Providing Out-of-Band Connectivity to Mission-Critical IT Resources

Home » NetDevOps » Page 4

Opengear CM7100 Alternative Options

Opengear CM Alternative Options

The Opengear CM series console servers provide out-of-band (OOB) management of data center infrastructure so that network administrators can access and control remote equipment from one centralized interface. Like other OOB serial consoles, the CM series gives admins an alternative path to remote infrastructure that doesn’t rely on the production LAN, WAN, or ISP network.

The CM7100 series is EOL as of the 31st of March, 2023, with an end-of-sale date of the 30th of September 2023 – click here to see a full list of affected product SKUs.

Opengear’s recommended replacement is the CM8100. Like the 7100, this is a traditional console server solution, which means it has gaps in its OOB capabilities due to vendor lock-in, limited automation support, and a lack of hardware security.

In this blog, we’ll discuss Opengear’s replacement solution as well as Opengear alternatives that deliver greater availability, functionality, and security.

Disclaimer: This comparison was written by a 3rd party in collaboration with ZPE Systems using data gathered from publicly available data sheets and admin guides, as of 4/28/2023.

Please email us if you have corrections or edits, or want to review additional attributes: Matrix@zpesystems.com

Table of Contents

Opengear CM7100 overview

The Opengear CM7100 is a line of OOB console servers for data centers and large enterprise deployments. The CM7100 comes with 16, 32, 48, or 96 managed RJ45 serial ports and dual USB 2.0 managed console ports. OOB management and network failover are provided via dual LAN ports or dual LAN/SFP ports.

The CM7100 is primarily used in data center deployments to provide centralized remote control and OOB access. With the CM7100 now EOL, Opengear recommends migrating to the CM8100 series. Let’s take a look at the features, specifications, and limitations of the Opengear CM8100 before discussing some alternative options.

Looking for replacement options for other discontinued serial consoles and branch routers? Try:

 

Opengear replacement options: CM8100

The CM8100 is Opengear’s newest console server for large data center and enterprise deployments. The CM8100 comes with 16, 32, or 48 managed serial ports and 2 managed USB ports in a 1RU form factor, or up to 96 ports in 2RU. Like the other CM models, the 8100 does not come with cellular or WI-Fi options, so it provides OOB and failover on dual Ethernet/SFP interfaces.

All CM models use Opengear’s Smart OOBTM, which includes automatic port discovery and VLAN support. However, the CM series does not support cellular access for OOB or failover. Further automation capabilities include zero-touch provisioning (ZTP), Opengear NetOps modules, and support for Ruby, Perl, and Bash.

On the security side, the CM8100 offers IPSec & OpenVPN, Secure Shell (SSHv2), Trusted Platform Module 2.0 (TPM 2.0), and advanced authentication via TACACS+, Kerberos, RADIUS, and more. However, none of the CM models support SAML 2.0, which makes it difficult to implement Zero Trust principles on the OOB management network.

Opengear CM8100 Features & Tech Specs

Notable Serial Console Features

• SSH direct to consoles

• Keystroke logging

• Multiple concurrent sessions

• Automatic device name discovery

OOB Managed Interfaces

• 16, 32, 48 ports (1RU)

• 96 ports (2RU)

Hardware

• 1.6 GHz Dual-Core ARM Cortex-A9 SoC CPU

• Dual Ethernet for OOB/Failover

Automation

• Opengear NetOps modules

• API access

• Docker support

• Python

• Perl and bash support

• ZTP

• SNMP-Standard MIBs

Automation for End Devices

ZTP

Guest OS

• Docker support

Power Management

• Control PDU outlets via serial, USB, and Ethernet

• Supports 100+ power vendors’ equipment

Hardware Security

• TPM 2.0

• Embedded firewall

Form Factor

Fixed 1RU or 2RU

Opengear CM limitations

While the CM8100 offers some improvements over the CM7100, it still falls short of delivering Gen 3 OOB console server functionality in the following ways.

The Opengear CM solution suffers from:

OOB inflexibility

While the CM7100 and CM8100 both provide OOB management access and network failover, they’re only available via dual Ethernet/SFP interfaces. None of the CM-series console servers come with options for cellular, Wi-Fi, or dial-up modem access. That means something like a regional network outage or data center LAN issue could potentially cut off access to both the OOB and production network.

Vendor lock-in

The Linux-based OS is programmable and extensible, but Opengear’s Lighthouse management software is not truly vendor-neutral. That means your hardware and software integration capabilities will be limited to specific supported solutions. For enterprises with hybrid, distributed, and multi-vendor infrastructures, this limitation could leave gaps in management and orchestration coverage. 

Limited automation

The CM8100 offers more automation capabilities than the 7100, but there are still limitations. For example, Lighthouse is required for ZTP and other automation capabilities, but it only extends to certain supported end-devices, which means you’ll need to manually configure, provision, and deploy the rest of your infrastructure–or stay within Opengear’s ecosystem, which limits your vendor freedom.

Lack of security

Opengear added embedded TPM 2.0 security to the new CM8100 line to make the hardware more secure. However, the CM series does not include additional hardware security like geofencing, BIOS protection, or UEFI secure boot. This increases the risk that a stolen or compromised console server could be used to provide cybercriminals with unrestricted access to your OOB management network.

Both the Opengear CM7100 and CM8100 are 2nd generation serial console servers. That means they provide OOB management access as well as some automation functionality to simplify individual network management workflows. However, due to a lack of alternative OOB/failover interfaces, vendor lock-in, limited automation integrations, and minimal hardware security, the CM series falls short of the end-to-end automation and security required for a Gen 3 OOB solution.

CM7100 migration options from ZPE Systems

The Nodegrid solution from ZPE Systems is the world’s first Gen 3 OOB management platform. With a wide range of serial console servers and integrated branch services routers to choose from, three models in particular serve as direct replacements for the EOL Opengear CM7100: the Nodegrid Serial Console Plus (NSCP), the Nodegrid Serial Console S Series, and the Nodegrid Net Services Router (NSR).

