it impossible to achieve end-to-end network automation. In addition, without SAML 2.0 support, Uplogix devices are vulnerable to compromise by malicious actors who could use them to gain control over the production network.

To get secure and extensible OOB management access with end-to-end automation capabilities, you need a Gen 3 out-of-band serial console solution like the Nodegrid platform from ZPE Systems.

About the Nodegrid Serial Console Plus (NSCP)

The Nodegrid Serial Console Plus (NSCP) provides Gen 3 OOB management for up to 96 devices, including support for Cisco and legacy pinouts. Management access is delivered via two Gigabit Ethernet ports, two SFP+ ports, or v.92 modem, with out-of-band and network failover to dual SIM 5G/4G LTE cellular, WiFi, or v.92 modem.

All Nodegrid devices can be managed with one of two offerings: the on-premises Nodegrid Manager software or the ZPE Cloud application. Both solutions are easily extensible with your choice of third-party applications for infrastructure automation and orchestration, security, big data analytics, and more. Nodegrid hardware can even directly host other vendors’ software, giving you a convenient platform for Docker containers, Infrastructure as Code (IaC) playbooks, Security Service Edge (SSE) applications, and SD-WAN solutions.

The Gen 3 NSCP protects your infrastructure using Zero Trust best practices like SAML 2.0 support, disk encryption, and secure boot. ZPE Systems is also the only serial console vendor with a FIPS 140-3 pre-certification, making them the most secure OOB solution on the market.

Head-to-head: Uplogix 5000 vs. Uplogix LM83X vs. NSCP tech specs

	Uplogix 5000	Uplogix LM83X	Nodegrid Serial Console Plus (NSCP)
System
CPU	Intel 1.3 GHz Atom	Not listed	Intel x 86, 64 bit
RAM	1 GB	Not listed	4 GB / 8 GB
Storage	40 GB 2.5″ SSD	256 GB NVMe	32 GB FLASH
Local interfaces	– Up to 38 x RS-232 Serial ports – Up to 8 x dedicated 10/100/1000 Mbps Ethernet ports – 1 x RS-232 Power management port – 1 x RJ-11 Modem port – 2 x USB ports	– Up to 104 x RS-232 Serial ports – 1 x USB-A port – 1 x USB-C port	– Up to 96 x RS-232 Serial ports – 2 x 1-GbE Ethernet – 2 x SFP+ – 2 x USB 3.0 ports – 1 x HDMI port – 1 x Console port – can manage devices RS-232, USB, IPMI, SSH,Telenet, WebUI, RESTAPI – can manage over 500 devices (mix of serial and IP) on a single appliance
Management interfaces	– 2 x 10/100/1000 Mbps BaseT Ethernet interfaces – 1 x RS-232 Console port	– 2 x 10/100/1000 BaseT Ethernet ports – 1 x 1-Gbps SFP port	– 2 x 1-GbE Ethernet – 2 x SFP+ – 1 x v.92 Modem
Option slots	1 available for field installable internal modems (v.92, cellular, or RS232) or a fiber module	1 available for field installable internal modems (v.92, cellular, or RS232) or a fiber module	– Wi-Fi – Dual SIM 5G/4G LTE cellular – v.92 modem
Expansion slots	2 available for: – 8 Port Serial card – 16 Port Serial card – 8 Port Ethernet card (10/100/1000 Mbps)	3 available for: – 8 Port, 16 Port, or 32 Port Serial cards – 8 Port Ethernet card (10/100/1000 Mbps) – LCD keypad
Power	Dual AC or Dual DC	Redundant internal universal power	Single or Dual AC, Dual DC
Features
Vendor-neutral	Heterogeneous device access and management	Heterogeneous device access and management	– Vendor-neutral device access and management – Can directly host third-party apps for security, automation, etc. – Platform integrates with third-party solutions not hosted on Nodegrid hardware – Can extend Zero Touch Provisioning to other vendor devices
Security	– Secure Shell (SSHv2) – TACACS and Radius authentication – IP and caller ID filtering – FIPS 140-2 Level 2 – Automatic session management to prevent unauthorized access – Enforces RBAC, command-level authorization – Logging of user access, device changes, and session activity	– Secure Shell (SSHv2) – TACACS and Radius authentication – IP and caller ID filtering – FIPS 140-2 Level 2 – Automatic session management to prevent unauthorized access – Enforces RBAC, command-level authorization – Logging of user access, device changes, and session activity	Hardware Security: – TPM 2.0 – Encrypted solid-state disk – UEFI BIOS with protection – Secure boot (signed OS) – Geofencing Authentication: – Local – RADIUS – TACACS+ – LDAP/AD – NIS and Kerberos – SAML 2.0 (Okta, Duo, PingID, ADFS)
OOB/Failover	– POTS lines – Cellular modems – Fiber – DSL – Satellite	– POTS lines – Cellular modems – Fiber – DSL – Satellite	– 5G/4G/LTE – V.92 modem – Wi-Fi
Device monitoring	In-band or out-of-band data collection every 5 to 30 seconds	In-band or out-of-band data collection every 5 to 30 seconds	– Keystroke logging – Logging to ZPE Cloud, NFS, Local – Alert on cable disconnects
Environmental monitoring	– Temperature – Humidity	– Temperature – Humidity	– Particulate – Smoke – Airflow & temperature – Proximity/door lock – Temp & humidity – 7-port USB hub – 8-port GPIO – 4-port Relay
Remote access	– SSHv2 – Secure access to web-only management interfaces	– SSHv2 – Secure access to web-only management interfaces	– SSH direct to consoles – ZPE Cloud (web) or Nodegrid Manager (local)
Automation	Rule-based engine for automation of routine management tasks – No third-party automation – cannot be easily expanded by customer	Rule-based engine for automation of routine management tasks – No third-party automation – cannot be easily expanded by customer	– ZPE Cloud – Chef – Docker – KVM Hypervisor – Puppet – Python – RedHat Ansible – Ruby – ShellScript – Node.js JavaScript
Remote power management	Monitors and controls power, can remotely restart a managed device	Monitors and controls power, can remotely restart a managed device	– Support major power strip manufacturers – Power management integrated with serial session (escape sequence in the serial session or power buttons in web serial session) – Power control of VMs – Access rights for users and user groups

