The challenge with network management is that it relies on the network itself to operate. To really manage network infrastructure, you need to operate from an out-of-band perspective—and beyond just being a secondary connection to devices. For Uplogix, going beyond out-of-band means monitoring devices and taking actions directly over the console port, like an onsite technician with a laptop.
Uplogix is an automated network management platform designed to monitor devices and execute initial recovery actions typically performed by network technicians. Uplogix utilizes console port and dedicated Ethernet connections to reduce dependence on the network itself to retrieve state and performance information, as well as reliably execute predefined automated tasks.
Uplogix goes far beyond traditional console servers that sit idle, waiting to be useful should there be a crisis. Uplogix gives administrators “longer arms and better tools” to go along with reliable network management automation every day.
The Uplogix LMS has also been virtualized, and can be run as a VM letting you take advantage of an existing investment in extensible Cisco Integrated Services Routers with support for SRE Modules and HWIC serial port adapters, or on a local server with connections to devices through a console server.
Out-of-Band AccessIt’s out-of-band the way you want it
Uplogix is the most reliable and secure out-band-access solution on the market today, with more options for linking to your gear over a secondary network path.
Uplogix Local Managers deliver the widest array of on-demand WAN alternative network connection options including dial-up, cellular, fiber or satellite modems provides a reliable management connection to remote gear. There is also a secondary Ethernet connection that can be used for an out-of-band connection such as a DSL modem. This connection can also route primary traffic using the WAN Traffic Failover feature and a high-bandwith OOB connection like an LTE modem.
With the Uplogix rules engine, you can also configure multiple options and use rules to decide which option to use and when.
Download the Out-of-Band Solution Brief
Secure Remote PlatformSecure access on a closed platform
Network security is more critical than ever. The security features of the Uplogix platform were initially developed for customers in finance and the military, but many enterprises are finding they need similar functionality. You need to know that your network is locked down inside and out and be able to prove it. With the average cost of a security breach increasing yearly, what business today doesn’t need reliable network security?
Uplogix is a secure, closed appliance. The underlying Linux OS does not have root access, which eliminates threat vectors possible with an open console server. Beyond the separation from the OS, the Uplogix platform is FIPS 140-2 Level Two Certified — not just a component of the solution like a FIPS-certified Open SSL library. Our solid state hard drives are available with AES-256 disk encryption, and only the SSH port is open by default.
All configuration and features for managing devices are governed by powerful and granular authorization controls with every activity and change logged and archived to the NOC. With features that automate device monitoring, maintenance and recovery, scripting isn’t necessary, avoiding another threat vector.
Download the Security Solution Brief
Network-Indendent ManagementAn automated configuration safety net
“60% of network downtime is caused by human error during device configuration” according to the research firm EMA. There are just too many devices to manage and too many changes to make to those devices on a regular basis in enterprise environments to rely on manual, error-prone, one-at-a-time processes.
Uplogix can automate common configuration management tasks, reducing downtime by eliminating common errors introduced by the manual execution of tasks like OS upgrades, password updates, and all-important device configuration changes. Make groups of like-devices and schedule batch upgrades rather than updating one box at a time.
If a configuration change fails or an admin is cut off mid-change from a device, Uplogix can immediately roll the device back to the last known good configuration using the unique SurgicalRollback™ feature, minimizing downtime in a way not possible with in-band-only software solutions. This process restores the device to working order without affecting other device operations. Uplogix locally stores multiple configurations for each device under management to enable this powerful feature.
Download the DTS Case Study
Reliable AutomationWe take you to the highest level of performance and reliability
Traditional network management tools rely on the network to manage the network. This leads to situations where at the moment the management tools are needed the most—during an outage—they are completely ineffective. As a result, network administrators are not interested in enabling automation that could leave them disconnnected. This leads to many routine tasks being done “by hand” which not only consumes a large amount of time and effort, but also increases the number of opportunities for human error.
Uplogix deploys locally and connects to gear over the same connection as an onsite administrator for network-independent automation that delivers:
- Automated Recovery | Based on high-resolution monitoring data, Local Managers can take automated responses to device issues, saving time and service calls.
- Mass OS Updates | Schedule once to update all similar devices on your network with the confidence of SurgicalRollback—letting you manage by exception, rather than touching each device one at a time.
- Integrated Out-of-Band | Using the most cost-effective source available at the location, Uplogix automatically creates an alternate pathway for technicians to access gear as if they were onsite.