Nodegrid Serial Console Plus (NSCP)

The high-density Nodegrid Serial Console Plus comes in 16, 32, 48, and 96 serial RJ45 port configurations as well as providing 2 USB 3.0 ports for a total of 98 managed devices on a single 1RU device. That makes the NSCP a direct replacement for 96-port CM7100 devices – to get the same number of ports on the CM8100, you’ll need a 2RU device that uses more rack space.

Nodegrid Serial Console S Series

The Nodegrid S series, which comes in 16, 32, or 48-port configurations, uses auto-sensing ports to provide seamless management of modern, legacy, and mixed-vendor infrastructure. The S Series serial console switch is the perfect legacy modernization solution because it allows you to extend automation to end devices that otherwise wouldn’t support it.

Nodegrid Net Services Router (NSR)

The Nodegrid Net Services Router is an all-in-one branch network solution that delivers out-of-band management, SD-WAN capabilities, and more in a single box. The NSR has a modular design so you can add extra terminal server capabilities, more storage or processing power, or extra GbE Ethernet ports to create a completely customized solution.

All Nodegrid boxes deliver OOB access and network failover via built-in 5G/4G LTE cellular and Wi-Fi, so you get 24/7 availability even during LAN and ISP outages. These devices run the open, Linux-based Nodegrid OS with full support for integrated NetDevOps automation solutions like Ansible, Chef, Docker, and Puppet. Nodegrid provides a separate control plane for OOB and automation, making it the ideal solution for a wide variety of business use cases, including

  • Extending automation to any environment or device
  • Enabling Zero Trust Network Access (ZTNA)
  • Increasing OOB & failover flexibility
  • Helping organizations become AI-ready

In addition, the vendor-neutral, web-based ZPE Cloud orchestration solution can dig its hooks into any Nodegrid-connected infrastructure, regardless of vendor, location, or private cloud provider. This gives you a single pane of glass from which to monitor and manage your on-premises, remote, and/or cloud-based infrastructure. Nodegrid’s vendor-agnostic platform enables true end-to-end automation and hyperautomation of enterprise networks.

Plus, Nodegrid includes robust hardware security features like BIOS protection, TPM 2.0, geofencing, and UEFI Secure Boot. The embedded, stateful firewall provides functionality such as multi-site IPSec VPN, advanced authentication, selectable cryptographic protocols and cyber suite levels, and Zero Trust 2FA and SAML 2.0.

 

Nodegrid NSCP

Nodegrid S Series

Nodegrid NSR

Notable Serial Console Features

• SSH direct to consoles

• Keystroke logging

• Logging to ZPE Cloud, NFS, Local

• Alert on cable disconnects

• Text pattern match with scriptable actions

• Multiple concurrent sessions

• Automatic device name discovery

• Session sharing for collaboration

• IP address per serial port

• Secure session logout enforcement

• Power control hotkey on serial port

• Configurable icon per serial port

• SSH direct to consoles

• Keystroke logging

• Logging to ZPE Cloud, NFS, Local

• Alert on cable disconnects

• Text pattern match with scriptable actions

• Multiple concurrent sessions

• Automatic device name discovery

• Session sharing for collaboration

• IP address per serial port

• Secure session logout enforcement

• Power control hotkey on serial port

• Configurable icon per serial port

• SSH direct to consoles

• Keystroke logging

• Logging to ZPE Cloud, NFS, Local

• Alert on cable disconnects

• Text pattern match with scriptable actions

• Multiple concurrent sessions

• Automatic device name discovery

• Session sharing for collaboration

• IP address per serial port

• Secure session logout enforcement

• Power control hotkey on serial port

• Configurable icon per serial port

OOB Managed Interfaces

• 16, 32, 48, 96 ports (1RU)

• 16, 32, 48 ports

• Up to 5 x 16-port RJ-45 Serial modules

Hardware

• Intel X86, 64-bit CPU optimized for running VMs and automation tools

• Dual-SIM 5G/4G/LTE, Wi-Fi, and V.02 modem for OOB/Failover

• Intel X86, 64-bit CPU optimized for running VMs and automation tools

• Dual-SIM 5G/4G/LTE, Wi-Fi, and V.02 modem for OOB/Failover

• Intel X86, 64-bit CPU optimized for running VMs and automation tools

• Dual-SIM 5G/4G/LTE, Wi-Fi, and V.02 modem for OOB/Failover

Automation

• ZPE Cloud

• Chef

• Docker

• Puppet

• Python

• Ruby

• ShellScript

• Node.js JavaScript

• Redhat Ansible

• KVM Hypervisor

• ZPE Cloud

• Chef

• Docker

• Puppet

• Python

• Ruby

• ShellScript

• Node.js JavaScript

• Redhat Ansible

• KVM Hypervisor

• ZPE Cloud

• Chef

• Docker

• Puppet

• Python

• Ruby

• ShellScript

• Node.js JavaScript

• Redhat Ansible

• KVM Hypervisor

Automation for End Devices

• ZPE Cloud

• Chef

• Docker

• Puppet

• Python

• Ruby

• ShellScript

• Node.js JavaScript

• Redhat Ansible

• KVM Hypervisor

• ZPE Cloud

• Chef

• Docker

• Puppet

• Python

• Ruby

• ShellScript

• Node.js JavaScript

• Redhat Ansible

• KVM Hypervisor

• ZPE Cloud

• Chef

• Docker

• Puppet

• Python

• Ruby

• ShellScript

• Node.js JavaScript

• Redhat Ansible

• KVM Hypervisor

Guest OS

• VMs, Docker, Kubernetes, LXC

• VMs, Docker, Kubernetes, LXC

• VMs, Docker, Kubernetes, LXC

Power Management

• Supports major power strips manufacturers

• Power management integrated with serial session (escape sequence in the serial session or power buttons in web serial session)

• Power control of VMs

• Access rights for users & user groups

• Supports major power strips manufacturers

• Power management integrated with serial session (escape sequence in the serial session or power buttons in web serial session)

• Power control of VMs

• Access rights for users & user groups

• Supports major power strips manufacturers

• Power management integrated with serial session (escape sequence in the serial session or power buttons in web serial session)

• Power control of VMs

• Access rights for users & user groups

Hardware Security

• TPM 2.0

• Encrypted solid-state disk

• UEFI BIOS with protection

• Secure Boot (signed OS

• Geofencing

• TPM 2.0

• Encrypted solid-state disk

• UEFI BIOS with protection

• Secure Boot (signed OS

• Geofencing

• TPM 2.0

• Encrypted solid-state disk

• UEFI BIOS with protection

• Secure Boot (signed OS

• Geofencing

Form Factor

Fixed 1RU

Fixed 1RU

Modular 1RU

The Nodegrid Gen 3 OOB solution is an Opengear alternative that delivers 24/7 availability, end-to-end automation, Zero Trust Security, and complete vendor freedom.