The Uplogix LM83X is the direct replacement for the EOL Uplogix 5000 Local Manager, which means it provides the same base capabilities with some upgraded hardware features. However, this also means the LM83X suffers from the same limitations as its predecessor, namely a lack of SAML 2.0 integration and a closed management platform that doesn’t support third-party automation. To achieve end-to-end network automation, you need a Gen 3 OOB serial console solution like the Nodegrid Serial Console Plus.

Uplogix 5000 Local Manager EOL product SKUs

Product SKU	Description	End of Hardware Support	End of Software Support	End of Life	End of Sale
71-1321-10	FIPS Uplogix 5000 Local manager, 14 Serial, V.92 modem	12/31/2023	12/31/2025	12/31/2025	12/31/2020
61-5001-01	Uplogix 5000 8 Port Serial Expansion Module w/LMS-FIPS	12/31/2023	12/31/2025	12/31/2025	12/31/2020
61-5500-30	Uplogix 5000 Local Manager	12/31/2023	12/31/2025	12/31/2025	12/31/2020
61-5500-33	FIPS Uplogix 5000 Local Manager	12/31/2023	12/31/2025	12/31/2025	12/31/2020

Ready to replace your Uplogix 5000?

To replace your Uplogix 5000 Local Manager EOL serial console server with the Gen 3 Nodegrid Serial Console Plus, Contact ZPE Systems today!

Request a Demo Today

Data Center Colocation Services: Best Practices for Managing Remote Infrastructure

by Jordan Baker | Sep 14, 2022 | Data Center Management, Data Center Resilience, Increase Productivity, NetDevOps, NetDevOps Transformation, Network Automation, Out of Band Management, Remote Network Management, Serial Consoles

Data center colocation services can help your customers stay secure

The demand for data center colocation services is on the rise, with the industry estimating an increase of 13.35% in 2022. Colocation services are often less expensive than maintaining an on-site data center, allowing you to redirect resources to more exciting and lucrative technology initiatives. However, remote infrastructure can be more challenging to monitor, secure, and troubleshoot. Plus, if you’re not careful, usage-based pricing could cause your budget to spiral out of control. Here’s what to know about the potential challenges and the best practices to implement to avoid common pitfalls.

