Complex desktop, systems, and network management issues are often magnified in the remote branch location. Many factors are involved, including:
• Growing IT assets but limited or no IT staff in the branch
• The need to manage increasing branch infrastructure (file and print servers, e-mail and security appliances, routers and switches)
• Outdated hardware, operating systems, and applications
• The need to reduce power consumption and manage cooling and space needs
• The need to manage assets (asset tracking, license management, patch/upgrades)
• The increasing use of valuable network bandwidth for management instead of revenue-producing business operations
• Geographically scattered assets and varied and inconsistent management tools creating security vulnerabilities
• Difficulty in complying with regulatory requirements
• The increasing security risk from remote access to branch equipment
• The high costs to enable maintenance and patching
• The need for additional devices to implement branch management solutions, creating even more complexity and costs
The majority of servers today contain a service processor, a hardware and software platform typically built into firmware on the motherboard and accessible over Ethernet that operates independently from the server's CPU and operating system. Service processors enable remote access to power control, sensor readings, server configuration, monitoring and remote keyboard and mouse control, even if the server's CPU or operating system is locked up or otherwise inaccessible.
Managing a rapidly increasing number of network devices, applications, and patches that span servers, desktops and mobile devices can require a wide range of third-party tools, driving costs higher. If systems go down and support is required, onsite visits can easily exceed the cost of the hardware. Other business costs continue to rise because of network downtime, poor system performance, malicious attacks from viruses and hackers, or the need to comply with new regulations such as the Health Insurance Portability and Accountability Act (HIPAA), the Sarbanes-Oxley Act (SOX), and the Bank Secrecy Act (BSA).
How It Works
Avocent MergePoint software consolidates remote server management inside the Cisco ISR, while providing out-of-band server access, secure serial-over-LAN (SoL), power control, and hardware monitoring of connected servers.
As Figure 1 shows, from a single Avocent console, an IT administrator has a consolidated view of every server and desktop PC on the network, and can identify security vulnerabilities and remediate them without physical access to the device. Avocent's LANDesk software simplifies the handling of patches and upgrades by presenting a single, consistent listing of current software revision levels and patches. If a new patch or upgrade is needed based on policies set by the IT administrator, the patch can be automatically downloaded and staged somewhere on the network, such as the Cisco AXP card in the ISR. The targeted PCs at the remote site automatically retrieve the patch from the Cisco AXP card and the patch is installed on each targeted PC. Because Avocent's LANDesk software automatically maintains a historical record of patches and upgrades, it creates an audit trail of installed software revisions to meet regulatory requirements, and does all this requiring virtually no touch from the branch or remote office manager or administrator.
Figure 1. Branch Offices Managed by Avocent Software on AXP
AXP Product Overview
The Cisco Application Extension Platform (AXP) provides a standards-based Linux hosting environment within the ISR allowing 3rd parties to integrate applications with the router. Tightly integrated, the AXP environment is configured and managed through the router. Harnessing this integration, an AXP application can appear to the end-user as an extension of the router.
• Provides simpler branch management with fewer applications and appliances
• Eliminates costly physical inventory procedures
• Holistic and extended network management
• Anytime, anywhere access to servers at remote locations by IT personnel
• Improved MTTR and reduced costs by not having to be physically present to effectively manage devices at remote sites
• Help with ensuring continual uptime and availability of critical servers at remote sites
• A simple, unified interface to access servers manufactured by multiple suppliers, which lowers training costs and provides new capabilities with minimal effort
• Helps ensure the integrity of remote devices-branch assets remain updated and secure
• Enforces corporate security standards on devices attaching to the branch network
• Helps avoid the risk of business interruptions from unintentional or malicious attacks
• Identifies servers and PCs that are at risk
• Gives IT administrators the ability to control access to any server based on desired IT function, geographical location, or other criteria identified by IT
• Access and control remote servers anytime, anywhere, while maintaining auditable security control
Avocent helps companies comply with corporate IT standards, regulatory requirements (including HIPAA, SOX, BSA), and contractual obligations by:
• Monitoring devices to ensure compliance
• Sending and receiving alerts when compliance is compromised
• Enforcing policies manually or automatically through Avocent consoles
• Generating reports to review for adaptations to corporate procedures and policies and present to corporate executives and regulatory bodies to demonstrate compliance
About Avocent and LANDesk
Avocent delivers IT infrastructure management solutions that reduce operating costs, simplify management, and increase the availability of critical, "always on" IT environments via integrated, centralized, in-band and out-of-band hardware and software. Through LANDesk
®, Avocent also is a leading provider of systems, security, and process management solutions that help IT teams automate and simplify the management of desktops, servers, and mobile devices. Additional information is available at: