Home » Blog » Supporting the Financial Industry with Enhanced Out-of-Band Management

Background/Problem

A Fortune 250 multinational financial services institution needed a replacement for their Cisco Integrated Service Routers that were reaching End of Life (EOL). The customer wanted an Infrastructure Management solution that would replace the Cisco ISR’s while allowing them to continue their growth and innovation. They needed a solution focused on the next-generation of IT management, with a robust security stack and additional key features baked in. They needed security they could trust and verify against vulnerabilities and penetration tests. Customizable security policies with enterprise grade encryption options were also a part of their selection criteria.

As a result, the customer conducted a bake-off between ZPE’s Open Infrastructure Management solution and other purpose built Serial Consoles from legacy serial console vendors. ZPE provided the Nodegrid Serial Console (S Series) for evaluation, which was designed and built for managing hybrid environments like theirs that consist of both current and legacy devices. What was expected to be a long-term bake-off, turned out to be a quick and convincing win for ZPE’s Nodegrid Serial Console.

“The (Nodegrid Serial Console) solution was far superior to all the other units we tested” said their Global Networking Engineer. “It wasn’t even close.”

With a large administrative staff scattered around the world, the customer needed a highly secure remote access and control solution that delivers a 360-degree view of the global infrastructure, integrated with an existing management message bus, and enforced session self-termination from the user’s workstation all the way to the target device. They also required user defined roles, each with specific sets of permissions, access, and control rights over particular devices on the network.

NSCDiagram

Finally, the solution had to meet the strict regulatory requirements of the financial industry. The ability to provide detailed logging and auditing records for inspection and compliance was a must. – NSC allows the user to keep track of who accessed which devices, when, and what actions were executed by the particular user.

The Solution – Nodegrid Serial Console™

ZPE’s Nodegrid Open Infrastructure Management solution addressed all the customer’s needs and more. Nodegrid’s customizable user access and control settings gave the customer the flexibility it’s administrative staff needed. With enterprise grade security baked in, the customer was able to add an additional layer of security to their In-band and Out-of-Band Infrastructure. Nodegrid’s ability to provide detailed auditing and security logs helped the customer maintain compliancy.

Key Determining Factors

Software stack running on latest version Linux OS to clear vulnerabilities and penetration tests. Ability to keep it up to date based on latest HW/SW design
Strong 4096-bit encryption and cypher suite levels for secure communication and policies customization.
Patent pending full self-termination sessions and regulatory logging trail
Clustering for 360-view of the targets around the globe
Flexible integration with the management service bus in order to track changes, automate configuration via ZTP
Modern x86-64bit Linux OS allows the user to add custom extensions

Key Features

ZPE’s Nodegrid Solutions come with the following security features standard.

    • Zero Touch Provisioning (ZTP)
      • Some of the infrastructure needs to be deployed remotely – All that’s required to make sure deployment is successful is the MAC address of the new units.
    • Logging and Auditing for Inspection and Regulatory Compliance
      • Nodegrid logs all the standard data — who logged in and when — as well as data that our competitors don’t capture, such as the content of login console sessions – not just records of who and when, but the “what.”
    • Nodegrid’s security and logging features fulfill regulatory compliance needs of the financial industry.
      • Enterprise Grade Authentication and Authorization
      • Patent Pending Security
      • Disconnection Enforcement
        • Extensible Self-terminating Session Commands
        • TLS protocols, X.509 SSH certificates, Cypher Suite Levels
        • Firewall and Secure Tunnels
        • Alerts and ActionsEnterprise Grade Security
    • Fail-over to enterprise grade 4G/LTE modem, VPN, Firewall & IPsec
      • Your choice of carrier, model, features and plans. ZPE doesn’t lock you into one or two predetermined carriers. Choose any carrier regionally and globally based on availability, reception and cost. Ideal for network failover and redundancy at globally distributed remote offices and clinics.
T48S

Next Step: Schedule a Demo and See What NodeGrid Can Do For You

We are perfectly positioned to meet anything manufacturers can throw at us. We pioneered IT infrastructure access and control back in the day and we’re pioneering IT infrastructure access and control for today and the future. Check us out. You’ll be glad you did.