Out-of-Band (OOB) Management of Network Devices
The management plane traffic contains critical information about your enterprise network. Sending management plane traffic along with user traffic is considered as a security risk. Out-of-Band (OOB) management recommends a separate network to transport management traffic, where management traffic is isolated from user traffic.
Out-of-Band (OOB) protects the management plane traffic with a separate dedicated network to manage the enterprise network equipment, which is different from the network which carry user data.
Out-of-Band (OOB) type of network provides management traffic isolation, enforce access control, prevent the user data traffic from entering and transiting management network.
Out-of-Band (OOB) type of network can be implemented using different security technologies.
1) VLANs and Private VLANs
2) VLAN Access Control Lists (VACLs) and Port Access Control Lists (PACLs)
3) Using SSH (SSH provides better network security than Telnet, using encryption technologies)
4) SNMPv3 (Better Encryption and authentication, compared with previous versions)
5) VPN (Virtual Private Networks) tunnels for site-to-site communication
6) NTPv3 (Network Time Protocol is used to synchronize the system time in network devices. Time synchronization is important, because many authentication protocols like Kerberos are require same time in all the devices. NTPv3 provides better security using secure authentication)