Data center colocation services: Challenges and solutions

Challenge 1: Visibility

One way that data center colocation services differ from on-premises data centers is that there is often less physical access to and visibility over the infrastructure. Administrators can’t pop in every day to check environmental conditions like temperature and humidity or to verify that nobody has opened the cage without permission or physically tampered with the equipment. This can make it challenging to maintain optimal conditions to extend the life of your equipment and prevent catastrophic failure.

In addition, colocation facilities also follow the shared responsibility model, which means they’re responsible for a certain portion of security, and you’re responsible for the rest. The facility usually has security cameras, electronic door locks, and other security measures in place, but you generally won’t have access to the videos or logs as a customer. That means you need to ensure that you make up the difference with comprehensive monitoring solutions so there are no gaps in your coverage.

Solution 1: Environmental and infrastructure monitoring

Environmental monitoring sensors collect data on conditions in the data center, providing administrators with a virtual presence in remote colocation facilities. The sensors connect to the I/O ports of console servers and other infrastructure management systems, allowing administrators to monitor things like temperature, humidity, and air quality. Often, these systems use pre-set baselines and will trigger automatic alerts when conditions exceed safe levels, making it easier to efficiently monitor remote infrastructure.

Some environmental monitoring systems also include physical tampering sensors, which will alert administrators if someone opens the door to your cage or comes in close proximity to your equipment without prior authorization. This helps to supplement the physical security provided by colocation services and gives you more control over your remote infrastructure.

Challenge 2: Compliance with data privacy regulations

When the infrastructure used to store and process data is no longer managed on-site by in-house staff, it gets much more difficult to stay compliant with strict data privacy regulations. For example, if your organization processes HIPAA data, you need to know exactly who has access to that data, what specific data they access, and why they need access. That also includes access to the infrastructure that stores and processes the data.

If that infrastructure is housed and managed by a third party, as is the case with data center colocation, you need stricter privacy and security controls to maintain compliance.

Solution 2: Zero trust security

The zero trust security methodology is based on the principle of “never trust, always verify.” In the zero trust model, you microsegment your network to facilitate the creation of highly precise security policies and controls. This allows you to control exactly who has access to which resources in your colocation facility.

In addition, the zero trust methodology recommends identity and access management (IAM) solutions with two-factor authentication (2FA) and user and entity behavior analytics (UEBA). These solutions force an account to re-verify its identity and re-establish trust before it can move to different microsegments and access other resources. This both aids in data privacy compliance and limits the lateral movement of compromised accounts, improving the overall security of your remote infrastructure.

Challenge 3: Around-the-clock access to remote infrastructure

Colocation data center infrastructure is managed remotely over the WAN, which requires an internet connection. When administrators manage that infrastructure on the same production network used for data traffic, it’s known as in-band management.

The issue with in-band management is that it relies on the same LAN architecture that’s used in production. That means a misconfiguration or hardware failure that takes the LAN offline will also cut off all management access, making remote troubleshooting impossible. The same issue occurs if there’s a WAN failure or ISP outage.

If administrators can’t troubleshoot and recover the infrastructure remotely, you will need to dispatch a truck roll, which is both expensive and time-consuming. And, the longer that infrastructure is offline, the higher your downtime costs, including lost business and reputation damage.

Solution 3: Out-of-band (OOB) management

Out-of-band (OOB) management uses serial consoles with secondary WAN interfaces to provide an alternative path to remote infrastructure. OOB serial consoles create a dedicated management network that’s separate from the production LAN. This gives you the ability to perform resource-intensive orchestration workflows without negatively impacting production performance.

OOB management also allows administrators to remotely troubleshoot device failures, LAN misconfigurations, and other sources of outages. This reduces your reliance on truck rolls and helps you recover from outages quicker, so you can lower your costs and protect your reputation.

Challenge 4: Colocation bills

The cost of data center colocation services is generally dependent on your power and bandwidth usage as well as the amount of space your equipment takes up. If not managed properly, usage-based pricing can cause your monthly bill to vary dramatically, wreaking havoc on your budget. Many factors lead to usage spikes, such as sudden surges in demand and inefficient power distribution.

