In arguably one of the most entertaining Presidential debates in years, cyber security was a front and center topic of conversation. Though the candidates appeared to agree on little, there was consensus that cyber security is imperative to our national security, and that something has to be done to combat oversees hackers.
In discussing network security, a good mentor of mine is very honest in his appraisal of the world’s network landscape when he states, “with enough time and money anything is hackable.” While this sentiment is invariably true, the question remains what do you do to protect your network from external predatory hacking forces?
I have argued in earlier articles that like home invasion, network hackers are likely not going to enter your network through the “front door”; the dedicated cyber terrorist will exploit small vulnerabilities to create chaos and insecurity.
Although our business has been dedicated to protecting the serial console port of networks for a generation, Out-of-Band Management is a seldom discussed technology in security circles. Over the last couple of years, we have seen a significant uptick in customers demanding encryption for their backdoor engineering Out-of-Band access to network firewalls and routers.
If you don’t know what you’re using for Out-of-Band security you are not alone. The security options we’ve seen deployed on sensitive network vary from password/ID to unplugging the network connection (until needed), for critical engineering access to network equipment. Since Out-of-Band Management is often viewed as a backup plan, security for this sensitive network access can be overlooked.
Cyber security is an important business issue which arguably is only going to get more complicated as hackers become increasingly more sophisticated. If you are responsible for network security and are not protecting key assets to the extent you can, good things are not likely to happen. I encourage you to have a look at management access to your network, and appraise the risk of a full Out-of-Band attack.