Blog Archives

The Future Of Out-of-Band, Part 1: Independent Management Plane and Creating A Network For Network Engineers

The needs of an enterprise are constantly evolving, which creates a continuous demand on the network. The solution to support those current and emerging requirements is an independent management plane, also known as an Out-of-Band network. It provides an organization with many remote capabilities – a necessity when dealing with current travel restrictions, staffing shortages and the increase of distributed sites. In this blog series, we’ll discuss how Out-of-Band management is the first step when creating a resilient network –  and once you’ve got that, how simple it is to introduce NetOps into your enterprise. Flexibility and functionality are able to be added in by just layering it onto an existing solution, like Out-of-Band, but we’ll get to that later.

Let’s start by talking about current network architectures. The way many networks are setup assumes that an organization relies on its production network to manage that same network – and this isn’t a great idea. It’s dangerous because when an issue occurs, most times, an engineer won’t have access to that production network, disabling them from accessing critical devices and interrupting business operations.

To keep the network running at all times and reduce downtime as much as possible, a separate, secure management plane is key. An Out-of-Band network provides engineers with a secondary way to securely connect to the network during an outage. This enables them troubleshoot and remediate any issues remotely, while also providing the ability to complete many other every day device management tasks. During a disruption, Out-of-Band is your safety net.

Identifying And Remediating Network Issues

When network issues occur, most times, the Internet is still available but it can be impossible to use because the amount of congestion.  When this happens, enterprises often make the mistake of pushing the configuration point to a network device. This actually slows down the network. The sheer volume of traffic flowing through it makes it even more difficult for a network engineer to access the relevant device, go in via the production network and fix it. Out-of-Band solves that problem by providing always on access to the network via a separate management plane.

Not only does this allow engineers to remediate the issue without having to step on site or interfere with business operations, it also improves security. It gives administrators the ability to lock down features in the production network. For example, only allowing team members with certain credentials to push a configuration.

This particular feature is helpful because as we know, in most organizations, there are lot of individuals in an IT department that have access to the main production network. Anyone who has IT credentials has a reason to access it. This is just one of the many reasons why it’s important to set the network aside for engineers only. They have specific tasks to do that nobody else from the team would be qualified to complete, like configuring devices. In general, that is a task that organizations would typically not want anyone else from the IT team, or a third party contractor to do because one push of the wrong button can take down the entire network and cost thousands of hours in downtime.  Rather than everybody using the same production network, an enterprise can set up an independent management plane for the sole for use of its network engineers.

Having this capability is just one of the many reasons why we call Out-of-Band, the network for network engineers. It provides them with the ability to configure devices, manage the network and automate common NetOps processes. It addresses most of their network management challenges while also anticipating future ones. Their networks are prepared for today’s requirements and to meet tomorrow’s demands.  One capability that many organizations are integrating into their networking approach is automation. For many, this is adding in NetOps capabilities.

The NetOps Dimension

Out-of-Band plays a key role in NetOps automation. But what actually is NetOps?  It stands for ‘network operations’ but that doesn’t paint the full picture. Stay tuned for Part 2, where we discuss entering the world of NetOps and how Out-of-Band can help.


Deploying To Remote Sites With Zero Touch Provisioning

Zero Touch Provisioning allows network administrators to automate repetitive tasks, reduce human touchpoints and minimize errors. For enterprises with any significant deployment, ZTP is scalable and allows engineering teams to streamline processes using automation, and leverage staff as effectively as possible.

Traditional deployments are a very manual process. They are time consuming, costly and error prone. We call it the “rinse and repeat” method. An engineer may have to go on site, log into a single unit through the CLI and configure the device for basic operation. All of this has to be done before the process of configuration can be completed from the central management system. It makes you think, there’s got to be an easier way – and there is.

Leveraging ZTP

Zero Touch Provisioning combines automation and provisioning capabilities to do most of the heavy lifting during deployment. This solution simplifies the provisioning and configuration of devices with a process that can be completed in a matter of hours, instead of days. For enterprises who don’t have the IT staff to send on site, or are limited by travel restrictions, ZTP ensures devices can for the most be part be set up remotely, without the need for a highly technical engineer on site. And for those in the healthcare, financial services and retail industries with many new sites to constantly get up and running, this automation can enable faster deployment across wider geographies.