Watch a free Nodegrid demo to see a Gen 3 OOB serial console solution in action. Watch Now

Opengear CM7100 migration SKUs:

Opengear CM7100 EOL SKU

In Scope Features

ZPE Replacement Product

CM7116-2-SAC

CM7116-2-DAC

16 Serial ports, OOB management

Fixed Form Factor:

ZPE-NSCP-T16R-STND-SAC

ZPE-NSC-T16S-STND-SAC

ZPE-NSCP-T16R-STND-DAC

ZPE-NSC-T16S-STND-DAC

Modular Form Factor:

ZPE-NSR-816-DAC with 1 x 16 port serial module 1 x ZPE-NSR-16SRL-EXPN

CM7132-2-DAC

32 Serial ports, OOB management

Fixed Form Factor:

ZPE-NSCP-T32R-STND-DAC

ZPE-NSC-T32S-STND-DAC

Modular Form Factor:

ZPE-NSR-816-DAC with 2 x 16 port serial module 2 x ZPE-NSR-16SRL-EXPN

CM7148-2-SAC

CM7148-2-DAC

48 Serial ports, OOB management

Fixed Form Factor:

ZPE-NSCP-T48R-STND-SAC

ZPE-NSC-T48S-STND-SAC

ZPE-NSCP-T48R-STND-DAC

ZPE-NSC-T48S-STND-DAC

Modular Form Factor:

ZPE-NSR-816-DAC with 3 x 16 port serial module 3 x ZPE-NSR-16SRL-EXPN

CM7196A-2-DAC

96 Serial ports, OOB management

ZPE-NSCP-T96R-STND-DAC

Ready to replace your EOL Opengear CM7100 with a Gen 3 out-of-band serial console solution?

Call ZPE Systems today at 1-844-4ZPE-SYS for a special trade-in promotion. Contact US

Opengear Alternatives: Replacing the ACM7000 Resilience Gateway

OpenGearAlternatives
A gateway router is a crucial device for connecting remote IT deployments—such as retail stores, branch offices, or edge data centers—to the primary enterprise network. In this blog, we’ll review Opengear’s ACM line of gateway routers and explain their key features and limitations. In addition, we’ll discuss some Opengear alternatives that provide greater customization, control, and functionality.

The Opengear ACM7000 Resilience Gateway

The Opengear ACM7000 is a compact form-factor network gateway and console server for small remote and edge deployments. The ACM7000 integrates with Opengear’s Lighthouse software for centralized management and some automation capabilities. Out-of-band management is provided via the Smart OOBTM feature, with failover to an embedded 4G LTE cellular modem or an optional dial-up PSTN modem.

The Opengear ACM7000 combines gateway routing features with terminal server capabilities, enabling you to reduce the number of devices in your small remote deployments. The ACM7000 comes with 4-8 Cisco pinout serial ports and 4 USB 2.0 console ports, as well as 2 Digital I/O (DIO) ports and 2 High Voltage Digital Outputs (HVDO). Gateway router features include a stateful firewall, DHCP server, DDNS, and IP filtering.

The ACM7000’s auto-response feature allows you to write custom scripts that are triggered by specific events such as power failures, environmental sensor alarms, or network outages. These scripts can alert administrators to problems and in some cases remediate issues without human intervention.

Opengear ACM7000 key features

  • Smart OOBTM management
  • Centralized management through Opengear Lighthouse
  • Integrations with Nagios NSCA & NRPE
  • Link Layer Discovery Protocol (LLDP) automatic device discovery
  • Failover to embedded 4G LTE cellular modem
  • SSL and IPsec VPN
  • Stateful firewall with IP filtering and port forwarding
  • Automatic monitoring, detection, and recovery from equipment faults

Opengear ACM7000 limitations

The Opengear ACM7000 is what’s known as a 2nd generation, or Gen 2, OOB device. That means it provides reliable out-of-band management access and some automation capabilities for individual tasks and workflows. However, the ACM’s automation is limited to a handful of supported integrations, specific scripting languages, and Lighthouse playbooks.

Some additional automation functionality—such as end-device zero-touch provisioning (ZTP)—is only available through upgraded versions of Opengear’s Lighthouse management software. This makes it challenging to fully automate and orchestrate remote network infrastructure, which is crucial for NetDevOps transformation.

In addition, the ACM7000 only goes part of the way towards consolidating your remote network infrastructure. It combines gateway routing and OOB terminal server capabilities, with an option to add a 4-port Ethernet switch in the 7004-5 models. The Opengear ACM does not include built-in functionality for SD-WAN (software-defined wide area networking), though it has the ability to work with third-party SD-WAN architectures. It also doesn’t support hosting for applications, VMs, or containers, which means you’ll need additional hardware for things like edge computing and next-generation firewall (NGFW) software hosting.

To get full end-to-end automation of remote and edge network deployments while consolidating your tech stack and reducing operational complexity, you need a Gen 3 OOB gateway like the Nodegrid line of services routers from ZPE Systems.

Opengear alternatives: Nodegrid Services Routers

Nodegrid Services Routers, or SRs, are vendor-neutral, all-in-one branch networking solutions. Nodegrid delivers secure out-of-band management access via your choice of high-speed 5G/4G LTE cellular, Wi-Fi, and/or dial-up modem. Nodegrid hardware runs on the Linux-based, x86-64bit Nodegrid OS to ensure easy integrations with third-party software, including automation and orchestration tools like Puppet, Chef, Ansible, and RESTful APIs. Plus, the ZPE Cloud management platform provides centralized, web-based management of your multi-vendor environments.

