Serial console servers allow IT and network administrators to remotely access, monitor and manage equipment with console ports, such as routers, switches, servers, storage hardware, firewalls, power distribution units (PDUs) and uninterruptible power supplies (UPS).
The advantages of deploying serial console servers is to improve business continuity, allow for easier and faster IT maintenance and management and result in cost and time savings, which frees up IT staff to focus on other important tasks, such as creating new, innovative services.
From a central location, they can use serial console technology to troubleshoot, configure or reboot devices, regardless of where the equipment resides: in an on-site data center, in a nearby building or colocation facility or even in remote offices and facilities in other cities.
For example, IT staffers can remotely monitor the health of equipment as well as receive real-time notifications for abnormal situations. They can also gain visibility into network conditions, and if an outage or other service disruption occurs, they can connect to the equipment, properly diagnose the problem, and in many cases, remedy the situation remotely.
This paper will detail the five key applications of serial console servers, explain the benefits of each and share real-world use cases on how organizations of all sizes can take advantage of the technology.
Managing IT equipment gets more complex as enterprises grow larger and become more geographically disbursed. Serial console servers simplify and streamline IT maintenance and management by providing IT organizations with multiple ways to remotely access and administer their tech infrastructure. This flexibility is critical because it allows IT staff to choose the best connection path for any task or situation.
Serial-over-IP access provides the ability to connect to serial console ports over a LAN, WAN or Internet connection. With serial consoles servers, you can access and control devices using Command Line Interface (CLI) commands through Java-free, web-based clients, Secure Shell (SSH) clients and TELNET1.
1 - TELNET is not recommended because it does not support encryption. Web-based interfaces that are Java-free are more secure because Java has security risks.
For those who prefer to manage devices through graphical user interfaces (GUIs), IT organizations can deploy management software that allows them to centrally manage all their Serial console servers through a web-based GUI.
To maximize convenience and enable powerful scripting, users can access device console ports via:
In a disaster recovery situation, enterprises can’t rely solely on software-based network and systems management tools because these may not be available. This is where out-of-band access from Serial console servers can come to the rescue. Serial console servers work independently of operating systems and with multiple connectivity options to provide users with emergency access to network equipment and IT infrastructure with serial ports.
For example, in a small-scale outage limited to one building or a wiring closet or rack of servers, IT administrators can access the non-responsive or malfunctioning devices through their serial ports. Each serial device has system or kernel consoles that regularly send system status messages. So, IT staffers can connect to devices, get their status by viewing their system or kernel console messages, and immediately start troubleshooting and reconfiguring settings if they must.
Even if a technician must go on-site, the central IT organization can at least diagnose the problem and pinpoint the exact location of the issue. That way, the central IT department can send technicians with the correct expertise to perform repairs or swap out equipment.
A serial console server can monitor the performance of infrastructure equipment and send real-time alerts to IT staff if it detects critical events and failures, such as a server that is running out of memory or high temperatures detected in a rack. More specifically, Serial console servers can capture, store and monitor the full system logs from serial console ports.
On each port, users can define keywords such as “ERROR” or “ABORT” that indicates a failure or warning situation to trigger alerts and notifications from the serial console server over e-mail or via Simple Network Management Protocol (SNMP), giving the IT staff time to fix issues. In some cases, the alerts allow organizations to proactively resolve problems before devices fail.
Strong security, access rights management and authentication prevent unauthorized access to Serial console servers and connected serial devices.
Users are required to log into Serial console servers with usernames and passwords. IT leaders can customize access control and grant employees full or limited access to network and data center equipment, depending on their roles in the organization.
Serial Consoles also log user’s access, providing administrators with auditable activity logs of what time and what devices they’ve logged into. For example, if an employee logs into a Cisco switch and changes the configuration of that device, historical log messages show that this specific user made changes at this time and date.
Serial console servers support several protocols for logging: syslog, SNMP and Simple Mail Transfer Protocol (SMTP).
If an enterprise suffers a security incident, such as an unauthorized network intrusion, for example, the IT staff can analyze the logs to investigate the incident and see what happened.
Central IT organizations can also interface serial console servers with directory servers for authentication. Serial console servers support authentication and authorization using the LDAP, RADIUS and TACACS (Terminal Access Controller Access Control System) protocols. Integration with directory servers helps customers with a large number of IT users avoid creating separate logins and passwords for all the different serial devices. Users can simply authenticate through a directory server, which is a big convenience.
Serial console servers support 256-bit Advanced Encryption Standard (AES) encryption and two-factor authentication. Users can integrate a RADIUS server with RSA SecurID, for example, and use RSA tokens for two factor authentication (2FA).
Serial console servers also support TLS encryption for web browser security. For government, military and other users that have more stringent security requirements, Serial console servers also provide validated FIPS 140-2 cryptography for enhanced encryption.
While troubleshooting, IT technicians sometimes need to reboot servers or networking equipment to get them working again. A device may have crashed, or it could be hung and not responding. In those situations, IT staff can quickly use Serial console servers in conjunction with an intelligent PDU supporting outlet switching to remotely power cycle equipment.
This helps speed up recovery time and lowers costs because it can save IT staff from having to travel to remote sites.
To enable remote power management, enterprises can connect their Serial console servers to PDUs and set up associations between all the equipment ahead of time. That way, IT administrators can safely and securely power up and power down specific equipment with a press of a button. They don’t have to know which PDU is connected to which serial device on which outlet.
To review, Serial console servers are a critical piece of IT infrastructure and a smart investment for any enterprise IT shop because the technology allows for the secure, remote access and management of network and data center equipment.
Serial console servers provide five key features: flexible and reliable anytime, anywhere access to serial devices through CLI and GUI interfaces and through in-band access (network and Internet access) and out-of-band access through modems. The technology also provides real-time monitoring and alerts; comprehensive security through access control, authentication and encryption; and remote power management. The result is higher availability and improved uptime, simpler IT management and reduced IT costs.
Raritan began developing KVM switches for IT professionals to manage servers remotely in 1985. Today, as a brand of Legrand, we are a leading provider of intelligent rack PDUs. Our solutions increase the reliability and intelligence of data centers in 9 of the top 10 Fortune 500 technology companies. Learn more at Raritan.com