Plus, as your business grows and your technology requirements evolve, you may need to scale up the number of devices in your rack. And as you add more computing, storage, and server resources, you also need more management devices (e.g., serial consoles), all of which take up valuable real estate in the data center.

Solution 4: DCIM orchestration, SDN, and all-in-one devices

This particular challenge has multiple solutions, any or all of which can help keep costs in check while enabling easier scaling.

Data center infrastructure management (DCIM) solutions provide a centralized platform from which to monitor and control remote infrastructure. DCIM tools give administrators the ability to monitor power flows and redistribute loads on demand for more efficient power usage. Modern DCIM orchestration solutions also include automation capabilities for optimal power load balancing.

Software-defined networking (SDN) creates a virtual overlay network, dedicated to management and orchestration, that sits on top of the network architecture. This facilitates the use of sophisticated network automation workflows such as intelligent routing, which can automatically redirect traffic to alternative resources when the bandwidth load on your colocation infrastructure is too high. SDN can help you stay within bandwidth usage thresholds at your colocation data center(s), so you can use your services more cost-effectively.

Finally, all-in-one networking devices can help you reduce the number of boxes in your rack, so you use less square footage in the data center. For example, a device like the Nodegrid Serial Console Plus provides out-of-band management access, routing, switching, and network failover in a single box. Plus, it includes 96 managed serial ports in a single 1U rack-mount form factor, reducing the number of management devices required to control large-scale data center deployments.

Want more solutions on how ZPE can help?

Learn more about how Nodegrid can help you efficiently manage your data center colocation services!

Contact ZPE Systems

Zero Trust Network Access vs. VPN for Branch and Edge Networking

by Jordan Baker | Sep 7, 2022 | Improve Network Security, Minimize Impact of Disruptions, NetDevOps, Secure Access Service Edge (SASE), Security Service Edge (SSE), Serial Consoles, User Management, Zero Trust Security

When comparing zero trust network access vs. VPN, they both have benefits for security, speed, and scalability

Organizations are starting to recognize the benefits of edge computing, which moves data processing resources closer to the sources of data generation and away from the central data center. In addition, businesses are becoming more geographically dispersed, with branch offices, manufacturing facilities, and other remote sites around the world.

While larger remote sites are typically connected to the enterprise network via WAN or SD-WAN, this may not be feasible for smaller branches with fewer staff. Traditionally, VPNs (virtual private networks) are used to create a private connection for remote systems and users. However, a new technology called Zero Trust Network Access improves upon VPNs by providing faster and more secure remote connections.

What is a VPN?

A VPN, or virtual private network, is a service that creates an encrypted connection between a device and a network. In this particular use case, VPNs are used to extend the enterprise network to branch and edge locations. Often, organizations use VPNs as an alternative to installing expensive WAN solutions in very small remote sites. They’re also used to connect sites that are unreachable by traditional network infrastructure, such as offshore oil rigs.

Though VPN traffic is encrypted, there are still security risks. Many VPNs still use single-factor authentication, meaning all you need is a username and password to connect. If a remote user’s account information is stolen, a hacker could easily gain access because they don’t need to provide a second form of identity verification.

In addition, VPNs grant complete access to the enterprise network, trusting remote users and devices just like they were in the main office. That means a malicious actor could use a compromised account or stolen laptop to move laterally around your enterprise network, stealing whatever data they can find.

What is Zero Trust Network Access (ZTNA)?

Zero trust network access, or ZTNA, is another product or service that connects remote users and devices to enterprise network resources. However, instead of creating a tunnel to the enterprise network itself, ZTNA directly connects users to the applications and services they need. Users then need to re-verify their identity and re-establish trust before they access another application.

ZTNA follows the “dark cloud” concept, which prevents remote users from seeing or interacting with any of the data, systems, or applications they aren’t explicitly authenticated to. Microsegmentation is used to create perimeters around each resource with granular, context-based access control policies.

