[152273] in North American Network Operators' Group
RE: Securing OOB
daemon@ATHENA.MIT.EDU (Steven C. Blair)
Mon Apr 23 08:58:54 2012
From: "Steven C. Blair" <blairs@isc.upenn.edu>
To: Eric <eric@roxanne.org>, "nanog@nanog.org" <nanog@nanog.org>
Date: Mon, 23 Apr 2012 12:58:16 +0000
In-Reply-To: <A154B416-CCD4-4249-A871-E422E891C8D9@roxanne.org>
Errors-To: nanog-bounces+nanog.discuss=bloom-picayune.mit.edu@nanog.org
Thanks for starting this discussion Eric. We're just starting to look at up=
grading our oob console network and wondering how to provide access from LA=
N based application monitoring platforms. We're currently looking at instal=
ling a VPN appliance between our production network and the "oob network".
-Steve
-----Original Message-----
From: Eric [mailto:eric@roxanne.org]=20
Sent: Monday, April 23, 2012 8:40 AM
To: nanog@nanog.org
Subject: Securing OOB
Hello,
It seems that the current practice is to use a DSL line, as opposed to a mo=
dem, for accessing an OOB a console server at a remote colo. From a securi=
ty standpoint, what do people generally do - trust the console server, repu=
rpose an old linksys box from my house or put in a full firewall? =20
Eric :)
