Management and security – SSH is not enough

Security has become a key parameter for selecting OOBI components as its ability to manage large numbers of network and IT devices dispersed over multiple locations becomes more important in minimizing data center downtime.

Capitalizing on that trend, some vendors market their products as secure based on the support for a few security-related features (for example, many console servers are called secure just because they support SSH connections). That is in contrast to the time when most remote administration was done with Telnet through an insecure terminal server over a local area network.

As discussed earlier, the support for an isolated feature does not define a secure product. To be secure, a product must incorporate a complete, robust, and consistent set of features needed to support security policies in the data center.

The software embedded into those products must be designed with security in mind; the code should be tested and audited for a sound security design. Patch management should be implemented so that newly uncovered vulnerabilities are fixed promptly.

Most importantly, the product must be configured and installed so that it is secure within your specific environment. An OOBI component vendor should be able to provide guidelines and support for installation of its products within a secure environment.