For example, if a branch office employee uses ZTNA to access the shipping system, they can’t see or touch the payroll application unless they authenticate to that specific resource. If the account is behaving suspiciously (logging in at unusual times, accessing resources it doesn’t typically need, etc.) then the account is locked until trust can be re-established. The dark cloud principle prevents malicious actors from discovering valuable resources and moving laterally on the enterprise network.

Comparing zero trust network access vs. VPN for branch and edge networking

Trust

Zero trust network access is more secure than VPNs because it follows the zero trust security model of “never trust, always verify.” Branch and edge accounts are assumed to be untrustworthy until they prove otherwise through repeated identity verification and trustworthy behavior. Remote accounts never have full access to the enterprise network and can only see and interact with the specific resources they’re presently authenticated to.

Authentication

While newer VPNs may allow integrations with third-party MFA (multi-factor authentication) providers like Okta, many organizations are still using single-factor authentication for VPN clients. That makes it much easier for a hacker to use a single set of stolen credentials to gain unrestricted access to the enterprise network. In addition, if a branch employee leaves their VPN session active and their laptop is stolen (for example, because it was in an unsecured building that’s open to the public), the thief can use that session to jump around the network without ever needing to re-verify or re-authenticate.

Performance

VPN connections are notoriously slow. All VPN traffic needs to be backhauled through a centralized concentrator, which creates massive bottlenecks and network latency. ZTNA, on the other hand, connects branch and edge devices directly to the resources they need. If that resource lives on the web or in the cloud, the traffic bypasses the enterprise network entirely, reducing the load and improving performance for everyone.

Scalability

Finally, VPNs are meant to be deployed to individual users on a case-by-case basis. Scaling up is difficult and expensive because you need to purchase licenses and install software for each machine that connects. Also, the more VPN connections, the greater the impact on network performance, and the more VPN concentrator solutions you’ll need to deploy to distribute the load. Gartner predicts that by 2025, 75% of enterprise-generated data will be processed at the edge, so individual VPN solutions won’t be able to keep up.

ZTNA is often delivered on the “as-a-service” model, which means it’s hosted in the cloud and doesn’t require any customer premises equipment (CPE). Licenses are scaled up or down at the click of a button, and there’s no software to install on remote machines. This makes ZTNA the ideal choice for enterprises hoping to expand their global reach or scale up their edge computing capabilities.

Deploying ZTNA for branch and edge networks

Zero trust network access is available as a standalone service, but you can also find it among the cloud-oriented security stack in a Security Service Edge (SSE) solution. SSE combines ZTNA with security technology such as Cloud Access Security Broker (CASB), Secure Web Gateway (SWG), and Firewall-as-a-Service (FWaaS). This suite of cloud security features delivers comprehensive protection for branch and edge networks while reducing the need for remote traffic to pass through the central data center.

Learn more about branch and edge networking:

Need more help on branch and edge networking?

Need more help comparing zero trust network access vs. VPN for branch and edge use cases?

Contact ZPE Systems

Solving Remote IT Infrastructure Management Challenges With Gen 3 Out-of-Band

by Jordan Baker | Sep 1, 2022 | DevOps, Monitoring & Reporting, NetDevOps, Network Automation, Out of Band Management, Power Management, Remote Network Management, SD-WAN, Secure Access Service Edge (SASE)

Enterprise IT management used to be much simpler. The entire network infrastructure would reside in the same location as the administrators who managed it, typically in closets and basement rooms in the HQ office building. Those days are long gone, however, and now most infrastructure is housed in off-site data centers, colocations, the cloud, or a combination of these. For most organizations, it isn’t feasible to maintain tech teams in each of these locations, which means administrators need to remotely manage their IT infrastructure.

Remote IT infrastructure management presents some interesting challenges. First, you need a way to remotely troubleshoot and recover from outages when the main WAN connection is unavailable. Second, you need to maintain optimal environmental conditions and monitor for issues that could damage data center equipment.

Solving remote IT infrastructure management challenges with Gen 3 out-of-band

Out-of-band (OOB) management uses a dedicated network to handle the orchestration and troubleshooting of remote infrastructure. This provides an alternative network path to this infrastructure in case the primary WAN link is down, and allows administrators to perform complex orchestration workflows without slowing down the production network.