ZTP has many benefits. These include:

ZTP With Opengear

The basis of Zero Touch Provisioning is automation. ZTP of managed devices using an Opengear appliance involves an integrated DCHP server and the Secure Provisioning Module of Lighthouse. This allows engineers to completely automate the provisioning process on Day One remotely. The device is sent to the remote site without any configurations other than the Lighthouse address. The Opengear is configured to recognize the managed devices and provide them with the appropriate operating system image and configuration files.

SECURE PROVISIONING INFOGRAPHICBefore being shipped, each Opengear appliance is preconfigured for 4G LTE network connectivity so that once it arrives at the remote site it can securely connect to Lighthouse. The appliance is shipped, racked and stacked. After the appliance has been powered up, the embedded TPM 2.0 chip performs an integrity test to ensure the device hasn’t been tampered with during shipping. The device then creates a WAN bootstrap network to form an independent Out-of-Band network between the remote site and central operations. It receives a provisioning bundle based off of the devices that need to be provisioned. The network admin then remotely prepares the operating system images and configuration files in Lighthouse while the remote tech cables up the managed devices. Opengear’s distribution policy ensures the correct configuration files are delivered to each device.

For engineering teams dealing with travel restrictions, lack of staff and trying to meet enterprise network demands, Opengear’s smart solutions will provide you with the capabilities to automate most of your processes, all from the comfort of your own home. To learn more about ZTP with Opengear, visit our NetOps Automation Page.

2021 Network Predictions

This past year has led to a new range of considerations for the network industry. The COVID-19 pandemic and its impact around the world has created a large move towards remote working. This rapidly shifting landscape has left many business scrambling, putting new technology and practices into place to ensure they aren’t left behind.

As life suddenly became remote, technologies that many enterprises were just beginning to implement or consider were moved to the forefront. Travel restrictions left many engineering teams figuring out how to complete Day One Provisioning, troubleshoot, increase security and complete every day device management from their homes. Major themes that we saw emerge to meet demands were automation, increased reliance on VPNs, more remote deployments and leveraging the cloud. 2021 is set to be a transformative period for network management. The Opengear team shares their thoughts on what may happen this year.

Our 2021 Predictions

Todd Rychecky, VP of Sales Americas

Enterprises have seen great challenges this year, which in large part is due to COVID-19. Now, network teams work remotely. Many are not able to travel and when they do sometimes they can’t even get into the building. This has created a need to find creative ways to collaborate and work together to bring up new sites, which is a necessity since new deployments are critical to stay competitive in the market place. This is where secure, remote access comes into play.

Those that have it are glad that they do and those that don’t wish they did. CIO’s will budget for these types of solutions that will prepare them for the next “event.”  There will also be huge investments in digital transformation, including network resilience solutions. These will include secure remote access, disaster recovery and most importantly, hyper-automation. It is the whole idea that anything that can be automated in an organization should be automated.  Legacy business processes need to be updated to improve efficiencies, speed, and business agility so they stay competitive and won’t get left behind.

Alan Stewart-Brown, VP of Sales EMEA

While equipment and digital assets have long been protected with physical security measures, the move towards working from home will mean additional layers of virtual security will be needed to protect remote workers, such as intellectual property and double factor authentication measures, along with defenses against cyber-attacks.

SD-WAN will benefit from implementation with Secure Access Service Edge (SASE) to provide scalable security controls for remote work, which will help mitigate security risks. Improvements in security will also increase uptake of blockchain technology, with more industries looking to adopt this solution. Integration of automated processes will help to improve efficiencies, speed of processes and business agility. Leveraging automation will enable businesses to balance and secure the increase in remote connections. Doing so will also augment local IT staff for service recovery and daily routine tasks. At the core of this automation will be the need to enhance resilience across operations, enabling organizations to be ready for any external factors that may affect them in future.

Brendan Walsh, Director of Sales APAC

The single biggest challenge this year has been the remote workforce and the numerous challenges it has brought to bear. Companies that had already invested in moving their environments into the Co-Lo or cloud were in a better position to ramp up to meet the demands of individual users logging on discretely. In light of this, enterprises are going to need to strengthen their network security.

