In-band and out-of-band network management

There are two ways to manage a network: in-band network management and out-of-band management (OBM).

In-band management interfaces and ports

In-band router interfaces are the LAN (i.e. Gigabit Ethernet, Fast Ethernet, and Ethernet ) and WAN (i.e., eHWICs) interfaces configured with IP addressing to carry user traffic. Ethernet is the most common LAN connections. DSL in-band and serial ports are the common WAN connections.  In-band is managing devices locally through the network itself, using a telnet and SSH connection to a router. The SNMP-based tools are also used to manage devices using in-interfaces.

It is the usable method to manage a network. in-band network management is not enough for a large network because, in case of a fault in the network, it is very difficult for the network administrator to reach the affected devices and resolve the problem. Therefore alternate or secondary management method required resolving the problem or to access the source of the problem. The second method Out-of-Band Management (OBM) interfaces.

Out-of-Band Interfaces and Ports

If there is a problem with a device such as a server or a router, and traffic cannot flow through the network, and the administrator needs an alternate path to reach the network nodes for diagnosing the problem even when the network is down. This situation needs Out-of-band access to the network. All Management ports including console and AUX ports are the types of out-of-band access interfaces. Out-of-band access refers to access using a dedicated management channel that is used for configuration and management.

Out-of-band management provides an alternate path when needed to access the network nodes. It also provides coverage to many pieces of manageable equipment or intelligent devices that may not have a direct network connection to the data network, such as uninterruptible power supplies, PBX phone systems, and intelligent thermal controls. For large and critical networks, in-band management interfaces are not enough. So, these networks need a secure remote connection network access path to manage and troubleshoot when the device is not on the network, the device does not network manageable or the data network is down.