Jon
I use an Western Telematics APS 16 which is a rs232 serial port console
switch... http://www.wti.com/
Just plug a modem onto one port, and the consoles of all your network or
Sun/UNIX/Linux gear onto the rest, the phone up...
You password each port too, admin and user levels..
Owen
Jon wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
What kind of gear do folks use in their networks for out of band access to
production routers? Specifically, I'd like to know about more secure
solutions than just a CompUSA 33.6 plugged into the AUX port.
I've seen security policies that allow a normal modem to be plugged into
the router, but it's required to be powered up (or connected to the phone
line) only when needed -- which still requires someone to touch the gear,
but may keep from having a network engineer drive all the way to the
remote site for a console connection. Better would be some secure modem
that uses an RSA token or local account database to allow login, and logs
all attempts to some IDS or syslogd somewhere. I've seen a few vendors'
websites, and all claim to be the final solution. Some even integrate a
terminal server, something like using a 2509 with a secure modem.
I'd like to hear some field knowledge with these devices, and whether they
were worth the trouble, or if the powered-off modem is still the best
solution. And, this isn't a probe to see who doesn't use OOB security,
it's a real question -- hopefully it'll save me (maybe others) time
testing and evaluating some of this stuff.
-jon-
__
Do You Yahoo!?
Get personalized email addresses from Yahoo! Mail - only $35
a year! http://personal.mail.yahoo.com/
Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=6918t=6667
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