The business world will never go back to the 2020 norm or pre-COVID-19 times. Many users will continue to work remotely and will want the ability to keep access to all their normal work environments regardless of location. However, as 2020 was spent getting people online and giving access, 2021 will need to migrate to security. With so many attacks these days, the cost to businesses is crippling. As the demand for remote access has ramped up, so has the need to add additional layers of virtual security. With the ever expanding security layers, a much more robust management layer will become a necessity, a management layer independent of the data and control layer.

Dan Baxter, Sales Engineering Manager, US

In the past year, many technology adoptions have had to been made very quickly. The entire tech field has had to change and adapt to a new dynamic. Prior to COVID-19 the trend to move services and infrastructure to the Cloud or COLOs was well under way.  That has accelerated that migration for end users and on the flip side meant providers have had to ramp up capacity.  All of this now needs to be done by workers operating remotely.  This means selecting the right remote meetings options, securing VPN access for an entire work force, expanding the capacity of secure portal access, and finding ways to build up infrastructure with limited remote hands.  Businesses shifting to the cloud, and it is almost everyone, will be looking to take advantage of new cloud services such as AWS Network Firewall Services or those offered by services providers like IBM.  It’s now no longer just about moving applications and services to the cloud, it’s about how you do it better, faster and more securely.

Alan Barnett, Senior Sales Engineer, EMEA

Organizations are going to need to strengthen their networks. Resilience is the key, with designed-in redundancy, multiple paths, and full WAN redundancy delivering the reliable network connectivity that is required for mission critical cloud services. The operations team need the ability to automate the remote provisioning of new equipment, upgrades and changes, and the often overlooked ability to re-provision the whole stack if something goes wrong.  This particularly applies to servers, which provide critical local services, and may be running virtualized network functions (VNFs), a whole stack of software including the operating system, hypervisor, and virtual applications, all of which need managing, configuration and regular updates.

David Fiore, Senior Product Manager

The pandemic has and will continue to push network engineers to increase edge build out, with a sustained focus on tools that allow remote diagnostics and troubleshooting. Many users will continue to be remote for a long time and getting data closer to them in region will become critical for continued business operations. This will make VPNs and end points of utmost importance. Users will be connecting to these sites and uptime is critical. To ensure work continues to get done, administrators will need tools in place to resolve issues remotely and efficiently. Redundancy is key to keeping networks up. Secondary connectivity, remote support tools and sustained throughput are keys to success for 2021.

Ryan Hogg, Senior Product Manager

Reliable, resilient, and self-remediating connectivity are more important than ever. With less physical access there is a need for more remote access resiliency. Organizations will require increased security for both physical and logical access to infrastructure. Hardware may be deployed in environments where physical access is difficult to manage, so devices will need HW tamper and stored data protection using TPM chips or a similar technology. Other technologies that will continue to increase in use are Zero Touch Provisioning and other automation tools, which have accelerated as a surge of users move from centralized site infrastructure to home based connections. This shift required deploying new equipment for VPN concentration, load balancing and remote backhaul bandwidth to on-prem resources. Organizations can leverage automation to help balance and secure the large increase in remote connections.

Looking Forward to 2021

Although there are many things we’d like to forget about 2020, there are also many things that we’ve learned through adaptation that we take with us into the new year. It’s not a question of if enterprises will invest in IT, but where. From distributed cloud models to edge deployments and increasing the use of automation, organizations will be using new technologies for their evolving demands. To learn how Opengear can help with your digital transformation to increase network speed, improve efficiencies and ensure business agility, download our white paper, The Network For Network Engineers.




Secure Deployments With Trusted Platform Modules

A Trusted Platform Module (TPM) chip is a secure crypto processor that provides hardware based, security related functions. Introduced in 2009, more than 2 billion of these chips have been embedded into a wide range of devices such as PCs, ATMs and most recently, in Opengear console servers.[1]

These specialized TPM chips can be used with any major operating system. They are placed into end point devices and store critical data such as passwords, certificates and encryption keys. The encryption keys are specific to each host system for hardware authentication[2] :

As travel restrictions remain in place and uncertainty grows due to the pandemic, enterprises must have the capabilities to securely deploy to a new location. Most times an organization will ship the devices and send a tech on site. In transit, boxes can be tampered with and even stolen. When something like that occurs, if there’s no TPM chip embedded, a lot of sensitive information is at risk. The NetOps Console Server solves that challenge.