Gen 3 OOB uses serial consoles to give administrators management access to many devices in the rack from one centralized portal. What makes an OOB serial console “Gen 3” is a combination of high-speed out-of-band access, complete vendor neutrality, and end-to-end automation and orchestration support. Let’s discuss how Gen 3 out-of-band can solve the three major remote IT infrastructure management challenges.

Remote troubleshooting and outage recovery

Downtime is expensive, which is why it’s important to recover from network outages as quickly as possible. However, many of the tools used to remotely manage IT infrastructure require a network connection. If a piece of networking hardware fails and takes down the LAN, or the ISP suffers a regional outage, administrators are left without access to troubleshoot and fix the problem. That leaves only two options: dispatching a truck roll or hiring on-site managed services. Option one is time-consuming and expensive, and option two is a security risk (and also expensive).

A Gen 3 OOB solution provides one or more alternative network paths to remote infrastructure. Often, it uses a cellular modem or secondary broadband network interface, which may also provide network failover capabilities. All network and infrastructure management occurs on this dedicated network, which provides two benefits:

Deployment, maintenance, and orchestration activities won’t take up bandwidth on the production network; and
Administrators can still access critical remote infrastructure during a production network outage.

Gen 3 OOB improves upon earlier technology which used slow dial-up interfaces, insecure hardware, and closed OS architectures. Gen 3 out-of-band includes security features like UEFI secure boot, geofencing, and an onboard firewall. The operating system is Linux-based to allow for easy integrations with any vendor solution, and vulnerabilities are patched quickly. This ensures that administrators have constant, high-speed, secure access to remote multi-vendor IT infrastructure.

Remote monitoring of environmental conditions

The environmental conditions in the data center have a major impact on the performance and functionality of critical infrastructure. Environmental threats like heat, moisture, power surges, smoke, and even physical tampering are major causes of data center downtime. When you don’t have actual eyes on the conditions in your rack, it can be difficult to detect environmental issues early on, when there’s still a chance to correct the issue and prevent downtime.

A Gen 3 OOB serial console includes GPIO interfaces for environmental monitoring sensors. These sensors are used to measure the temperature, relative humidity, air quality, and airflow in a rack, and in some cases can also detect smoke, proximity, and tampering. The monitoring sensors feed data back into a centralized environmental monitoring system which provides visualizations of present and historical conditions. It also sends automatic alerts to administrators when conditions require immediate attention. Plus, since this monitoring system is integrated with an OOB serial console, administrators can stay abreast of environmental conditions even when the production network goes down.

Remote IT infrastructure automation and orchestration

Automation allows IT teams to manage network infrastructures faster and more efficiently while reducing the risk of human error. However, one of the major hurdles to automation is vendor lock-in. Many infrastructure solutions don’t integrate with third-party automation tools and instead require you to use their own proprietary scripting languages and playbooks. Since many IT infrastructures are made up of a variety of vendor hardware and software solutions, administrators are forced to learn and manage multiple different automation platforms.

This difficulty only increases when those solutions are managed remotely. Administrators need to remotely jump from box to box and interface to interface just to execute basic automation workflows. It gets even more complicated when there are multiple remote sites to manage, as is the case in many large and globalized enterprises.

By definition, a Gen 3 out-of-band platform is vendor-neutral. That means it can dig its orchestration hooks into every hardware and software solution in your data center. It also supports integrations and direct hosting of third-party automation tools, so you can use the scripting languages and automation solutions of your choice. Finally, a Gen 3 solution centralizes the orchestration of all remote IT infrastructure automation workflows, so administrators can monitor and manage everything from behind one pane of glass.

Solving remote IT infrastructure management challenges with the Nodegrid Gen 3 out-of-band platform

The Nodegrid remote IT infrastructure management solution from ZPE Systems is the first Gen 3 out-of-band platform. Nodegrid delivers secure OOB, a robust environmental monitoring system, and end-to-end automation and orchestration in a single Gen 3 OOB serial console.

The Nodegrid Serial Console Plus (NSCP) provides OOB access and network failover via built-in 5G/4G LTE cellular and Wi-Fi modules, ensuring administrators have a dedicated high-speed connection to critical network infrastructure. Nodegrid hardware is protected by onboard security features like TPM 2.0, encrypted SSD, UEFI BIOS protection, secure boot, and geofencing, so you don’t have to worry about malicious actors compromising your management network. The open architecture, Linux-based Nodegrid OS is secured by frequent patches and supports third-party integrations or the direct hosting of third-party applications.

