Customer Premises Out of Band Management Platform Ideas
-
As an outsourced service provider, it is not uncommon for us to need to deal with things at a customer site that are simply not feasible through their primary WAN connection (often because we are needed when the WAN fails.) Getting remote hands to the site is not always possible and, more commonly, getting the right remote hands to a site is even harder. You want the full scope of experts on your team available to look at a problem, not just whoever happens to be nearby and available. And remote access is effectively instant whereas getting to a site, even for an idle, local resource might take hours - especially if an issue happens at night and the site is locked.
To address this we (NTG) were considering buying or building a remote access, out of band platform that would allow us to get into a customer site and work as if we were local. This would allow us to see inside network activity, check switches and routers even when the network is down, with serial connections we could manage devices via console ports, not interact with the customer WAN while testing, etc. Potentially run extra monitoring as well. It would let us proactively fix customer issues before they even know that they have happened. And it would allow us to work and monitor without tying up customer equipment (like a desktop or server.)
We were kicking around some ideas around this but I'd like to get broader input. The idea seems great and something that we have thought about for a long time.
We thought about using something running Linux (possibly a Raspberry Pi or similar) but there are many network tools that for an SMB require Windows. So Windows might make sense. But Linux is far easier for a great many things. But Windows had easy PowerShell and LogMeIn integration. Linux would allow an unlimited number of NTG staff to be working remotely at the same time, Windows only one. Something powerful enough to virtualize both is an option, of course.
Some ideas...
- Virtualize so that we can have Windows and Linux at once.
- Need several serial ports so that we can connect to the consoles for many network devices at once (routers, switches. etc.)
- 4G Connectivity so that we can connect out of band rather than rely on a standard WAN link (this makes SSH to Linux that much more attractive due to bandwidth concerns.)
- Run monitoring tools like Nagios.
- Low power so as not to put a large draw on the network
- Rack mount option would be great
-
What about using a reburbed server. Low cost but you get more memory and drive options than an embedded platform, serial is commonly included and it is already rack mountable.
-
@scottalanmiller said:
Linux would allow an unlimited number of NTG staff to be working remotely at the same time, Windows only one.
Does this restrictions still exist when you are just opening a Powershell Session to the Windows server?
@Reid-Cooper said:
What about using a reburbed server. Low cost but you get more memory and drive options than an embedded platform, serial is commonly included and it is already rack mountable.
Agreed, a nice low-to-mid range refurb server would probably be exactly what you are looking for. Just emblazon it with the NTG logo and install Xen on it.
-
Using a server blocks (IMO) some of the feature sets desired.
- Low power
- 4G service
I don't think a Pi will function in that regard.... Sadly one of the first devices I can think of is a Laptop. I have several here that would allow for a SIM,.. so bypasses the WAN.
As for development - take any device, and build it out as a VM with your OS and tools and go from there...
-
If you install Xen you get hit with VDI licensing requirements for Windows desktops, though. If you use Windows desktop as the "base" OS and install the HyperV role it bypasses that while still virtualizing everything. It's not ideal, but it saves a lot of money. Really odd that MS does that, but hey, it's pretty minor overall. That way we can have both Windows and Linux on the box at the same time.
-
@g.jacobse said:
I don't think a Pi will function in that regard.... Sadly one of the first devices I can think of is a Laptop. I have several here that would allow for a SIM,.. so bypasses the WAN.
Raspberry Pi can't run Windows, so that's a big limitation. Laptops are too fragile. That was suggested but it's hard to imagine customers not messing with a laptop that is sitting there.
-
@scottalanmiller said:
If you install Xen you get hit with VDI licensing requirements for Windows desktops, though. If you use Windows desktop as the "base" OS and install the HyperV role it bypasses that while still virtualizing everything. It's not ideal, but it saves a lot of money. Really odd that MS does that, but hey, it's pretty minor overall. That way we can have both Windows and Linux on the box at the same time.
I realize that XP is EOL - but would it remove the VDI licensing issue?
-
@scottalanmiller said:
@g.jacobse said:
I don't think a Pi will function in that regard.... Sadly one of the first devices I can think of is a Laptop. I have several here that would allow for a SIM,.. so bypasses the WAN.
Raspberry Pi can't run Windows, so that's a big limitation. Laptops are too fragile. That was suggested but it's hard to imagine customers not messing with a laptop that is sitting there.
Agreed. It was the first thing I thought of having a SIM - I have not looked for / at other cellular devices - or cellular embedded devices.
-
@g.jacobse said:
@scottalanmiller said:
If you install Xen you get hit with VDI licensing requirements for Windows desktops, though. If you use Windows desktop as the "base" OS and install the HyperV role it bypasses that while still virtualizing everything. It's not ideal, but it saves a lot of money. Really odd that MS does that, but hey, it's pretty minor overall. That way we can have both Windows and Linux on the box at the same time.
I realize that XP is EOL - but would it remove the VDI licensing issue?
No, XP isn't licensed for that use at all.
-
AirCard from AT&T / Verizon / T-Mobile?
-
That or something like it. Simple and reliable is what we need.
-
Branding the device is a great idea. It's a good opportunity to remind everyone who is managing things. And it would make identifying the device that much easier.
-
A commercial device would mean easier to find parts too. Fewer issues should something fail.
-
@scottalanmiller said:
If you install Xen you get hit with VDI licensing requirements for Windows desktops, though. If you use Windows desktop as the "base" OS and install the HyperV role it bypasses that while still virtualizing everything. It's not ideal, but it saves a lot of money. Really odd that MS does that, but hey, it's pretty minor overall. That way we can have both Windows and Linux on the box at the same time.
Does this apply to Windows Server too or just the desktop OS? Although I can see why you would want a desktop OS with cost alone being an issue.
-
VDI is a desktop only thing. VDI = virtual "desktop" infrastructure. While you can sort of make desktops out of server OSes and call it VDI, sort of, because it acts that way, the entire idea of VDI exists only for the Windows desktop licensing world. There is no VDI licensing for servers.
-
@scottalanmiller said:
VDI is a desktop only thing. VDI = virtual "desktop" infrastructure. While you can sort of make desktops out of server OSes and call it VDI, sort of, because it acts that way, the entire idea of VDI exists only for the Windows desktop licensing world. There is no VDI licensing for servers.
That is what I assumed but your previous remark made me second guess it. Thanks for the clarification.
-
I checked with a fellow IT'er and Engineer and he doesn't know if a Desktop that has a Cellular option. So anything you 'add' with be 3rd party.
(ETA) At least As Far As I know....