The NetOps Console Server

The new Opengear NetOps Console Servers includes a TPM 2.0 chip, which consists of an encryption engine with secure memory. TPM technology has been common in laptops and server systems for a few years, but Opengear is one of the first vendors to include and use its capabilities in a network appliance.

For organizations deploying equipment to a new site, they aren’t always able to have technicians on site. The NetOps Console Server is a secure device, that can be sent to a new location, to manage Day One deployments with an embedded TPM 2.0 chip. This protects configuration files and prevents tampering.

When the device lands at the new site, it uses a 4G LTE secure connection to call home and enables the deployment process to be managed through our centralized management software. Up to date configuration and image files are pulled in while standard Docker containers and Python runtime environment allow automation procedures to run directly on the device.

TPM utilized in the NetOps Console server provides:

Learn more about how the NetOps Console Servers with embedded TPM 2.0 chips will ensure simple and secure Day One Deployments for your organization.




Setting up a 4G LTE Failover Network

4G LTE Failover or Failover to Cellular (F2C) allows enterprises to efficiently change over to an always available connection when a disruption occurs on the primary, wired internet line. An outage scenario is inevitable. Those with distributed sites, like in the retail industry, are all too familiar with it. When a POS system stops working, organizations are faced with losing business and money, with the cost of downtime at $260,000 per hour.[1] Not being able to process payments, customers will have to go elsewhere or an organization can take a riskier route and manually write down credit card numbers. This opens up a wide range of liability and non-PCI (Payment Card Industry) compliance.

However, if an enterprise has a Failover to Cellular solution in place, or equipment with this capability built in, they are ensured always on network connectivity. If the primary wired internet connection is lost, Failover to Cellular kicks in. Providing speed to keep the network running smoothly, and continued internet connectivity for remote LANs and equipment over 4G LTE, engineers are able to restore the WAN without the need of manual intervention or impacting normal operations. They are then able to automatically activate a secondary connection to reestablish in and outbound network access.

Working similar to the 4G LTE technology on a smart phone, this kind of connection allows enterprises to pay per unit of data. Ensuring a consistent monthly cost depending on the carrier chosen to use, it can be deployed by simply plugging the SIM card from the carrier into the networking equipment.

Failover To Cellular With Opengear

In Opengear devices, Failover To Cellular is built-in with the internal or external PSTN modems that can be used for this. Once it is enabled, the equipment is able to detect failures by sending ICMP ping requests from the network to a primary and secondary probe address remotely. If these requests fail, the primary connection has been reestablished and the devices automatically fail forward. Opengear devices have three operation modes.

4G Cellular tower

Always Up Out-Of-Band Mode

This is the default mode when no failover scheme has been configured.  Failover detection is disabled.  Only inbound connections on the cellular interface are routed back out the cellular interface, to enable Out-of-Band access from remote networks, like through incoming SSH.  Otherwise outbound network connections, like through a VPN client tunnel or SNMP alerts, are established according to the main static routing table, regardless of network state.

Failover Mode

Failover detection is enabled on the primary interface.  The secondary interface remains in a down state with no network configuration.  When failover is initiated, the secondary network interface is started and configured.  If a default route is installed on the secondary interfaces, it takes precedence over the default route on the failed primary interface.  During failover, the outbound network traffic is established from the secondary connection.

Dormant Failover Mode

This mode combines Always Up and Failover mode.  Failover detection is enabled, however the secondary interface is kept in a dormant up state. Only inbound connections on the cellular interface are routed back out the cellular interface, to enable Out-of-Band access from remote networks.

When failover is initiated, the default route of the secondary interface takes precedence over the failed primary interface.  Outbound network traffic is established out the secondary connection during failover.

Implementing Failover To Cellular

There are many advantages to having Failover To Cellular. Providing remote access even when the WAN and LAN networks are down, engineers have the ability to quickly remediate the issue while having full network visibility. Failover To Cellular is a necessity for enterprises looking to ensure resilience and keep the network running at all times. To learn more about this technology, visit




The Basics Of Out-Of-Band Management

Out-of-Band management provides enterprises with secure access to critical devices, even during a disruption. When was the last time you had an outage? Everyone’s gotten that call at 3 AM telling them that a server or a network device is down. Driving or even flying to a data center or remote site can be time consuming and expensive, with just one hour of downtime costing an average of $260,000 per hour.[1] The site could be far and without the proper network visibility, they might not have what’s needed to remediate the problem. An Out-of-band network solves that challenge.

