SEARCH
Loading
 SIGN UP FOR CDI NEWSLETTER

HOME SOLUTIONS PRODUCTS SUPPORT ABOUT CDI RESOURCES NEWS & EVENTS CONTACT US
 

Out of Band Manager with Global Terminal Management
A complete Global Terminal Management system providing:

  1. Secure Out of Band Management
  2. Secure Out of Band Access
  3. Secure SSH access to ALL network enabled devices
  4. Secure SSH authentication server to prevent "rogue" copies of SSH Clients from compromising your network.


 

 

 

 

 

News Release

 

 

Out of Band Manager is a Patent Pending unified platform that combines management of CDI devices along with Global Terminal Management “GTM” of all SSH connections. The OBM provides SSH terminal access directly to routers, firewalls, and other network appliances. This “cockpit view” allows the network engineer to perform all secure terminal access functions from one secure platform.
SSH is an open source platform that is highly susceptible to rogue incarnations as it is freely available, with source code, as an internet download. This provides a vehicle for un-trusted parties to sprinkle the internet with rogue copies of the SSH client which will seem to operate normal to the network engineer. The problem is that these rogue SSH clients while operating normal will also copy all the keystroke data during terminal sessions and secret them on the network for later retrieval or just send them out via email or direct FTP to the un-trusted party for mining of ID’s and passwords. CDI’s OBM system eliminates this threat with an authentication server that not only authenticates the remote users, but also their SSH client software. This is the first complete Out of Band Manager with built in SSH management available. CDI has applied for a United States Patent and will extend that to an international Patent, once awarded.

 

General Information

The CDI Out of Band Manager (OBM) is a central database manager for CDI, and non-CDI, Out of Band Management devices. The windows based software can Manage, Monitor, Control, and Connect, to thousands of CDI and non-CDI devices via SSH, Encrypted Network, Encrypted Dial-up, or GPRS cellular.

The system uses role based security credentials to granulate "who has access to what" in the database and to separate job functions from security administrators through operations engineers, to vendor access.

Security administrators can access the database through client software and add, delete or change credentials for users, devices, or system settings. All access is role based so only those functions granted to that operator are allowed to be performed. All other functions are hidden from that operator.

Day to day NOC engineers, external vendors, offsite personnel, and/or MSP personnel can access the database simultaneously for GUI based connection to remote devices. Each engineer is only allowed access to devices and functions defined in their profile. A simple point and click interface provides ease of access via, SSH, Encrypted Network, Encrypted Dial-up, Secure Dial-up, or GPRS cellular to remote devices in the system. The software allows access to non-CDI devices as well through the same GUI interface.

All terminal keystrokes are logged to the database and all activity is monitored and recorded. A full audit is also stored and can be exported to many popular report formats. Syslog and SNMP messages can be sent to other management systems for even greater central monitoring.


Features

  1. OBM provides a single "cockpit" control of all the SSH connections on the network. All terminal access can be performed through one application.
  2. The OBM uses Client Server topology so all database information is stored securely in a central SQL database.
  3. Role Based Security allows granular control over functions allowed for each engineer or administrator.
  4. Terminal Access Discovery feature that finds all SSH, Telnet, and browser access on a network and places those devices in the database.
  5. All Sessions are Two Factor Authenticated to ensure that they are originating from the OBM Manager. This ensures that no rogue copies of SSH can access the network elements.
  6. All SSH session are "Keystroke Logged" to ensure that all functions performed on the network element are recorded and time-stamped with user information.
  7. The Network Administrator and/or Security Administrator is now sure that all SSH access is centrally authenticated, audited, and logged.
  8. All devices are periodically contacted (PING, Telnet, or SSH) to ensure they are responding. Errors can be sent off to Syslog or SNMP engines.

Order Info

  • OBM is available for small installs using SQL express or larger installs using SQL 2005
  • Contact your CDI support engineer if you need a copy

Specs