Add to collection(s) Add to saved
  1. Engineering & Technology
  2. Computer Science
  3. Computer Networks

Avocent Remote Access and Control ®

Avocent® Remote Access and Control
Solutions for Disaster Recovery Sites and Primary Data Centres
ACT 1: Setting the Scene
What is out-of-band remote access and control?
[out-of-band]
noun, singular
In all good data centres now:
Secure out-of-band Remote
Access and Control
Starring:
Avocent® ACS Advanced
Console Server
In computer administration, out-of-band management refers to a
fail-safe system of remote access, diagnostic and management
control. Access can be made even in the event of a primary network
subsystem (hardware and/or software) failure and can be performed
from anywhere in the world where there is an Internet connection.
Special guest star:
Avocent DSViewTM
Management Software
Audience:
Data Centre Managers
IT Professionals
NOC Personnel
Why it’s your insurance
policy against critical
systems failure
ACT 1: Setting the Scene
What it is. Why it’s
important. Leadership
criteria.
An out-of-band solution does not rely
on the traditional network to access and
control any connected device. It uses an
alternative path, bypassing the in-band
network and connecting to the device
through the console server. Plus you can
even connect via a dial-up path as plan C.
ACT 2: Action
Applications by industry
ACT 3: Discovery
Questions you need to ask
and...
Epilogue and Credits
Endorsements and technical
details
The benefits to you are that if a device
has shut down unexpectedly, crashed or
is switched off, you can still connect to it,
identify and solve the problem.
We equate it to an insurance policy insofar
as you only need an insurance policy when
the unforeseen happens and when the
potential cost of that unforeseen incident
is exponentially higher than the cost of
the policy.
In 2010, the average time to recover was 18.5
hours. In 2007, it was 17 hours.
– Forrester
What makes the Avocent® Solution the technology market leader?
There are many vendors on the market offering out-of-band solutions. But not all solutions
are created equal.
“Software configurable pin-outs” that
Early Detection Alert System (EDAS)
Security
allow a user to simplify the deployment
and configuration across all the serial
devices they need to manage. This is a
huge deal because the physical pin-out/
cables/adapters typically make attaching
the various serial devices and setting up
a console server both difficult and timeconsuming. Each serial device needs
a special adapter based on its pin out
(individual cables and serial adapters either
The “port alert string” feature can be
configured on the ACS to send alerts when
it detects certain text being sent out of the
console ports of an attached device. This
feature allows you to set up very specific
“alert terms” for specific ports; for example
to send an alert immediately when the
term “error”, “shutdown”, “duplicate”,
“failed”, “timeout”, etc is detected. This
could be used for early detection of certain
items to allow you to be more proactive in
addressing disaster recovery issues before
they impact performance or availability.
Traffic to and from the console server is SSL
encrypted so you are have a guarantee of
auditable compliance.
ordered or built one by one).
You wont find any other vendor
who has this capability!
You wont find any other vendor
who has this capability!
Centralised Management
Most vendors are very limited in terms of
centralised management, they typically
have very basic/limited rack PDUs and/
or KVM. The added bonus of having
centralised management is that you
can also manage other remote access/
management devices like KVM switches,
rack PDUs, and other products like
the Avocent® Universal Management
Gateway. So the option to add centralised
management in the future is a good selling
point and the additional capabilities
that come with that are also part of the
difference/advantage. This is where
Avocent DSView management software
can be combined with ACS to give you a
single pane of glass to efficiently manage
all your infrastructure through one
software tool.
Avocent® gives you a distinct
competitive advantage with this
benefit!
ACT 2: The application to disaster recovery
Primary Data Centres
Disaster Recovery Sites
Guarantee access to all business-critical networks
anywhere in the world with the confidence of
encrypted traffic and auditable user access,
regardless of whether the network is available.
A definition of what a disaster recovery site needs
to be.
The Pitch
Unless you live in your data centre, it’s likely you or your team will
at some stage require to access your data centre when a failure
takes place. Maybe it will be out of hours or you will be offsite so
you will require a fail-safe system of access business-critical
technology.
This being the case, you most likely use the existing network path
for access. But what happens if that path is also down? Then you
need an out-of-band solution which does not use the traditional
path but bypasses it via a console server.