In-Band Management

In-Band management involves managing network devices through protocols such as https, web browser, telenet or SSH, administering the network via the LAN. Data and control commands travel across the same network route which means it has the same security vulnerabilities as the data plane. If that occurs, engineers could be locked out of the management plane. When an organization relies on their production network to manage their everyday network, if a disruption occurs, critical devices can’t be accessed, which puts business at a standstill.

Many enterprises that aren’t using an Out-of-Band management system are reliant on Plain Old Telephone Service (POTS) lines. Cost and reliability are some of the main reasoning in moving from this solution because maintaining these copper lines for carriers is expensive. Since 2018, the major carriers are no longer installing or maintaining existing POTS lines. This means that services and maintenance prices, which are already costly, may increase.[2] Any IT team that needs to maintain POTS lines is faced with expenses incurred from purchasing everything needed for onsite hardware. On average, it can cost between $50 and $100 a month for one POTS line, keep in mind, you’ll need two.[3] These are just a few reasons why organizations are looking at alternate, more reliable solutions to provide network resilience.

Out-of-Band Management and Failover To Cellular

Out-of-Band management provides a secure, remote connection to IT network environments during outages or disruptions in communications to the primary WAN/LAN connection. This is accomplished through the use of serial console servers (sometimes called terminal servers) which provide an alternate path of remediation for critical network devices through a separate management plane, often through a 4G LTE cellular connection. This ensures organizations with uninterrupted availability and network resilience. Implementing Out-of-Band management is simple, it’s done by placing console servers at each location and connecting them to routers, switches, and other key hardware.

Out-of-Band provides presence and proximity to these devices, with an appliance at every compute location, physically connected to critical network devices at the site. The independent management plane provides the core team with secure access to equipment remotely. This can be used for Day One, everyday management, and during network events. Remote equipment such as routers, switches, and servers are accessed through the management plane, without the need of directly accessing the device’s production IP address, also it is independent of the primary ISP connection that an organization uses. It is completely separate from the production network and allows engineers to monitor and manage devices without relying on the data plane.

Why You Need An Out-of-Band Network

So what are some other reasons why an enterprise would want an alternate way to access their equipment? There are a few reasons:

Security: Breaches are increasing, and a threat to organizations in every industry. If all of the administration or management ports are connected to the production network and an attack occurs, they can try to access your IT infrastructure. Whereas if the port is connected to an Out-of-Band management system, the LAN can’t access any administration consoles on that equipment. Since it separates the user and management traffic, engineers can lock down parts of the network, restrict access, and secure the management plane.

Business Continuity: If an incoming network feed is compromised – maybe a backhoe cuts it, and an organization’s ISP connection goes down –  how do business functions continue without being impacted? Out-of-Band management ensures that a tech doesn’t need to be sent onsite and remediation can be done remotely. Combined with 4G LTE, enterprises have a secure, alternate access path and Failover to Cellular provides the bandwidth necessary to ensure processes continue to operate during a disruption.

Enterprises are constantly looking at IT teams to cut costs and still provide always-on network availability. The initial expenses incurred during the rollout of Out-of-Band management will pay for themselves once deployed. Organizations will have better availability, reliability, and dependability, all at a fraction of the cost of POTS lines.

So let’s go back to our original question, when you’re woken up with a phone call in the middle of the night, how are you addressing the issue? If you don’t have Out-of-Band, you’ll have to roll a truck, the cost of this is $1,000 or more per event. [1] This is costly and with current travel restrictions in place, getting on-site is even more time-consuming. Every minute the network is down, money is lost and there’s no business continuity.

Out-of-Band allows you to identify and remediate the issue remotely, reducing the need for a truck roll. The increased visibility and remote management capabilities will help make your life easier, without having to rely on antiquated modems. Allowing for configurations to uploaded remotely, powering cycling routers and resetting equipment engineers can do all necessary tasks from one central location. You need a network that is always on and constantly available, go here to learn how Opengear’s Smart Out-of-Band management can help.