Nodegrid’s vendor-agnostic platform enables true NetDevOps hyperautomation, which is the ability to fully automate every task and workflow without compromise. That means more efficient management of remote, edge, and branch locations.

Plus, Nodegrid SRs are complete branch-in-a-box solutions, rolling up all your remote network technology into one compact device. For example, the Nodegrid Hive SR is a multi-function box that delivers gateway routing, SD-WAN, Wi-Fi, secure OOB, end-device ZTP, and VM/container/VNF (virtual network functions) hosting for small edge and branch deployments. Another option for more customized and scalable functionality is the modular Nodegrid Net SR (or NSR), which allows you to extend your solution with expansion modules for additional serial, Ethernet, USB, PoE+, and SFP ports as well as storage and compute modules.

Nodegrid Services Routers key features

  • Strong out-of-band management integration
  • Extensible applications with virtualization and containers
  • Zero Touch Provisioning (ZTP) over the WAN for fast and easy remote setup
  • Centralized, vendor-neutral management through ZPE Cloud and Nodegrid Manager solutions
  • Modern, open-architecture x86-64bit Linux Kernel with fast security patching
  • Failover to 5G/4G/LTE and Wi-Fi
  • SSL VPN & Secure Tunnel
  • DHCP server with extra IP addresses for remote site, or replace current router altogether
  • Embedded firewall with IP packet and security filtering, IP forwarding support
  • Selectable encrypted cryptographic protocols & cyber suite levels
  • Power control and monitoring to get alerts on device health and solve problems automatically
  • Orchestration support via Puppet, Chef, Ansible, RESTful

Nodegrid SR models and use cases

  • Nodegrid Net SR (NSR): Scalable and customizable for any use case, including data center and large branch deployments
  • Nodegrid Bold SR: Versatile all-in-one networking and terminal server functionality at edge and branch locations
  • Nodegrid Gate SR: Up to 10 types of managed interfaces for enhanced flexibility in branch and edge deployments
  • Nodegrid Hive SR: Branch-in-a-box capabilities in a compact device for distributed branch and edge sites

Nodegrid SRs are an alternative to Opengear ACM7000 gateways for organizations that need vendor freedom, end-to-end remote network automation, and consolidated technology stacks. With the Nodegrid solution, you get a unified network automation and orchestration platform from which to deploy, monitor, and control your distributed network architecture.

Learn more about remote, branch, and edge networking:

→   How to Choose the Best Branch Office Connectivity Solution for Your Network
→   Why Out-of-Band Remote Access is Critical for Branch Networking
→   Simplifying Network Edge Orchestration With a Single Platform
→   How to Use a Cloud Managed Gateway Router to Optimize OT Automation

Still curious about Opengear alternatives?

To see Opengear alternatives in action, contact ZPE Systems to watch a Nodegrid demo.

Request a Demo Today

Opengear ACM7000 product SKUs

Product SKU Description
ACM7004-2-L 4 serial Cisco Straight pinout, ext power, dual 1 GbE Ethernet, Global 4G LTE-A Pro cellular, 2 DIO and 2 output ports
ACM7004-2-LMP 4 serial Cisco Straight pinout, ext power, dual 1 GbE Ethernet, 4G LTE-A Pro cellular, 2 DIO and 2 output ports
ACM7004-5-L 4 serial Cisco Straight pinout, ext power, 1 GbE Ethernet or fiber SFP, 4 port GbE switch, Global 4G LTE-A Pro cellular, dual SIM, 2 DIO and 2 output ports, global power adapter
ACM7004-5-LMP 4 serial Cisco Straight pinout, ext power, 1 GbE Ethernet or fiber SFP, 4 port GbE switch, 4G LTE-A Pro cellular, dual SIM, 2 DIO and 2 output ports, global power adapter
ACM7008-2-L 8 serial Cisco Straight pinout, ext power, dual 1 GbE Ethernet, Global 4G LTE-A Pro cellular, 2 DIO and 2 output ports, global power adapter
ACM7008-2-LMP 8 serial Cisco Straight pinout, ext power, dual 1 GbE Ethernet, 4G LTE cellular, dual SIM, 2 DIO and 2 output ports, global power adapter
ACM7004-2 4 serial Cisco Straight pinout, ext power, dual 1 GbE Ethernet, 4 USB console ports, 2 DIO and 2 output ports, global power adapter
ACM7004-2-M 4 serial Cisco Straight pinout, ext power, dual 1 GbE Ethernet, 4 USB console ports, PSTN modem, 2 DIO and 2 output ports
ACM7004-5 4 serial Cisco Straight pinout, ext power, 1 GbE Ethernet or fiber SFP, 4 port GbE switch, 2 DIO and 2 output ports, global power adapter
ACM7008-2 8 serial Cisco Straight pinout, ext power, dual 1 GbE Ethernet, 4 USB console ports, 2 DIO and 2 output ports, global power adapter
ACM7008-2M 8 serial Cisco Straight pinout, ext power, dual 1 GbE Ethernet or fiber SFP, 4 USB console ports, PSTN modem, 2 DIO and 2 output ports, global power adapter

 