SateliteORANGE BUSINESS SERVICES
Uplogix automates management and recovery of routine network issues plus challenges unique to maritime satellite networks like blockage zone remediation ensuring that the network stays up.
Operating the largest and most complex liquids pipeline system in the world requires an extensive information network. Uplogix provides secure access and reduces the number of support truck rolls.
Uplogix simplifies management by serving as a single interface to diverse network gear that is a result of rapid expansions through acquisitions in the banking industry.
Managed Service ProviderUplogix is used throughout the customer life cycle for local management of network devices for one of the largest carriers as an out-of-band solution that goes beyond just out-of-band access.
ManufacturingSUGAR FOODS CORPORATION
With operations in the US and Mexico, Sugar Foods already realized the benefits of console servers. They upgraded their old console servers with Uplogix for next-generation out-of-band capabilities.
Mosaic Medical is a non-profit community health center system in Central Oregon. They deployed Uplogix in their clinics to standardize systems and configurations and to introduce automation for updates and management tasks.
EducationOKLAHOMA UNIVERSITY HEALTH SCIENCE CENTER
Seven health-related colleges distributed around downtown Oklahoma City use Uplogix to contribute to HIPPA compliance by automating routine system maintenance and monitoring with logging and access controls – even during network outages.
Branch office management challenges addressed by Uplogix
Distributed enterprises depend on branch offices for sales, manufacturing, retail, distribution, and customer support. Despite their vital importance, these remote sites are often the most vulnerable points in enterprise networks due to the challenges of managing at the network’s edge.
Unlike most headquarters, remote locations must overcome single points of failure and limited management visibility and control, as well as a lack of on-site technical staff ensuring high IT service levels. Routine maintenance tasks often require a site visit, and outages are common, leading to high support costs and downtime incidents.
Studies have shown the amount of time needed to identify, isolate and resolve a problem at a remote location can take five times or more than a similar problem at headquarters, due to lack of support staff, tools and visibility at remote sites.
Using traditional, network-dependent management tools, branch offices and remote locations are often exposed to security vulnerabilities and regulatory compliance gaps, especially during outages. It has simply not been possible for network operations staff using existing management technologies to guarantee the availability, security, or compliance of branch office environments.
MTBF and MTTR are important when managing a remote office network, but so is MTTI.
MTTI – The Mean Time to Innocence
MTBF (mean time between faults) and MTTR (mean time to recovery) are important measurements that usually factor into the creation of SLAs (service level agreements) and are especially critical for successful branch office networks. Another important metric within IT groups when it comes to management tools is MTTI, or the mean time to innocence. When there is a problem, this is the idea that it’s important to know if the problem is your fault, or lies elsewhere. It’s easier to get to a root cause when you can cut through finger pointing early in the event.
Uplogix is a critical tool for addressing the challenges of managing branch offices with capabilities that lower support costs and increase uptime and network security. Uplogix also complements existing in-band, centralized monitoring systems while providing centralized IT staff with the access, control and enforcement capabilities needed to manage remote locations:
- Keeps branch offices online, even when the network is down or degraded, by providing secure out-of-band access to distributed devices as well as continuing to move primary network traffic with the WAN Traffic Failover (WTF) feature
- Provides best-in-class problem diagnosis and recovery capabilities to autonomously detect and fix remote issues without having to deploy expensive resources on-site
- Locally executes routine remote maintenance tasks like patch upgrades and configuration changes consistently and error-free, significantly reducing ongoing remote support costs
- Offers a secure platform for remote management and ensures compliance with internal management policies, regardless of the state of the network
Uplogix Solutions for Data Center Networks
Whether lights-out or just locked up, secure out-of-band access and network management automation makes running a data center more efficient
Data center network management challenges addressed by Uplogix
To protect availability, problems have to be resolved quickly and accurately to minimize disruptions. Outages due to human error—the most common cause of outages—have to be minimized, and when they do occur, the mean-time-to-recover (MTTR) from them has to be swift and efficient.
Security threats take on even more importance at the data center. Systems must be patched rapidly to minimize the impacts of outside threats. Unauthorized changes have to be detected and quarantined quickly to not only ensure the protection of business-critical information that resides in the data center, but also to protect uptime.