The Necessity Of Network Resilience in a Distributed Enterprise

distributed network with headquarters and multiple branch offices on a hexagonal gridThe choice of a distributed architecture for an organization is usually determined by the business requirement to support its remote office base at the same level as its main office. Branch offices broaden the reach of the business and are usually a sign of successful business growth. However once the decision to expand with branch offices has been taken, these offices instantly increase the responsibility of the IT/Network Manager who has to ensure (more…)

NetOps For Your Network

We’re proud to be the market leader in Out of Band Management, knowing that our customers rely on us to ensure always on access to their network. As demands increase and new network requirements emerge, we’ve continually evolved our solutions to meet those needs, such as being the first to offer an embedded LTE cellular module. And now, we’re excited to announce the next evolution of Smart OOB, with our new NetOps Console Server.

NetOps For Your Network

An Out-of-Band network is no longer just a response for those 3am calls, to get quick access to your network in an outage. From secure Day One deployments, to every day management of your devices, Out-of-Band and NetOps functionality is always useful 24/7, no matter what is happening.

The new NetOps Console Servers (our OM appliances) provide the secure access to console ports you expect from an Opengear solution, plus the automation ability of standard NetOps tools. Engineers can now deploy one appliance at each location, which will provide them with secure remote access. It will also enable presence and proximity which will serve as a base for programmability and automation of network management. Running on a x86 CPU, they support off the shelf Docker applications and a Python runtime environment.

These new console servers add a level of intelligence beyond normal Out-of-Band management:

OM1200 NetOps Console Server

Providing presence and proximity at every location, the OM1200 appliance is specifically designed for secure edge deployments, with 4-8 serial ports and a 4-8 port ethernet switch. Used in combination with Lighthouse Management Software, it is a key component of Opengear’s Network Resilience Platform, supporting the emerging requirements of network management and automation.

OM2200 NetOps Console Server

Combining the capabilities of Smart Out-of-Band and the flexibility of NetOps automation, the OM2200 appliance is built to meet the demands of data centers and high density locations, with 8-48 serial console ports. Like the smaller OM1200, it enables secure automated provisioning over LTE-A before the production network is live

The Network Resilience Platform, from Opengear

The Network Resilience Platform is built on the Lighthouse management software which orchestrates a remote network of Smart OOBTM Opengear appliances and NetOps Console Servers. The platform provides secure access to network devices, and automates common NetOps processes, via a separate management plane independent of the production network.

Why is a separate management plane so important? Current architecture assumes that an organization relies on their production network to manage that same network. This is dangerous because when an issue occurs, an engineer may not have access to that production network. The production network is also accessed by a wide group of users making it vulnerable to hacking. A separate, secure management plane, in the form of an out-of-band management network, ensures access to remediate even during an outage or network congestion. It also allows administrators to lock down many features in the production network to improve security. All network configuration and management is carried out on the management plane, of which access is restricted to only the core network team. You can think of it as “The Network Admin’s Network”.

The Network Resilience Platform allows Out-of-Band to move beyond just emergency access. The platform extends management access to the edge of the infrastructure through an always on management plane that is resilient to disruptions in the production network. Whether it’s for Day One provisioning, responding to a network outage, or every day management of devices, Opengear can handle it. It’s Smart Out-of-Band and NetOps. Together.

To learn more about adding the new NetOps Console servers to your existing IM7200, ACM700 and CM7100 deployments visit:

Ensuring Connectivity In The Age Of SD-WAN

The Software Defined Wide Area Networks (SD-WAN) market is rapidly expanding, becoming the standard in enterprise deployments.  According to MarketsandMarkets1, the global SD-WAN market size is expected to grow from $1 billion in 2018 to $ 4 billion by 2023.

In just the past year alone, we’ve seen a considerable trend when it comes to choosing to deploy SD-WAN and for many reasons. Allowing traffic to be routed over the most cost-effective services, such as broadband, an SD-WAN network can manage multiple types of connections including LTE, broadband and multiprotocol label switching (MPLS) links. Services that require high quality, such as video or voice, or high security, with sensitive information, can still be routed over remaining MPLS lines, although many enterprises are freeing themselves of MPLS entirely, allowing them to invest in Smart Out-of-Band with the savings. Because of this flexibility, SD-WANs can dramatically lessen the cost and minimise the complexity of traditional WANs. However, despite it’s gaining popularity, with deployments in data centers and at the edge, it still needs an alternative path of access to the network in the event of an outage.