Nodegrid Net Services Router (NSR) product SKUs

Product SKU Description
NSR-TOP1-DAC 1 RS-232 serial, 1 USB 3.0 console port, 2 USB 2.0 console ports, dual 1GbE Ethernet, dual SFP+ Ethernet, 1 HDMI port, on-board switch, 5 slots, dual AC power
NSR-BASE-DAC 1 RS-232 serial, 1 USB 3.0 console port, 2 USB 2.0 console ports, dual 1GbE Ethernet, dual SFP+ Ethernet, 1 HDMI port, on-board switch, 5 slots, dual AC power
NSR-LITE-DAC 1 RS-232 serial, 1 USB 3.0 console port, 2 USB 2.0 console ports, dual 1GbE Ethernet, dual SFP+ Ethernet, 1 HDMI port, 5 slots, dual AC power
NSR-TOP1-SAC 1 RS-232 serial, 1 USB 3.0 console port, 2 USB 2.0 console ports, dual 1GbE Ethernet, dual SFP+ Ethernet, 1 HDMI port, on-board switch, 5 slots, single AC power
NSR-TOP1-SAC-POE 1 RS-232 serial, 1 USB 3.0 console port, 2 USB 2.0 console ports, dual 1GbE Ethernet, dual SFP+ Ethernet, 1 HDMI port, on-board switch, 5 slots, single AC and PoE power
NSR-BASE-SAC-POE 1 RS-232 serial, 1 USB 3.0 console port, 2 USB 2.0 console ports, dual 1GbE Ethernet, dual SFP+ Ethernet, 1 HDMI port, on-board switch, 5 slots, single AC and PoE power
NSR-16ETH-EXPN NSR 16 port 1GbE Ethernet expansion card
NSR-8ETH-POE-EXPN NSR 8 port 1GbE Ethernet with PoE+ expansion card
NSR-16SRL-EXPN NSR 16 port RJ45 Serial Rolled expansion card
NSR-16USB-EXPN NSR 16 port USB Type A expansion card
NSR-8SFP-EXPN NSR 8 port 1GbE SFP expansion card
NSR-16SFP-EXPN NSR 16 port 1GbE SFP expansion card
NSR-DISK-EXPN NSR Storage expansion card
NSR-COMP-EXPN NSR Compute 4-core, 8GB DDR4, 32GB SATA expansion card
NSR-M2-EXPN NSR M.2 / SATA expansion card
NSR-COVER Accessory: NSR Cover Plate
M2-WIFI Accessory: M.2 Wi-Fi
M2-CELL Accessory: M.2 Cellular – Dual SIM
M2-S064 Accessory: M.2 SATA 64GB
M2-S128 Accessory: M.2 SATA 128GB

 

Nodegrid Gate SR product SKUs

Product SKU Description
GSR-T8-BASE 8 RJ45 serial rolled, 1 GbE Ethernet, 2 SFP+, 4 GbE Ethernet with built-in switch, 4 PoE+ GbE Ethernet with built-in switch, 2 GPIO ports, 1 digital out port, 1 relay port, 2 USB 3.0 Type A, 2 USB 2.0 Type A, 1 HDMI port, 32GB iSLC SATADOM
GSR-T8-UPG1 8 RJ45 serial rolled, 1 GbE Ethernet, 2 SFP+, 4 GbE Ethernet with built-in switch, 4 PoE+ GbE Ethernet with built-in switch, 2 GPIO ports, 1 digital out port, 1 relay port, 2 USB 3.0 Type A, 2 USB 2.0 Type A, 1 HDMI port, 128GB iSLC SATADOM
GSR-PSU Accessory: 54VDC external 100-240 VAC, 50/60 Hz power adapter
PCI-WIFI-B Accessory: Mini PCI Wi-Fi
M2-CELL-C Accessory: M.2 Cellular 4G/LTE with dual-SIM
GSR-SATA Accessory: SATA Storage Expansion Kit (HDD/SDD not included)

 

Nodegrid Hive SR product SKUs

Product SKU Description
HSR-N8-BASE 1 RS-232 serial, 1 mini-USB console port, ext power, dual 1GbE Ethernet or SFP/vDSL, dual 10 Gbps cages for PON or SFP+, 4 10/100/1000/2.5 Gbps RJ45 with VLAN support, +12 VDC PSU w/regional AC cord options
CST-GEN-HSR-S 1 RS-232 serial, 1 mini-USB console port, ext power, dual 1GbE Ethernet or SFP/vDSL, dual 10 Gbps cages for PON or SFP+, 4 10/100/1000/2.5 Gbps RJ45 with VLAN support, +12 VDC PSU w/regional AC cord options, M.2 NVMe 128 GB SSD
CST-GEN-HSR-SW4G 1 RS-232 serial, 1 mini-USB console port, ext power, dual 1GbE Ethernet or SFP/vDSL, dual 10 Gbps cages for PON or SFP+, 4 10/100/1000/2.5 Gbps RJ45 with VLAN support, +12 VDC PSU w/regional AC cord options, M.2 NVMe 128 GB SSD, M.2 802.11ax Wi-Fi 6 dual-band, M.2 dual-SIM 4G LTE cellular
CST-GEN-HSR-4G 1 RS-232 serial, 1 mini-USB console port, ext power, dual 1GbE Ethernet or SFP/vDSL, dual 10 Gbps cages for PON or SFP+, 4 10/100/1000/2.5 Gbps RJ45 with VLAN support, +12 VDC PSU w/regional AC cord options, M.2 dual-SIM 4G LTE cellular
CST-GEN-HSR-5G 1 RS-232 serial, 1 mini-USB console port, ext power, dual 1GbE Ethernet or SFP/vDSL, dual 10 Gbps cages for PON or SFP+, 4 10/100/1000/2.5 Gbps RJ45 with VLAN support, +12 VDC PSU w/regional AC cord options, M.2 5G cellular
HSR-PSU Accessory: 12VDC external 100-240 VAC, 50/60 Hz power adapter
HSR-WMNT Accessory: HSR wall mounting kit

 

Nodegrid Link SR product SKUs

Product SKU Description
LSR-T1-Base 1 RJ45 serial rolled, 1 GbE SFP, 1 GbE Ethernet with PoE in, 2 GPIO ports, 2 digital out ports, 2 USB 2.0 Type A, 1 VGA port, 16GB SATADOM
LSR-T1-UPG1 1 RJ45 serial rolled, 1 GbE SFP, 1 GbE Ethernet with PoE in, 2 GPIO ports, 2 digital out ports, 2 USB 2.0 Type A, 1 VGA port, 128GB SATADOM
LSR-PSU Accessory: 12VDC external 100-240 VAC, 50/60 Hz power adapter
PCI-WIFI-B Accessory: Mini PCI Wi-Fi
M2-CELL-B Accessory: M.2 Cellular 4G/LTE with dual-SIM
LSR-SATA SATA Storage Expansion Kit (HDD/SDD not included)

 

What is a Serial Console’s Role in Modern Enterprise Networks?

what is a serial console

Serial consoles have been used to manage business networks since the 80s, but things have changed significantly since then. What is a serial console’s role in modern enterprise networks? In this blog, we discuss the history and evolution of serial consoles as well as the exciting functionality provided by the latest generation.

