Jon I use an Western Telematics APS 16 which is a rs232 serial port console switch... http://www.wti.com/ Just plug a modem onto one port, and the consoles of all your network or Sun/UNIX/Linux gear onto the rest, the phone up... You password each port too, admin and user levels.. Owen ""Jon"" wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > What kind of gear do folks use in their networks for out of band access to > production routers? Specifically, I'd like to know about more secure > solutions than just a CompUSA 33.6 plugged into the AUX port. > > I've seen security policies that allow a normal modem to be plugged into > the router, but it's required to be powered up (or connected to the phone > line) only when needed -- which still requires someone to touch the gear, > but may keep from having a network engineer drive all the way to the > remote site for a console connection. Better would be some secure modem > that uses an RSA token or local account database to allow login, and logs > all attempts to some IDS or syslogd somewhere. I've seen a few vendors' > websites, and all claim to be the final solution. Some even integrate a > terminal server, something like using a 2509 with a secure modem. > > I'd like to hear some field knowledge with these devices, and whether they > were worth the trouble, or if the powered-off modem is still the best > solution. And, this isn't a probe to see who doesn't use OOB security, > it's a real question -- hopefully it'll save me (maybe others) time > testing and evaluating some of this stuff. > > -jon- > > __________________________________________________ > Do You Yahoo!? > Get personalized email addresses from Yahoo! Mail - only $35 > a year! http://personal.mail.yahoo.com/ Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=6918&t=6667 -------------------------------------------------- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]