What kind of gear do folks use in their networks for out of band access to production routers? Specifically, I'd like to know about more secure solutions than just a CompUSA 33.6 plugged into the AUX port. I've seen security policies that allow a normal modem to be plugged into the router, but it's required to be powered up (or connected to the phone line) only when needed -- which still requires someone to touch the gear, but may keep from having a network engineer drive all the way to the remote site for a console connection. Better would be some secure modem that uses an RSA token or local account database to allow login, and logs all attempts to some IDS or syslogd somewhere. I've seen a few vendors' websites, and all claim to be the final solution. Some even integrate a terminal server, something like using a 2509 with a secure modem. I'd like to hear some field knowledge with these devices, and whether they were worth the trouble, or if the powered-off modem is still the best solution. And, this isn't a probe to see who doesn't use OOB security, it's a real question -- hopefully it'll save me (maybe others) time testing and evaluating some of this stuff. -jon- __________________________________________________ Do You Yahoo!? Get personalized email addresses from Yahoo! Mail - only $35 a year! http://personal.mail.yahoo.com/ Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=6667&t=6667 -------------------------------------------------- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