What is a serial console?

A serial console—a console server, terminal server, serial console router, or serial console switch—is a networking device used to manage other devices. It connects to servers, switches, routers, and other equipment using the serial port (hence the name). Network administrators can then use the serial console to access all connected devices in the data center, server room, or network closet in which it’s installed.

Serial consoles allow admins to manage critical infrastructure without needing to log in to each separate device individually. A serial console also provides out-of-band (OOB) management, creating a completely separate network that’s dedicated to infrastructure management and troubleshooting. OOB management allows you to remotely troubleshoot, monitor, and administer your infrastructure, and more.

How serial consoles have evolved over time

A basic serial console—also called a Generation 1 serial console—provides consolidated remote access to critical infrastructure. It uses a secondary network connection (such as a dial-up modem or cellular SIM card) so admins can control and troubleshoot equipment without relying on the main production network. Using a Gen 1 serial console, admins can access each connected device’s CLI (command line interface).

Gen 1 serial consoles are relatively limited in control, security, and automation. For example, many Gen 1 serial consoles can only manage devices from the same vendor (or a small pool of supported manufacturers). A Gen 1 serial console also lacks in-depth security features like hardware encryption, and generally can’t integrate with third-party Zero Trust Security policies and controls. Plus, most Gen 1s completely lack automation capabilities, or limit you to basic CLI scripts for single tasks.

Gen 2 serial consoles

Frustration over these limitations led to significant advancements in the second generation of serial consoles, or Gen 2. With Gen 2 serial consoles, admins get more control, added security features, and expanded automation capabilities.

For instance, most Gen 2 consoles offer management functionality for third-party devices. These serial consoles also have some built-in security features like Trusted Platform Module (TPM) and frequently support advanced authentication methods like AD/LDAP, Kerberos, and RADIUS. Gen 2 serial consoles also allow for greater automation using Python scripts, APIs, and zero touch provisioning (ZTP).

While Gen 2 serial consoles offer more multi-vendor support than their extremely limited predecessors, they still fall short of true vendor neutrality. For instance, managing third-party and legacy devices often requires expensive adapters or complicated configuration tweaks. Many Gen 2 serial consoles also lack support for Zero Trust integrations such as SAML 2.0 (e.g., Okta, Ping, DUO), making it impossible to completely secure your out-of-band network.

Finally, while Gen 2 serial consoles introduce more automation capabilities, their closed architectures make it impossible to implement end-to-end NetDevOps automation. For example, you might only be able to use one specific scripting language or an approved set of playbooks. It’s also common for Gen 2 serial consoles to only support ZTP of connected devices from the same vendor, so you’re either limited in your automated provisioning capabilities or your choice of infrastructure solutions.

Gen 1 serial consoles provide remote, out-of-band management of multiple devices using CLI commands and scripts over a serial connection. Gen 2 evolved to incorporate more devices, more security features, and more automation capabilities. However, the serial console needed to develop even further to handle the needs of a modern enterprise network.

What is a serial console’s role in modern enterprise networks?

Today’s enterprise network is larger, more complex, and more distributed than Gen 1 serial console developers could have possibly imagined. Network administrators and engineers need to monitor, manage, and troubleshoot infrastructure devices from many different vendors in many different locations. Networks are also constantly threatened by cybercriminals using sophisticated hacking techniques and state-of-the-art malware. Plus, modern businesses must ensure near-constant availability and optimal network performance to stay competitive. Gen 1 and Gen 2 serial consoles simply can’t deliver the control, security, and resilience required by enterprise networks today.

The new Gen 3 serial console addresses older generations’ limitations through true vendor neutrality, multi-layered zero trust security, and end-to-end automation capabilities.

Total infrastructure control

Gen 3’s complete vendor neutrality makes it possible to extend your automation capabilities—including zero touch provisioning—to every physical and virtual asset in your environment, regardless of manufacturer. Gen 3 serial consoles also give network administrators a virtual presence in remote network locations (like data centers and branch offices) through which they can monitor environmental conditions in the rack, power-cycle and enter the BIOS menu of devices, manage power load distribution, and more.

This control is delivered via high-speed OOB (such as a 5G/4G cellular SIM card), giving you 24/7 remote access to critical enterprise infrastructure, even during an ISP outage. Plus, Gen 3 serial consoles use centralized cloud management, which means engineers can manage and troubleshoot remote infrastructure from anywhere, anytime.

A Gen 3 serial console is based on an open architecture, x86 OS, that supports integrations with your choice of infrastructure solutions, cloud services, and automation toolkits. It also includes flexible port configurations and legacy pinouts to control a variety of devices, such as PDUs, IPMI devices, and environmental monitoring sensors.

Comprehensive security

On a hardware level, Gen 3 serial consoles use features like encrypted disks, UEFI secure boot, and TPM 2.0 to ensure unauthorized users can’t access management functionality. Additionally, the OS is frequently updated and patched against new security vulnerabilities before they can be exploited. The Gen 3 serial console also automatically checks the integrity of all newly integrated hardware and software to ensure there are no backdoor vulnerabilities.

A Gen 3 serial console’s vendor-neutral platform supports easy integrations with a variety of zero trust security controls. For instance, you can manage user access to a Gen 3 serial console through third-party Identity and Access Management (IAM) solutions, allowing you to follow zero trust best practices like 2FA, SSO, and dynamic trust verification. A Gen 3 serial console can also integrate with on-premises and cloud-based network security solutions such as next-generation firewalls (NGFW), Secure Access Service Edge (SASE), and Security Service Edge (SSE).

A Gen 3 console includes robust onboard security features, which reduces the risk of an attacker using a stolen serial console to access your management network (and ultimately, your production systems and data). Its open architecture also enables integration with zero trust security controls and providers.

End-to-end automation

The open architecture of a Gen 3 serial console makes it possible to integrate with your choice of infrastructure automation and orchestration tools, or directly host VMs and Docker containers so you can run your own tools. With a Gen 3 serial console, you can use solutions like Ansible, Chef, Puppet, or Kubernetes to automate deployments. You can also use any API you want to automate any workload you need to, no matter how complex.

