As IT infrastructures have become more virtualised, with the escalating growth of the Internet of Things (IoT), the rise of connected devices, and the ongoing migration of businesses to the cloud, networks have become more convoluted and difficult to manage, writes Alan Stewart-Brown, VP of EMEA at the network infrastructure and data centre management product company Opengear.
This added complexity also makes them more susceptible to security incidents. As software stacks require more frequent updates, they become more vulnerable to bugs, exploits and cyber-attacks. The threat is often both internal and external in nature.
Internal threats can come from many sources ranging from disgruntled employees unlocking the doors for cyber-criminals waiting outside the perimeter to gullible users becoming victims of phishing attacks. There is also of course a serious external threat to business networks. We know that there are bots out there that are actively looking for vulnerabilities that enable them to attack networks.
Risk
Whatever the origin of these threats, their prevalence highlights the importance of developing networks that are resilient, reliable and secure. So, how can organisations go about it? Out-of-band (OOB) console technology acting as a centralised conduit to manage secure access to security appliances across an environment, offers a route forward. Traditionally, OOB has been seen only as a means of connecting with remote devices if the primary production network is unavailable. Networks, servers and many appliances are generally fitted with serial interfaces which can be interrogated independently of the network and give the administrator a comprehensive picture of the status of the device. If a device does not respond, administrators can carry out a hard reboot via the control system for the power supply.
OOB management enables administrators to maintain and manage components like servers, WAN devices, and power supply units and resolve malfunctions via remote access. If there is an issue with connectivity, out-of-band solutions deliver a failover solution. Today this is normally done via cellular, although other options are available.
OOB management can ensure continuous remote access of administrators to critical components like network switches, routers and security applications like firewalls and encryption tools. This approach means there is no need for an onsite visit and if it does become necessary, the technician can ensure they arrive onsite with the right spare part in hand to resolve issues quickly.
Think smarter
Deploying smart OOB platforms can also address security issues in new, innovative ways and their deployment has several major advantages. First, they provide a simpler means to deploy multi-factor authentication (MFA) that only needs to be integrated into the console server to be enforceable across the whole security appliance layer. Second, smart OOB console technology can act as a system of record for all configuration changes and patches with changes sent over an alternative path – such as a 4G network and retained at a centralised Security Operations Centre (SOC), or Security Information and Event Management (SIEM) solution. An update failure that leaves the device unreachable via the production IP network can often be resolved via this same OOB connectivity that accesses the service ports on most network devices to reach the underlying console.
This approach helps managers determine if critical infrastructure has been patched and allows forensic investigators to find out if a breach was aided and abetted by the actions of an insider or was actually simply an oversight.
Another proactive security benefit is the capability for the smart OOB appliance to pull the event logs directly from connected devices and forward these to a central SIEM or Security Analytics platform for early detection and prevention of a targeted attack. Finally, smart OOB connectivity is also useful during a cyber-attack which disrupts the production IP network such as DDoS, a targeted switch attack or a rogue admin “lock out” attempt, with the out-of-band console server providing an encrypted direct connection to critical devices like routers and firewalls using 3G/4G cellular modems. The ability to rapidly and securely access logs from impacted devices can help pinpoint root causes and allow remediation to start faster.
That combination of diagnosis and ‘rapid cure’ is critically important, of course. In the event of a security breach causing a network outage, organisations need to find out what has happened to the network and must also find a way of resolving and rectifying the problem as quickly as possible. Smart OOB allows them to address and resolve these problems quickly and efficiently, allowing them to achieve the increased continuity, raised productivity and enhanced operational efficiency that is key to business success.