In addition, routine maintenance procedures require standardization and consistency to protect system availability and security. Solutions are needed that can quickly and effectively address the availability, security and support challenges that administrators face in managing the data center
The automated support features of the Uplogix can drastically reduce the time spent on routine data center maintenance tasks, leading to greater standardization and lower support costs.
Key Uplogix features for the data center
The Uplogix platform has been designed to address the challenges of data center networks by:
- Providing a safety net by quickly pinpointing and recovering from erroneous configuration changes via the transaction-based, SurgicalRollback™ feature, preventing unscheduled downtime
- Rapidly reducing the MTTR from an outage through automated, rules-based diagnosis and recovery
- Removing the need to manage network-connected devices over the network through management automation and secure out-of-band access
- Protecting and ensuring security policies through a robust authentication, authorization and accounting model (AAA), and customizable user access controls
- Maintaining consistent, best-practice procedures for manually executing or automating hundreds of routine maintenance tasks including configuration, patch and policy management—which leads to cost savings, higher uptime and increased management security
Via the Uplogix Control Center, data center administrators can get up-to-the-minute operational data and visibility as well as integrate collected information into other existing management systems.
Uplogix for Network Infrastructure Security
Locking down long-time vulnerabilities and remote site management weaknesses
Two forms of critical security vulnerabilities continue to plague mission critical network infrastructure and account for the majority of related security breaches:
- Maintaining secure software and configurations | Updating the software on, and configuration of, network and communications devices in the face of constantly evolving security threats
- Securing Administrative Console Access | Ensuring appropriate and audited access and compliance with policy by the technicians, sometimes employees sometimes not, that you rely on to maintain network and communications gear
Maintaining Secure Software and Configurations
Securing the network is an on-going battle that can never ultimately be won as new forms of attack are being developed and new vulnerabilities discovered every day in even the best software. For example in 2013 Cisco alone issued 42 Security Advisories typically recommending configuration changes or software patches.
Network devices that cannot be frequently and easily configured and upgraded cannot be secured. “If it ain’t broke don’t fix it” is a hacker’s dream.
When the network goes down users notice and the goals of the enterprise can be severely undermined. Given this, pushing upgrades and making changes to the network, over the network, using centralized tools is extremely risky. Applying upgrades and patches reliably can mean time consuming and expensive site visits, still with the risk of down-time, leading to infrequent change.
Uplogix configuration and change management capabilities make it easy and safe to apply changes and updates to address new threats immediately as they become known.
Uplogix extends role-based administrative access policies to devices with detailed auditing and reporting for compliance when the network is up, or down.
Uplogix key security functionality
Key Software and Configuration Change Management Capabilities
- Automatically and remotely push configuration changes and upgrades without the risk that the changes could result in network outages. Out-of-band automated SurgicalRollback™ restores valid configurations instantly and automatically, plus highlights issues when problems occur.
- Automate common, but complex, and therefore error-prone configuration tasks reducing error
- Securely update the access passwords on hundreds of managed devices in a single action
- Decrease the administrative complexity created by heterogeneous network infrastructures by providing a single consistent management interface
- Use configuration differencing to review recent changes to network and communications devices, easily discerning if either problematic or corrective changes have been made
- Ensure access to devices by skilled remote technicians even when the network is down via a completely out-of-band secure architecture
Securing Administrative Console Access
In the heat of the moment when network problems arise, urgency can prevail over security. Break-glass root passwords are issued to empower technicians to console connect to devices and resolve issues, any centralized administrative audit is off-line, and carefully crafted policies intended to protect data are quickly forgotten. This is precisely the circumstance that sets the stage for a serious breach, unintended or not.
Uplogix Local and Out-of-Band Management is console connected to managed devices, simultaneously enhancing technicians’ ability to mount an effective response to issues while ensuring that security and audit is not compromised. By storing encrypted device credentials only on the Uplogix Local Manager, secure, policy compliant and audited administrative access can be ensured with complete logging of all transactions for compliance requirements.
- Flexible and fine-grained role-based administrative access allows security policies to be precisely reflected and enforced in the form of user access privileges
- Rules prevent unauthorized user access by doing things like automatically closing idle console sessions, or intercepting and stopping noncompliant administrative commands, or even command sequences eliminating security gaps
- Maintenance of AAA (Authentication, Authorization and Accounting), regardless of the state of the network. Under normal circumstances, Uplogix Local Managers integrate with remote authentication mechanisms, such as TACACS and Radius, but if connectivity is lost, the LM can failover to other AAA servers before falling back on cached authentication data to maintain authorized access.
