I would like to ask for some recommendations on remote management of network equipment (firewalls, switches, routers). What I have found so far seems unduely expensive and does not do as much as I might hope.
- remote access via ethernet
- ssh or IPSec to encrypt the ethernet connection
- some kind of reasonable user authentication
- 1 (or 2) RS-232 ports @ 9600 bps to connect up console of remote device
- ability to turn on/off a standard AC power outlet (i.e., to power cycle a stuck device)
- possibly a built-in UPS (minimum single-inversion, preferably double inversion)
- additional ethernet connection with ping and telnet, so that I can probe the network from a different network port
- some mechanism by which I could mirror/span a switchport to the device and look at the packets from the remote end
- some file storage and a tftp server, so that I can remotely update devices from a system "close" to them [a process that might temporarily knock out the WAN connection]
-- access-controls so that the tftp server is not accessible to the world
-- scp or other similar mechanism so I can remotely push the files to the device. Assume that tftp is blocked between me and the remote device, and that plain ftp would not be my preference as I would rather not have my configs flying around in the clear.
It's not much -- just equipment to be able to work with recalcitrant networking devices that are a thousand miles away. Or even just on equipment that's only one floor down ... but the network is sick -now- and it'd be faster and easier if you didn't have to run to Security and sign out The One Key...