Gen 3’s advanced automation capabilities enable full pipeline automation so you can achieve NetDevOps transformation. Gen 3 serial consoles also facilitate immutable infrastructure, allowing faster and more agile deployments, updates, and replacements of critical network resources.

With a Gen 3 serial console, you can create a fully-automated network environment. This allows engineers to work more efficiently and reduces the risk of human error causing an outage or security breach.

Nodegrid Serial Console Plus (NSCP)

A Gen 3 serial console, like the Nodegrid Serial Console Plus (NSCP), gives you complete remote control over every component of your network infrastructure, regardless of location or manufacturer. Nodegrid also secures your OOB management network using zero trust security best practices and comprehensive onboard features. Finally, the Gen 3 NSCP allows you to automate whatever tools you want to use, so you can efficiently manage a complex enterprise network without sacrificing speed, security, or control.

 

Learn more about Gen 3 serial consoles:

→   Comparing the Best Console Servers for Data Centers in 2022
→   What Makes a Gen 3 Serial Console?
→   Why You Need a Next-Gen OOB Console Server

What is a serial console’s role in modern enterprise networks?

Schedule a demo of the Gen 3 Nodegrid Serial Console Plus to see for yourself!

Demo

How to Use a Cloud Managed Gateway Router to Optimize OT Automation

cloud managed gateway router

The right cloud managed gateway router simplifies edge network management and unlocks remote access to operational technology (OT). In this blog, we’ll explain what OT automation is, how to manage it with a gateway router, and what to look for in an ideal solution.

What is operational technology (OT)?

Operational technology, or OT, controls equipment interacting with the physical world. The term is used to differentiate these systems and devices from information technology (IT), focused on non-physical data computing.

OT manages the physical equipment used for industrial manufacturing, water and energy utilities, medical procedures, building management, and other physical processes.

Some examples of operational technology include:

  • Programmable logic controller (PLC) – Controls assembly lines, industrial machines, robotic devices, and other manufacturing processes.
  • Supervisory control and data acquisition (SCADA) – A control system for high-level supervision of industrial machines and processes, including PLCs.
  • Building management system (BMS) and Building automation system (BAS) – manage a building’s mechanical and electrical equipment such as lighting and HVAC.

OT facilitates industrial automation, by reducing manual intervention required to control and optimize physical technology. OT automation systems are traditionally isolated from IT networks, running on specialized industrial computers. However, modern OT systems are converging with IT to allow operators to manage them via network-connected PC or even from a cloud platform.

Using a cloud managed gateway router to optimize OT automation

Frequently, OT devices operate outside your main headquarters, in remote facilities such as factories, warehouses, data centers, and branch offices. In the past, that meant you needed operational technology installed at each location, with operators on-site to monitor OT automation computers. However, IT/OT convergence enables you to connect operational technology to edge network gateway routers, facilitating remote control via specialized software or a cloud-based application.

Gateway routers connect remote facilities to WAN or SD-WAN architectures, providing seamless and secure access to enterprise network resources. They also provide administrators with access to monitor and manage edge network routing and security. Some gateway routers also function as serial console routers, which means they can be used to directly manage the devices connected to them—including operational technology. A cloud managed gateway router with serial console capabilities gives administrators the ability to control remote networking and OT systems anywhere.

One of the issues with remote OT automation is that it may consist of several different systems and applications. For example, a managed service provider (MSP) may need to control HVAC, power distribution, security systems, and other infrastructure for many different clients using a variety of OT computers. They may even have some old analog gauges in place which they monitor with a cheap IoT camera.

Each of these disparate OT systems has its own application or cloud portal that operators must learn, configure, and manage, which is inefficient and creates risk of human error. A vendor-neutral cloud managed gateway router can solve this problem by bringing all your OT applications together under one unified platform.

What to look for in a cloud managed gateway router

Not all cloud managed gateway routers are optimized for OT automation. Let’s examine what an ideal solution looks like.

 Hardware

The gateway router itself should use high quality hardware, and it should integrate with high quality operational technology hardware as well. You should secure the router hardware with features like cryptographic modules and geofencing to prevent tampering if the devices are stolen or intercepted in transit. A vendor neutral gateway router also needs to support various hardware connections such as RS-232, RJ-45, USB, and IPMI so you can ensure compatibility with your various OT systems, including analog and IoT solutions.

 Operating System

The OS that runs on the cloud managed gateway router should be hardened and frequently patched to prevent hackers from exploiting vulnerabilities. The provider will update an ideal solution, so you don’t have to constantly stay abreast of all new security vulnerabilities or keep on top of the vendor’s patch schedule. A vendor neutral gateway router should run on an open, Linux-based OS to allow easy integrations with OT software.

 Zero touch provisioning

Zero touch provisioning (ZTP) allows you to automatically deploy device configurations over a network connection. A cloud managed gateway router should have ZTP capabilities both for itself and for other connected devices. This eliminates the need for pre-staging so that you won’t risk a configured device falling into the wrong hands during shipping. It also reduces the need for engineers to travel on-site to install and configure new devices, saving time and money.

 Connectivity

The gateway router’s primary job is to provide remote systems and users with a reliable connection to the enterprise network, ideally using SD-WAN technology. It should also provide a dedicated out-of-band (OOB) management connection, so administrators have reliable access to control and troubleshoot the remote network. An ideal solution includes high-speed failover via 4G/5G to ensure seamless connectivity for both administrators and end-users.

OOB provisioning and management

Provisioning and changing device configurations over the production network is risky. There’s always the chance that a configuration mistake could take the whole network offline. That’s another reason why a cloud managed gateway router should provide an OOB network connection, so you can deploy and modify device configurations without affecting the production network.

 Orchestration

A cloud managed gateway router should provide orchestration so you can coordinate automated tasks and workflows across all your OT systems. This brings all OT applications together behind one pane of glass, facilitating efficient management and powerful optimization. End-to-end OT automation at the edge is only possible with a truly vendor-neutral gateway router that supports integrations with your choice of OT solutions, automation tools, and scripting languages.

A cloud managed gateway router with these features will empower efficient OT automation at the edge.