The simple benefit to you is guaranteed access all the time. Plus
as your traffic is encrypted and user access is recorded you can be
sure you are compliant with any security mandates.
Important Points
Security
Encrypted traffic to comply with auditing mandates.
Global Access
Out-of-band technology is your insurance policy against
downtime.
Simplicity
Simple to deploy because of configurable pin outs.
Pre-emptive failure detection
Set up specific alerts for different ports.
When we talk about disaster recovery sites, we mean a disaster
recovery site that mimics a customer’s environment in an offsite
location. Therefore the environment personifies the absolute
need for a heterogeneity, out-of-band unblocked access (for
customers), access to serial, and PERMANENT (unlike BMCs which
require constant repurchase of “Remote Presence” turn-ons),
redundant access that can be set up on its own management
network. If you already have all this in place then stop reading... if
not, please continue.
The Issue
The provision of infrastructure and data backup/recovery services
for your business or other businesses means you need to be able
to respond quickly and seamlessly to a variety of infrastructure
needs. It is because you need the ability to respond to change for
each indiviual infrastructure need, a heterogeneous environment
is the optimal solution to achieve this. Typically you will have
servers, networking gear, switches, rack PDUs and other devices
that you will need to be able to communicate with working from
a remote location. If you are exclusively relying on ethernet and
in-band methodology to get access and control your disaster
recovery site, then you could be exposed to a failure in the
network. And, even if the network is up but a device in an
inaccessible disaster recovery location is down, then your ability
to access, reboot and recycle that device is ruled out.
The Application
That’s why you need a plan B and, ideally, a plan C. Plan B would be
an out-of-band solution to enable you to access any serial device,
server or rack PDU regardless of whether the network or device is
intact. This KVM over IP solution would enable you to gain access
to the network and its devices and as a plan C, also enable you to
bypass a malfunctioning router for access via dial-up. Because
there are different types of devices requiring different access tools,
you should utilise a centralised management software tool than
can consolidate all of these tools and let you view, access and
control any device fast and simply.
Without this insurance policy, your ability to mitigate basic
hardware and network failure is fundamentally compromised.
Disaster recovery budgets have “declined
sharply” since the global economy began a
downturn in 2008.
– Forrester
ACT 3: The Problem Identified and Solved
Remote Access Situational Fluency Prompter
Pain: Network Downtime
Job Title and Inudstry: Manager of Operations – Internet Communication
Offering: Avocent Remote Access Solutions
Reasons (R2)
Impact (I2)
Capabilities (C2)
Is it because...; Today...?
Is this [pain] causing...?
What if...; Would it help if...?
• Long repair times when a
network problem occurs?
• Difficulty in repairing a problem
because you are not onsite?
Is the system administrator
impacted?
• Introduce possible security risks
since entry into the data centre is
required to troubleshoot the
issue?
Is the security officer impacted?
• Cause you long cycles when
deploying new equipment?
• Cost additional money?
Is the operations engineer
impacted?
A
When: When the network has an
issue
Who: If the system administrator
What: Was able to remotely
access infrastructure elements
and isolated the problem in half
the time?
B
When: When new elements are
required in the infrastructure
Who: If the operations manager
What: Could quickly locate and
deploy a space efficient solution
for management?
A
A global networking
infrastructure that consists of
thousands of elements (servers,
routers, switches, firewalls and
PDUs) needs to be maintained
and managed
• How many data centres do
you manage today?
• How many elements are at
each data centre?
• What is the growth plan for
your existing infrastructure?
B
Such a large network can turn
data centre space into a valuable
resource.
• What do you pay today for
1RU?
• Is square footage a problem?
• How do you determine where
you will allocate a new data
centre element?
Solution
Features and Functions
PRODUCT FEATURES
The ACS 5000 meets the
remote management
needs of medium to large
data centres. The series
is available in 4, 8, 16, 32
and 48 ports with a single
AC power supply.
Virtual ACS
provides data
centre
managers the
ability to
maximize the
management of
UNIX-based
operating
systems in a
virtualised
machine.
The ACS 6000 console
server features a highspeed processor platform
with dual gigabit-Ethernet
ports for redundancy,
optional built-in modem
and two 16- and 32-bit PC
card options.