- Use multifactor authentication through integration with RSA SecureID and Secure Computing SafeWord even if the network is down
- Provide policy compliant audit by monitoring, measuring and reporting on all changes made to the managed IT infrastructure to satisfy internal and regulatory security standards. Capture, log and archive every keystroke and output regardless of network status. Allows for flexibility with customizable rules, policies, and reports to meet business- or industry-specific compliance requirements.
- Eliminate potential modem security issues with intelligent out-of-band access. Uplogix appliances can always “dial-out,” never allowing in-bound dial-up requests and eliminating the potential for war-dialing or other external unauthorized access attempts.
- Improve overall security by restricting access to specific IP addresses and encrypting passwords stored in the database
Uplogix for M2M Management
Uplogix can help you scale your network infrastructure management to be ready for the Internet of Things
Uplogix Local Managers are the management machines for M2M infrastructure
Smart power grids, intelligent buildings, pipeline controllers, medical imaging and as many other Machine-to-Machine (M2M) applications as a vibrant industry can imagine are rapidly changing the world for the better by delivering cost savings, energy efficiency, safety and convenience.
Along with the opportunities M2M presents us comes a vast and growing highly-distributed communications and control infrastructure. Estimates for the number of intelligent, connected, distributed and non-traditional devices in place already today routinely exceed 200 million with forecasts for the future in the billions. This infrastructure needs to be implemented, managed, maintained and ultimately integrated with the existing management processes and tools of central IT organizations.
Uplogix deploys intelligent monitoring and automation appliances to where network infrastructure resides to improve security, performance and availability. It’s like having a virtual onsite technician. A machine to manage your machines. Whether your M2M infrastructure uses IP M2M Gateways and Zigbee, SCADA RTUs/PLCs and Modbus, wireless LAN, cellular, satellite, plain old telephone or some combination of the above, Uplogix can ensure availability while keeping operational expenses under control.
If you aren’t looking to automate your network management practices, the coming onslaught of IP-enabled devices is going to break the bank and your network
Challenges in M2M ManagementThere are many challenges unique to M2M infrastructure that Uplogix addresses thoroughly and cost effectively.
- Most infrastructure components such as M2M gateways, firewalls, RTUs, PLCs, communications gear and even standard networking gear like routers and switches are highly distributed and remote, making on-site repairs, changes and upgrades expensive and sometimes dangerous.
- Often, M2M communication channels such as satellite or SMS cellular are optimized for low bandwidth, power and cost. This channel often lacks the bandwidth for the remote performance of management tasks.
- A single remote infrastructure element such as an M2M gateway or RTU can control hundreds of devices, making downtime expensive and extremely impactful.
- Some of the most valuable M2M applications are mission critical, where lives may depend on proper functionality leading to stringent availability requirements.
- Especially in SCADA applications, infrastructure components may not be IP addressable and lack SNMP MIBS, making them invisible to and incompatible with existing centralized management tools.
- Some M2M devices and strategies require augmented “local intelligence” to allow for some level of decision making independent of central control.
With Uplogix you can manage critical M2M infrastructure components like M2M IP to ZigBee and other gateways, routers, switches, firewalls, RTUs, PLCs, satellite communications gear and in some cases the components of intelligent devices themselves:
M2M Management Solutions
- Connect directly to managed devices via the console port
- Enhance security by locking down remote and on-site administrative access using fine grained roles. Preserve AAA and complete audit of all administrative actions regardless of network state.
- Track and automate remote configuration changes to infrastructure components with a fail-safed system that includes automated SurgicalRollback™
- Monitor state and performance of infrastructure components intensively without network impact. Send device status data to SNMP monitoring systems even when the devices themselves are not IP addressable and lack MIBs.
- Automate Support. Detect problems and take a sequence of automated recovery steps when issues occur, dramatically reducing mean time to recovery (MTTR)
- Establish on-demand a secure out-of-band connection via POTs, cellular or satellite when human intervention is required. Dial in or out based on a rule or upon receipt of an SMS message.
- Add intelligence to your system improving its capabilities with flexible rules-based automation. Improve device autonomy (e.g. circuit switch based on cost, time and location; reorient satellite dishes on moving vessels based on GPS coordinates; power down and back up based on rules) to most optimally meet your unique requirements.