The Nodegrid environmental monitoring system includes sensors for dry contact, temperature, humidity, smoke, airflow, dust, and particulates so you have 24/7 visibility into the conditions in your rack. These sensors integrate seamlessly with the Nodegrid OS as well as the ZPE Cloud remote IT infrastructure management platform.

ZPE Cloud provides a centralized control panel from which to monitor and orchestrate your Gen 3 OOB network. ZPE Cloud’s vendor-neutral platform can “say yes” to any hardware, software, or automation solution you choose, so you can achieve end-to-end infrastructure automation without compromises.

Ready to learn more?

To learn more about how Nodegrid solves remote IT infrastructure management challenges through Gen 3 OOB, contact ZPE Systems

Data Center Orchestration with Gen 3 OOB for Digital Services Providers

by Jordan Baker | Aug 30, 2022 | Data Center Management, Data Center Resilience, Increase Productivity, NetDevOps, NetDevOps Transformation, Network Automation, Out of Band Management, Remote Network Management, Serial Consoles

Large digital service providers face some unique data center and network management challenges. Customers and shareholders expect 24/7, high-speed access to these services from anywhere in the world. The scale and complexity of their infrastructure, combined with their highly distributed, global network architectures, can make it difficult for administrators to meet those expectations. In this article, we’ll discuss how data center orchestration with Gen 3 out-of-band (OOB) management helps digital service providers achieve the reliability their customers demand while reducing expenses and complexity.

Use case: Data center orchestration with Gen 3 out-of-band for digital service providers

The businesses in this use case provide digital services at a very large scale. They need to ensure constant availability and reliability because that’s what their customers expect, and it’s what their competitors promise. Some examples of large digital service providers include:

★    Music or video streaming services
★    Stock trading applications
★    Online banking portals
★    Cloud compute services
★    SASE and SSE vendors
★    Internet service providers (ISPs) and telecom companies
★    Internet exchanges
★    Storage as a Service providers

These companies typically host their resources in private data centers or colocation facilities, so they have total control over the hardware and infrastructure. Because of the extremely large scale of their operations, they need to deploy, maintain, and administer many machines. And, since they typically provide global services, they have a large, complex, and highly-distributed network architecture.

There are several major pain points for network administrators in this environment. First, they need to maintain constant access to remote infrastructure, even during network outages. Second, they need the ability to scale up their infrastructure on-demand by quickly deploying new machines with the correct configurations. Finally, they need to be able to monitor, manage, and optimize their complex network architectures.

Let’s look at how these pain points are solved using data center orchestration with Gen 3 OOB.

1. Constant availability

People expect 100% uptime from their digital services, which is why it’s always major news when a big provider like Netflix goes down. To try and achieve constant availability, these vendors typically use their own hardware in private data centers and colocation facilities rather than relying on public cloud hosting. They host their infrastructure in many different facilities around the world, both for redundancy and to ensure peak performance for globally distributed customers.

Between hiring freezes and staff cuts at major companies like Apple, Google, and Netflix, many of these companies don’t have enough technical staff to maintain a physical presence in all of these data centers. Instead, their administrators and engineers access this infrastructure remotely, using tools like serial consoles, KVM switches, and jump boxes to connect to devices in the rack. However, if they lose network access to the management device due to an ISP outage, hardware failure, or configuration mistake, they’re left without a way to remotely recover. That means they need to either dispatch a technician from their home office or pay for costly on-site managed services from their hosting facility. Either way, valuable time and money are wasted on travel and other logistics.

Out-of-band management solves this problem by providing an alternative path to remote network infrastructure. Data center orchestration solutions with Gen 3 OOB use a secondary network connection (typically a cellular modem) that is dedicated to management and troubleshooting. That means administrators can configure, troubleshoot, and orchestrate remote infrastructure even when the primary network connection is offline or overloaded with production traffic. This gives digital service providers the ability to recover from outages and other issues much faster, bringing them closer to their goal of 24/7 availability.