Product Positioning Chart
FEATURE
Model Types
MID-SIZE DATA CENTRE
LARGE DATA CENTRE
4, 8, 16, 32, 48
4, 8, 16, 32, 48
Single AC
Single, Dual, AC, DC
10/100MBit
10/100/1000MBit
Dual LAN
No
Yes
Pin-outs (Cisco & Cyclades)
No
Yes
Optional Built-in Modem
No
Yes
PCMCIA
No
2x 16/32-bit Slots
USB Ready
No
Yes
DSView 3 Integration
Yes
Yes
Power Management
Yes
Yes
Power Supply Options
LAN
Access Levels/Built-in User Groups
2
3 and Customizable
Auto Discovery
Yes
Yes
Authentication
Yes
Yes
Dual Factor Authentication
RSA SecurID
RSA SecurID
Kerberos, NIS, OTP, EAP
No
Yes
Authorization
No
Yes
Dial Back
No
Yes
IPsecSupport
No
Yes
IPv6 Support
No
Yes
Avocent® ACS 5000 Advanced Console Server
A Complete Console Management Solution
HARDWARE SPECIFICATIONS
CPU
MPC855T (PowerPC Dual-CPU)
128 MB DIMM SDRAM/128 MB compact flash
256 MB DIMM SDRAM/128 MB compact flash (ACS 5048 only)
1 Ethernet 10/100BT on RJ-45, 1 RS-232 console on RJ-45,
RS-232 serial ports on RJ-45
Internal 100–240 VAC, 50/60 Hz, 35 W max.
Memory
Interfaces
Power
for all ACS 5000 port models:
Power consumption nominal voltage 100-240 VAC:
Typical 0.15A, 18W
Maximum 0.3A, 36W
Power Usage
Operating Temp.
Storage Temp.
Humidity
50° to 112°F (10° to 44°C)
4° to 158°F (–20° to 70°C)
15% to 90% non-condensing
(W x D x H) ACS 5004, 5008, 5016, 5032, 5048 console servers
17.03 x 8.85 D x 1.70 in. (433mm x 225mm x 43mm)
7.7 lbs. (3.5 Kg)
FCC Part 15A
EN55022, A (CE)
EN55024 (CE)
ICES-03
C-Tick
Solaris Ready®
VCCI
In addition, the following certifications for specific models:
• GOSTR (Russia)*
• MIC (Korea)*
* Only specific models are certified to the above certifications
Dimensions
Weight
Certifications
DSView 3
Management Software
er
x Serv
Linu
UNIX
Authentication
Authorization
Accounting
r
Serve
erver
ows S
Wind
er
e
s S rv
Solari
r
te
u
Ro
Admin
et
Intern
h
Switc
PBX
Dial-Up
Dial
l-Up
Up
Management
Station
Admin
Local
Management
ion
Station
RS232
ACS50
PSTN
32
Modem
ACS 5000
Advanced Console Server
ORDERING DETAILS
PART NUMBER
DESCRIPTION
ACS 5004
4-port ACS 5000 console server SAC
ACS 5008
8-port ACS 5000 console server SAC
ACS 5016
16-port ACS 5000 console server SAC
ACS 5032
32-port ACS 5000 console server SAC
ACS5048
48-port ACS 5000 console server SAC
For country-specific availability, please contact an Avocent representative.
