Home » Blog » Why Out-of-Band Remote Access is Critical for Branch Networking

Why Out-of-Band Remote Access is Critical for Branch Networking

Out of Band Management, Remote Network Management

Social,Network,Illustration

Branch locations—retail stores, shipping warehouses, and satellite offices—present a big network management challenge to the engineers supporting them. Traditional remote network management requires a WAN link to each branch, but what happens if that link goes down? Out-of-band remote access, also known as OOB, solves this problem by separating the network management plane from the data plane, and giving you a dedicated alternate connection to your remote infrastructure.

Why out-of-band remote access is critical for branch networking

To illustrate the importance of out-of-band remote access, let’s walk through a few branch networking scenarios that many IT professionals encounter during their careers.

Scenario 1: Your network and systems are suddenly offline

You’re an on-call network engineer working for a retail company headquartered in Seattle, WA. At 3 a.m., you receive a phone call from the Tampa, FL branch saying their network and all systems are entirely offline. Their store opens in a few hours. How do you determine and fix the root cause from the other side of the country?

Without OOB remote access, you’re left with a few options. You and the store manager could walk through some basic diagnostic troubleshooting over the phone. Still, unless they’re savvy with technology, you’re unlikely to progress very far with this method. You could pay for a local tech to work on it, but unless you already have a consultant on retainer, it could take hours or even days to schedule the service. As a last resort, you could fly across the country at a high cost to your company, both in terms of travel expenses and the hours of lost revenue while the branch is waiting for you to arrive and fix the problem. In conclusion, without remote OOB, any approach you take will be very costly and time-consuming.

Scenario 2: A virus is quickly spreading across your network

You’re a SOC (security operations center) engineer working in the home office of a national logistics company. You receive an alert that a warehouse computer across the country is infected with a Trojan virus, and it’s quickly spreading across the branch network. How do you isolate that branch network and remove the virus?

Taking the branch offline is crucial to prevent the virus from jumping to the enterprise network and spreading even further. However, once you lose WAN access, you’ll be unable to remove the virus or assess and mitigate the damage it caused. Your options in this scenario are even more limited due to the severity of the issue. You can’t walk someone through this process over the phone, and if you’re going to hire an outsider, it needs to be a trusted partner with security expertise. More likely, you’re looking at a truck roll, which again means travel time and expenses. To put it in a nutshell, all of these options mean more time for the virus to infect more of your network and compromise your business on a grander scale.

Scenario 3: You learn about a security vulnerability in your switch’s firmware

Your company has a satellite office in an isolated, rural location with only a skeleton crew of essential staff on-site, which is currently unavailable when the update needs to occur. You learn about a security vulnerability in their switch’s firmware, so you need to update the BIOS. How do you access the BIOS menu and power cycle the switch across a WAN connection?

Often, a switch must be managed from an HTTP or HTTPS session in a web browser. However, you need to power cycle the device and get into the menu before the switch fully boots up to access the BIOS menu. Plus, once the update is complete, the device will automatically power off, and then you’ll be unable to remotely turn it back on. It’s hard to justify the expense of a truck roll for such a simple procedure, but you also can’t leave the device exposed to potential threats. Without OOB, you’re more likely to delay critical updates and security patches, which increases the chances of a hacker finding and exploiting vulnerabilities to breach your enterprise network.

In each of these scenarios, you could save time, money, and trust with out-of-band remote access.

OOB lets you remotely diagnose, troubleshoot, and fix issues with your critical branch infrastructure through a dedicated cellular connection. You’ll have access even if your ISP has an outage, or if you need to temporarily sever the WAN link. You can also use OOB to manage powered down devices, simplifying BIOS updates and other essential maintenance. That’s why out-of-band remote access is critical to branch networking.

However, not all out-of-band solutions provide the same level of control, flexibility, and security. For instance, some OOB products only work within that vendor’s ecosystem, which means you can’t manage any of your other appliances or solutions, or you’re locked into their products and features.

You may also find branch network automation a challenge with your OOB solution—often, the appliances themselves have limited automation capabilities, and are challenging to integrate with third-party orchestration platforms. Plus, many OOB devices lack essential security features like single sign-on (SSO), multi factor authentication (MFA), and zero trust security, which could leave your branches exposed to potential threats and negatively impact your reputation and customer trust.

See how Nodegrid out-of-band remote access can simplify your branch network management

Nodegrid is a 3rd-gen out-of-band management solution, meaning you get reliable remote access to your branch networks without any of the limitations of a typical OOB product.

In the Nodegrid demo, you’ll see how the open, x86 Nodegrid OS makes it easy to integrate all of your Linux-based solutions for complete control and flexibility. We’ll also demonstrate how Nodegrid OOB delivers true end-to-end network automation and orchestration capabilities, with support for Ansible, Puppet, Chef, RESTful APIs, and more. Plus, all Nodegrid solutions are designed with security at the forefront, including zero trust security, SSO, MFA, and advanced authentication with unlimited fallback methods.

Learn more about out-of-band remote access for branch networking.

Visit our OOB learning center or request a free demo of the Nodegrid out-of-band solution.

Watch A Demo

ZPE Systems delivers innovative solutions to simplify infrastructure managment at the datacenter, branch, and edge. Learn how our Zero Pain Ecosystem can solve your biggest network orchestration pain points.  
Watch a Demo Contact Us