Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1936
Views
0
Helpful
1
Replies

OOB Management Hardware selection

TheSlyOne
Level 1
Level 1

‎10-14-2019 02:25 PM

 
I am about to build an OOB Management network, for about 10 sites, and am trying to identify the most cost effective hardware. I intend to provide OOB Ethernet and Serial connectivity to each network device on my main network which is around 100 devices. The kit is spread out in some DCs and no copper between some racks. My basic plan so far is:
 
  • Cisco ASA5508 firewalls at each site, with an internet connection.
  • Two sites designated as Hubs, connecting with IPSec to all others in a double hub & Spoke.
  • Small Sites (x6)
    • Less than 6 Switches to manage can connect direct to the firewall
    • If more than 6 ports are requires then a 24 port switch.
    • 6 port Serial Console server
  • Larger sites (x4)
    • Racks are spread out across DC in about 8 groups
    • Each group will need a Serial console server with an appropriate number of ports
    • Each rack group will need a switch, that switch will need to uplink back towards the firewall with Fibre.
    • The ASA 5508 firewall does not have fibre ports (the 5525 with expansion does, but that is too expensive and only 6 SFP ports). So I need a Distribution switch with > 8 x 1G SFP interfaces. This is the main device I am having difficulty identifying.
    • Each rack group will have a small switch with 1/10/12/24 1G copper interfaces (depending on group size) and an 1G SFP uplink.
Some basic requirements are:
  • I don't want to buy EOL kit, it all has to be supportable.
  • All of the kit I need to manage has either 100Mb or 1Gb copper interfaces.
  • Bandwidth throughput does not need to be high.
  • This is not a fully resilient network, it is just a simple double hub and spoke.
  • The Two Hub sites are the biggest DCs. Most of the others are small 1 or two racks.
  • The hardware doesn't have to be Cisco, although I am most familiar with it, but it does need to be one of our existing three that we already use, as I don't want to add a fourth vendor. They are Cisco, Arista and Juniper.
  • I really don't like media converters, as I have found them to be unreliable in the past.
  • All kit must be rack mountable.
  • Hub sites will have some services running to support management, like touchdown server, TACACS, syslog, DNS, DHCP, snmp, NTP.
If anyone can share their experience setting up something like this and recommend any hardware it would be greatly appreciated. Alternate suggestions to the above are welcome, if you think there is a better method to achieve the same goal.
Labels:
0 Helpful
1 Reply 1

balaji.bandi
Hall of Fame
Hall of Fame

‎10-14-2019 03:32 PM

High-level reasonable approach and can be achievable, and improve if any further learning lessons, based on ongoing issues reported because OOB is very much required when the need of the hour, and that hour or minute we should have right connectivity to fix the issue,

 

1. make some high-level network topology

2.  consider small UPS as backup power.

3.  SMB switches have as per your requirement 

https://www.cisco.com/c/en/us/support/switches/small-business-300-series-managed-switches/tsd-products-support-series-home.html

4. good to have some 2 factor authentications to secure.

5. Monitor system for this OOB network, make sure it available all 9's

 

 

 

 

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

0 Helpful
Customers Also Viewed These Support Documents

Review Cisco Networking for a $25 gift card