Admin
FEATURES
Operating System
• Embedded Linux
Accessibility
• In-band (Ethernet) and out-of-band (dial-up modem) support
• Dedicated console port
Security
• SSHv1 and SSHv2
• Local, RADIUS, TACACS+, LDAP/AD
• Two-factor authentication (RSA SecurID®)
• PAP/CHAP
• Local, backup-user authentication support
• IP packet and security filtering
• User-access lists per port
• System event syslog
• Dial-up access (PPP)
• Dial-up authentication for remote access
• IP forwarding support
Console Management
• Windows Server 2003 EMS support
• Sun™ break-safe (Solaris Ready certified)
• Java™-based SSH client
• Off-line data buffering – local or remote (NFS/syslog)
• Level-based syslog filters
• Time stamp and rotations for data buffering
• Unlimited number of simultaneous sessions
• Simultaneous access on the same port (port sniffing) with ability
to toggle
• Clustering (central access to multiple console servers)
• Event notification (e-mail, pager, SNMP trap)
• Global time zone support
• Multiple and customizable user levels of access
Port Access
• Directly by TCP port, IP address or server name
• Telnet/SSH with menu
• Simultaneous Telnet and SSH access
• HTTP/HTTPS
System Management
• Configuration wizard for first-time users
• Auto discovery for automatic deployment
• Command line access (Linux shell)
• Web management interface (HTTP/HTTPS)
• SNMP
• Centralized management using DSView 3 software
Power Management
• Power integration using Avocent Power Management Distribution
Units (PM PDUs)
• Third-party power support using SPC power control device
• ServerTech Switched CDU Power Strips
Cabling
• CAT-5 compatible adapters for simpler cabling
Upgrades
• Upgrades available on FTP site, no charge
• Flash upgradeable
• TFTP support for network boot
Additional Protocols Supported
• DHCP for dynamic IP address assignment
• IPv6 support for greater deployment flexibility
• PPP for dial-up
• NTP for time server synchronization
• RFC2217 support for remote serial port access
Avocent® ACS 6000 Advanced Console Server
A Next-Generation Console Management Solution
HARDWARE SPECIFICATIONS
CPU
Memory
PPC440EPx @ 533 MHz (PowerPC with Security Acceleration Engine)
128 MB NAND flash (embedded ICs on motherboard)
256 MB DDisaster recovery-2 memory (embedded ICs on motherboard)
Interfaces
2 Gigabit (10/100/1000BT) Ethernet interfaces on RJ45
1 RS-232 serial console port on RJ45
1 AUX RS232 port on RJ45 OR internal modem V.92 port on
RJ45 (RJ11 compatible)
RS232 ports on RJ45
1 USB 2.0 Host on Type A connector
2 PC Card / CardBus with ejector (dual Type II or single Type III)
PC Card Slots
Supporting
Ethernet, fast Ethernet (fiber optic), Fiber and Memory Cards, V.92 and
modems, compact flash, IDE disaster recoveryive
Power
Internal 100–240 VAC, 50/60 Hz Optional –48 VDC power supply
Optional dual entry, redundant AC and DC power supplies
Power Usage
Operating Temp.
Storage Temp.
Humidity
Dimensions (W x D x H)
Weight
Certifications
Nominal voltage 120VAC:
Typical 0.17A, 20W
Maximum 0.25A, 30W
Nominal voltage 230VAC:
Typical 0.1A, 23W
Maximum 0.15A, 35W
Nominal voltage -48VDC (20% tolerance)
Typical 0.5A
32° to 122°F (0° to 50°C)
–4° to 158°F (–20° to 70°C)
20% to 80% noncondensing
17.250 x 9.5 D x 1.75 in. (43.82 x 24.13 x 4.45 cm)
6.6 lbs
Security Standards
• F IPS 140-2 compliant cryptography – The FIPS mode of operation
uses an embedded FIPS 140-2 certified OpenSSL cryptographic
module (Certificate #1051)
Emissions and Immunity:
Safety:
• FCC Class B
• UL (USA)
• CE Class A (EU)
• cUL (Canada)
• ICES-003 (Canada)
• EN-60950 (EU)
• VCCI (Japan)
• CB
• C-Tick and A-Tick (Australia)
• NEBS by Design**
In addition, the following certifications for specific models: • GOSTR (Russia)*
• MIC (Korea)*
* Only specific models are certified to the above certifications
** NEBS level 3 compliant design
ORDERING DETAILS
SINGLE POWER SUPPLY MODELS
AC MODELS
DC MODELS
PORTS
ACS6004SAC
ACS6004MSAC
ACS6008SAC
ACS6008MSAC
ACS6016SAC
ACS6016MSAC
ACS6032SAC
ACS6032MSAC
ACS6048SAC
4
4
8
8
16
16
32
32
48
ACS6004SDC
