Don’t Rely on Your Network to Manage the Network

Enterprise IT organizations, following the lead of hyperscale service providers, are adopting virtualization and automation technologies in order to scale infrastructure effectively. But no matter how much you automate and virtualize your systems, you rely on the physical network infrastructure that underpins it all to remain resilient. While the DevOps philosophy drives the efficient management of the logical layer, the hardware required to run it remains as important as ever. And so the network engineer’s role in keeping those physical devices operational at all times is critical to the health of the organization.

Networking, at its most basic level, is about connecting Point A to Point B, and keeping that connection secure and reliable regardless of external conditions. One challenge is that many architectures rely on using the production network to manage that same network, which becomes problematic when congestion or an outage occurs. It’s no different to having to call the phone company to report that your phone isn’t working – problematic. To avoid this, companies have traditionally used a separate out-of-band management network to ensure secure access to their critical devices, often using a cellular modem to provide a reliable alternative path. A console server is installed at each data location, providing a physical connection to routers and switches, which can be accessed remotely from a NOC or central location.

In many cases, this is seen as being “for emergency use only” when in fact it should be used as an independent management plane at all times, not only during an outage. It allows network admins to lock down many features on the production network, and to perform configuration management only through the more secure out-of-band network, with limited login access, effectively becoming the “Network Admin’s Network.”

To manage the ever more complex expectations of enterprise organizations, a NetOps approach is becoming increasingly popular with network engineers, using many of the tools and processes familiar to the DevOps community. To keep it simple, many are looking to their existing network architecture to support this, rather than relying on Server or Applications teams to allow them access to the production server. Advanced console servers are now available with x86 CPUs, capable of running both the out-of-band management network and common NetOps tools such as Docker containers and Python scripts. By upgrading, or expanding, their existing console server deployments, a network engineer can now extend their reach to the edge of the network, with advanced automation routines at each satellite location.

With secure Out-of-Band management access and the ability to run NetOps tools in a single appliance, Network Engineers can now create their own independent management plane, for Day-one, for every day configuration management, and for secure access when the network goes down. With this resilient physical network in place, your virtualized environments continue to operate reliably, with no disruption to the end user.

To learn more about Out-of-Band Management, join Open Gear and ONUG at the upcoming webinar on June 24th titled
Network Management Plane: Out-of-Band and NetOps Together

 

Author's Bio

Marcio Saito

Marcio is responsible for product and technology strategy for Opengear. He is based in the San Francisco Bay Area and has previously held executive level positions in global technology companies. At Cyclades, he was a pioneer in the Open Source Software movement and helped to establish the concept of out-of-band management for Data Center Infrastructure. Later, as the VP of Strategy for Avocent, he managed product and engineering teams and led the development of one of the first DCIM solutions in the market. He holds a BSEE degree from University of São Paulo.