Why choose the Nodegrid cloud managed gateway router solution?

The Nodegrid line of cloud managed gateway routers delivers powerful edge network management optimized for operational technology automation. Features like secure zero touch provisioning and gen 3 OOB management support efficient and low-risk operational technology deployments while ensuring constant availability. Nodegrid’s vendor-neutral hardware, operating system, and cloud-based management platform can integrate all your OT solutions for true end-to-end orchestration.

Learn more about edge network orchestration:

→  Simplifying Network Edge Orchestration with a Single Platform
→  Edge Computing Trends to Expect in the Post-Covid World
→  Out-of-Band Is a Lifesaver for Critical Edge Networking. Here’s Why…

Learn more about the Nodegrid cloud managed gateway router.

Call 1-844-4ZPE-SYS or  Contact us online!

Contact Us

The Benefits of Vendor Agnostic Platforms in Network Management

vendor agnostic platform

There are two basic approaches to choosing a network management platform: you can stick with a single vendor’s ecosystem of supported products, or go with a vendor agnostic platform. In this post, we’ll explain what a vendor agnostic platform is and how this approach can benefit your organization.

What is a vendor agnostic platform?

A vendor agnostic platform supports integrations with all (or most) viable and established networking solutions. That means both the technology needs to work well with other systems, and the vendor needs to provide adequate documentation and support for those third-party integrations.

Vendor agnostic vs. vendor neutral

These terms are synonymous, and any perceived differences are generally just marketing. Some companies may use the term vendor neutral to imply that a platform is typically open to integrations, without specific support from particular vendor solutions. By comparison, they would say vendor agnostic platforms provide specific integrations and the support infrastructure needed to work with leading third-party solutions.

In fact, these terms are used interchangeably, and these distinctions aren’t applied consistently across the industry. A platform described as vendor neutral almost always provides the same level of integration support as a vendor agnostic platform, so you shouldn’t let marketing fluff influence your purchasing decision.

The benefits of vendor agnostic platforms in network management

Taking a vendor agnostic approach to network management provides numerous benefits, such as:

 Lower costs

Without a vendor agnostic platform, you’re stuck with a single vendor’s ecosystem of products. That means you’re limited to choosing among the hardware and software offered by that vendor, regardless of the price. Often, this approach results in spending too much money on solutions that offer more functionality than you really need. On the other hand, you could find yourself choosing a product that doesn’t quite fit your needs just because it’s all that’s available within your budget.

A vendor agnostic platform gives you a wider variety of options for building out your network infrastructure. You can shop around for solutions that provide all the functionality you need at a price you can afford, knowing that they will all still integrate with your network management platform. With a vendor agnostic platform, you’re much less likely to pay for features you don’t need, helping you reduce operational costs.

 Specificity of features

On a related note, another issue with a single-ecosystem approach is that you’re limited to the functionality offered by that vendor’s network management platform. You may have multiple tiers of features that you can unlock for an additional cost. Still, there’s often no way to customize your solution with the exact functionality you want or need. That means you either pay extra for a whole suite of additional features—some of which you don’t need or want—or save money by compromising on functionality. Plus, if your requirements change later on, you’ll have fewer options to alter, scale, or manage.

The vendor agnostic approach, by comparison, leaves you with many more options for customization. You can shop around for a platform with all the needed functionality built-in, or look for third-party integrations to add that functionality to your existing solution. That also means you can scale and modify the platform at will or as your business grows and requirements change. A vendor agnostic platform allows you to build a completely customized solution with the specific features needed to manage your network optimally.

 Automation and orchestration

As enterprise networks grow more extensive, complex, and highly distributed, managing these networks with entirely manual processes is less viable. Many closed vendor ecosystems provide some built-in automation functionality, but they typically don’t allow integrations with third-party automation scripting languages and solutions. Plus, the more automation you employ, the more you need centralized orchestration to manage and deploy that automation. A single-vendor orchestration platform may work for solutions within its ecosystem but will struggle to get its hooks into any legacy devices or third-party systems.

A vendor agnostic platform doesn’t suffer from these limitations. By their very nature, they support integrations with leading automation tools, so you can use the scripting languages you’re most comfortable with and the third-party solutions that work best for your use case. And with vendor agnostic orchestration, you can ensure that you have total coverage even across legacy and hybrid infrastructure. A vendor agnostic platform empowers you to automate and orchestrate your network with the best tools for the job.

  NetDevOps

NetDevOps is a methodology that combines Networking, Development, and IT Operations into a unified and collaborative team working towards common goals. Successful NetDevOps transformation requires abstracting your network and infrastructure management as software code decoupled from the underlying hardware.

This software abstraction makes it easier to use automation to deploy, update, and manage configurations, which means developers get the resources they need to deliver code faster. You can also use automation to manage, optimize, and troubleshoot the network through software-defined networking (SDN) and software-defined wide area networking (SD-WAN). This ensures optimal performance and high availability for applications and end-users.

A vendor agnostic platform is crucial to full NetDevOps transformation because the goal is to merge networking, development, and operations under one umbrella. That means you need a management platform that can extend its reach across all your networking appliances, virtual or physical servers, and development tools and resources. This gives organizations a complete picture of their entire NetDevOps environment and facilitates the creation of a fully integrated software development pipeline.

Vendor agnostic network management and orchestration with Nodegrid

Vendor agnostic platforms can help you lower costs, get the specific features you need, automate and orchestrate your network, and achieve NetDevOps transformation. For example, the Nodegrid platform from ZPE Systems can “say yes” to every vendor device and solution on your enterprise network. Nodegrid works with your choice of third-party systems, automation tools, scripting languages, and NetDevOps solutions so you can manage and orchestrate your complex infrastructure from behind one pane of glass.

Learn more about the benefits of vendor agnostic network orchestration:

→   Orchestrating Hybrid Network Environments: Challenges, Solutions, and Best Practices
→   Why Choose Nodegrid as Your Data Center Orchestration Tool
→   Hyperautomation vs Automation: How Are They Different?

See a demo of the Nodegrid vendor agnostic platform at work.

Call 1-844-4ZPE-SYS. Contact us!

Contact Us