ConsoleMon ™
Platform independent system, application and network infrastructure management solution

Accountability and Compliance

ConsoleMon™has been designed with compliance and security firmly in mind, fitting in with business policies.

Most current Servers operate with integrated remote management processors, installed on iLO or DRAC cards, etc. These need to be accessed by skilled system management staff and engineers. With the ability to access system consoles, perform power recycle operations and much more, it’s important that these management processors are locked down and do not allow a security breach through the “back-door”. ConsoleMon™ can easily be configured to meet these requirements as follows:

  • The management processors can be networked with ConsoleMon servers in a secure and separate subnet from the general user PC and server network, ensuring that there is a clean separation that prevents users or sniffer tools attempting to break into such devices.
  • The ConsoleMon servers can have multiple separate network connections, to reach the general network and the secure subnet.
  • All access to the consoles and devices can therefore only be reached and routed through ConsoleMon. Telnet or secure SSH connections can be fully captured, along with all console traffic on the port, 24x7. So all attempted and successful logins to the consoles are recorded, along with the commands executed by logged in users. This greatly enhances accountability and the need to find out quickly and easily who did what and when.
  • It’s also good practice to disable web access to sensitive consoles and devices where appropriate. GUI or web based access is harder to monitor and capture. By disabling such tools, the only permitted access is through ConsoleMon.
  • ConsoleMon also allows a flexible and configurable range of options for remote access. Organisations may allow authorised remote users to access the consoles and devices by connecting to ConsoleMon via a virtual private network connection (VPN). Alternatively, a ConsoleMon agent can be used to provide client and server communication directly through the internet via an encrypted tunnel.

Security and compliance are the key goals – ConsoleMon allows you to configure your monitoring infrastructure in whatever way meets your requirements.