ACS6004MSDC
ACS6008SDC
ACS6008MSDC
ACS6016SDC
ACS6016MSDC
ACS6032SDC
ACS6032MSDC
ACS6048SDC
OPTIONS
Modem
Modem
Modem
Modem
DUAL POWER SUPPLY MODELS
AC MODELS
DC MODELS
PORTS
ACS6004DAC
ACS6004MDAC
ACS6008DAC
ACS6008MDAC
ACS6016DAC
ACS6016MDAC
ACS6032DAC
ACS6032MDAC
ACS6048DAC
ACS6048MDAC
ACS6004DDC
ACS6004MDDC
ACS6008DDC
ACS6008MDDC
ACS6016DDC
ACS6016MDDC
ACS6032DDC
ACS6032MDDC
ACS6048DDC
ACS6048MDDC
4
4
8
8
16
16
32
32
48
48
OPTIONS
Modem
Modem
Modem
Modem
Modem
FEATURES
Operating System
• Embedded Linux
Accessibility
• In-band (Ethernet) and out-of-band (dial-up modem) support
• Built-in modem connectivity
• Allows for alternative access interfaces, such as modem (v.92),
Ethernet, fast Ethernet (fiber optic) through 16- and 32-bit PC
cards
Availability
• Automatic Ethernet failover using second gigabit Ethernet port as
the
secondary port
• Dual power supply
• Internal modem support
• USB port option allows for storage or to connect USB-based PC
cards
Security
• FIPS 140-2 compliant cryptography – The FIPS mode of operation
uses an embedded FIPS 140-2 certified OpenSSL cryptographic
module (Certificate #1051)
• Preset security profiles–secure, moderate and open
• Custom security profiles
• X.509 SSH certificate support
• SSHv1 and SSHv2
• Local, RADIUS, TACACS+, LDAP/AD, NIS and Kerberos
authentication
• Two-factor authentication (RSA SecurID®)
• One-Time Password (OTP) authentication
• Local, backup-user authentication support
• PAP/CHAP and Extensible Authentication Protocol (EAP)
authentication (for dial-up lines)
• Group authorization:
– TACACS+, RADIUS and LDAP
– Port access
– Power access
– Appliance privilege
• IP packet and security filtering
• User-access lists per port
• System event syslog
• IPSec with NAT traversal support
• IP forwarding support
• Secure factory defaults
• Strong password enforcement
Console Management
• Sun break-safe (Solaris Ready Certified)
• Break-over SSH support
• Off-line data buffering – local and remote (NFS/Syslog/DSView 3
software)
• Level-based syslog filters
• Time stamp and rotations for data buffering
• Unlimited number of simultaneous sessions
• Simultaneous access on the same port (port sniffing) with ability
to toggle
• Configurable event notification (e-mail, pager, SNMP trap)
• Customisable, global time zone support
• Multiple and customizable user levels of access
Port Access
• Directly by server name or device name
• CLI Command
• Simultaneous Telnet and SSH access
• HTTP/HTTPS
System Management
• Configuration wizard in Web for first-time users
• Auto Discovery for automatic deployment
• Command line interface (CLI)
• Web Management Interface (HTTP/HTTPS)
• SNMP
• Internal temperature sensor
Cabling
• CAT-5 compatible adapters for simpler cabling†
• Configurable Cyclades and Cisco pin-outs for serial ports
Upgrades
• Upgrades available on FTP site, no charge
• TFTP support for network boot
Emerson Network Power - Global Headquarters
1050 Dearborn Drive
P.O. Box 29186
Columbus, OH 43229
Tel: +1 614 888 0246
Emerson Network Power - EMEA
Ebury Gate
23 Lower Belgrave Street
London SW1W 0NR, United Kingdom
Tel: +44 0 20 7881 1440
Emerson Network Power
EmersonNetworkPower.com
Emerson, Emerson Network Power and the Emerson Network Power logo are service marks and trademarks of Emerson Electric Co. Avocent is a registered trademark of Avocent
Corporation. All third-party marks are the property of their respective owners. ©2013 Emerson Electric Co. All rights reserved. 0413-ACS_ENAB-EMEA-EXTERNAL-BRO-EN
Related documents
GC Instrument Portfolio
GC Instrument Portfolio
A Customer Success from the Experts in Business-Critical Continuity .
A Customer Success from the Experts in Business-Critical Continuity .
ACS Committee on Professional Training
ACS Committee on Professional Training
Wu-VortexCATALYST-FOR-POSITIVE-CHANGE
Wu-VortexCATALYST-FOR-POSITIVE-CHANGE
Installing Red Hat Enterprise Linux 5
Installing Red Hat Enterprise Linux 5
University of Florida Gainesville, FL, USA
University of Florida Gainesville, FL, USA
Download