2. Scalability

Large digital service providers need to serve millions of customers who may live all over the globe. They also need to meet sudden spikes in demand without limiting the performance of their product. That means they need to deploy lots of machines to many different facilities, often very quickly. Plus, they need to do so without configuration mistakes, as these could delay deployment, create security vulnerabilities, or even require a truck-roll to fix.

Since deployments need to happen quickly, accurately, and repeatedly, that makes them a prime candidate for automation. There are two primary technologies used to automate data center deployments: zero touch provisioning (ZTP) and Infrastructure as Code (IaC). A Gen 3 OOB data center orchestration tool enables both.

Zero touch provisioning gives administrators the ability to deploy device configurations to remote hardware over a network connection. Earlier generations of OOB data center solutions often included ZTP for devices within a specific vendor’s ecosystem, but Gen 3 tools are vendor-agnostic. That means administrators can remotely deploy an entire data center of mixed-vendor solutions without risking security breaches and the potential for opening a backdoor through pre-staging or on-site configuration. Plus, Gen 3 OOB provides a dedicated network to use in the provisioning process, so if there’s an issue with the configuration that takes the new device offline, administrators can still remotely recover.

IaC decouples a device’s configuration from the underlying hardware, turning it into software code that’s executed according to programmatic playbooks. Gen 3 OOB data center orchestration solutions support automation through IaC, either by integrating with third-party IaC platforms or by directly hosting playbooks. This allows administrators to apply DevOps best practices to infrastructure configurations, for example running automated tests to verify the quality and security of the code before deployment. IaC also reduces the time and complexity involved in configuring new devices, because scripts are easily reusable and can be deployed as many times as needed.

Through automation technologies like ZTP and IaC, Gen 3 OOB data center orchestration platforms allow digital service providers to scale their infrastructure quickly and efficiently. Automation also reduces the risk of human error, which reduces the chances that rapid scaling will cause service interruptions.

3. Network complexity

Large digital service providers have complex and distributed network architectures. They may have dozens or even hundreds of remote sites connected to the WAN, each of which may have different vendor hardware, bandwidth requirements, and security risks. Plus, there are many thousands of users accessing those resources from all over the world. In this kind of environment, manual network management is too time-consuming and prone to error.

Once again, automation is key to overcoming this challenge. Network automation is enabled in much the same way as infrastructure automation—by implementing software abstraction to decouple the management plane from the underlying hardware. This is known as software-defined networking (SDN) or, in the case of WAN architectures, software-defined wide area networking (SD-WAN). Digital service providers use SD-WAN to virtualize their distributed networks, employing software network controllers and APIs to route and load-balance traffic.

The right data center orchestration solution centralizes management of the entire SD-WAN architecture, giving administrators a single pane of glass from which to monitor and control the virtual network. Gen 3 OOB platforms are vendor-neutral, which means they can dig their hooks into all of the various hardware and software solutions that make up an SD-WAN infrastructure. They enable end-to-end automation of network management workflows and provide orchestration capabilities to automate the deployment and execution of those automated workflows. This makes it possible for digital service providers to manage their highly complex network architectures efficiently while maintaining optimal performance.

Gen 3 OOB data center orchestration with Nodegrid

The need for constant availability, easy scalability, and efficient network management is what brings many major digital service providers to ZPE Systems. The Nodegrid data center orchestration platform is the first Gen 3 out-of-band solution that enables end-to-end automation and complete vendor freedom.

The Nodegrid Serial Console Plus (NSCP) is a high-density serial console for large-scale and hyperscale data centers and includes features such as 5G/4G LTE cellular OOB and network failover to ensure 24/7 remote access. Built on the open, Linux-based Nodegrid OS, the NSCP supports integrations with your choice of third-party solutions, or you can directly host your automation, security, and SD-WAN applications on the device itself. Plus, the ZPE Cloud management software provides a centralized, web-based orchestration platform from which to deploy, monitor, and control your entire network architecture.

ZPE is here to help!

Still want to learn more about the Nodegrid Gen 3 data center orchestration platform for large digital service providers?

« Older Entries

Next Entries »

ZPE Solution Pathways

Discover Nodegrid