SD-WAN Points Of Failure

In traditional branch networking, branch routers can go for years without needing any intervention like configuration changes or firmware updates. But SD-WAN routers are more sophisticated and run a larger software stack. Firmware updates are common which means that there are many more opportunities for things to go wrong. Updates can leave organizations vulnerable to potential downtime; and visibility blind spots can decrease the effectiveness of deployments, creating security challenges.

SD-WAN also needs additional security offerings to protect an enterprise. The primary SD-WAN connection must be secure and must be added to any other security solution being deployed. These devices are usually fully meshed which means that compromising one device can give attackers visibility into the traffic flow from across the enterprise.

The Smart Solution

Smart out-of-band management by Opengear allows enterprises to bypass these common limitations. Not only does it provide an alternative path to devices located at remote sites when the primary network is down, helping mitigate the risk that SD-WAN can bring, it can also help facilitate access to edge infrastructure to ensure business continuity.

Attaching Opengear to SD-WAN deployments:

Diagnoses the issue: If a disruption occurs and the internet link isn’t connected, outages are detected immediately. Paired with Lighthouse Centralized Management, administrators are able to identify issues and remediate them remotely without having to roll a truck out to a site.

Allows for always-on access: Failover to Cellular paired with Smart Out-of-Band ensures uninterrupted availability for remote networks with 4G LTE. This allows organizations to continue business as usual while the primary internet connection is down.

Decrease costs: A Smart Out-of-Band solution costs less to deploy and operate. A truck roll and a few hours offline can cost an organization thousands of dollars.

Designed to provide the needed resilience at the edge, Smart Out-of-Band by Opengear is scalable, providing the ability to manage infrastructure at distributed sites. Troubleshooting and remediation at the network’s edge enables organizations to detect faults before they become failures which minimizes downtime and operating costs.

Providing organizations with always-on connectivity and increased resilience in the event of an SD-WAN network failure, Smart Out-of-Band is able to ensure that infrastructure is accessible from anywhere during an outage. This resilient backup connectivity allows enterprises to reduce the time-consuming nature of dispatching engineers to data centre sites to make configuration changes and trouble-shoot issues for business continuity. Smart Out-of-Band and Failover to Cellular™ ensures that SD-WAN continues to operate when all other circuits are unavailable, providing the always-on access needed at the edge. So the next time you’re deploying SD-WAN, remember to attach Smart Out-of-Band.


The New Americas 2020 Value-Added Reseller Partner Program

Bryan Keepers
Director, Channel Sales Americas

Opengear’s channel program has continued to see exponential growth over the past few years. To continue to facilitate this and show our commitment to our partners, we’ve built a new Americas Value-Added Reseller Partner Program. Launched on March 1st, the enhanced Partner Program includes a new Reseller Elite tier and wide array of new benefits for all Opengear resellers. To learn more about it, I sat down with Bryan Keepers, Director of Channel Sales, Americas.

1. What was the catalyst that made you decide to enhance the Partner Program?

As our partnerships and revenue continue to grow, we feel that it’s important to continually add new benefits to the program. We also feel that it’s critical to reward our top partners who are most successful at positioning Opengear solutions as an essential component to network resilience strategies.

2. Can you discuss the new tier?

We’ve added a new tier to our program, Elite and enhanced the benefits in our Premier tier. Partners qualify for those levels based on several factors including the amount of Opengear solutions that they’ve sold in the previous year as well as our access to their sellers. Revenue and access dictate which tier they fall into. The overall relationship is ultimately the deciding factor into where they are placed in our program.

3. What are some of the new benefits of the Partner Program?

To decide on these new benefits, we took a look at what would really reward our partners and how we can better assist them. There’s a wide range of benefits and tier level dictates which are available to each partner.

Premier Partners receive:

Elite Partners receive all the benefits that Premier Partners do along with:

Again, these are just a few of the benefits our partners will have access to with our new program.

4. What are some differentiators between Opengear’s Partner Program and others?

Our new program is unique in that both our partners and Opengear have more skin in the game. This will strengthen our relationships and also allow us to hold each other accountable for success together. Some of our main differentiators are:

5. Looking to the future, what are your ambitions for Opengear’s Partner Program?

Opengear is continually growing, just look at our recent acquisition by Digi, and our channel is a major factor in that growth. For the future, I’d like to continue to add activities and enhance our offerings to help better position our channel partners with the customers to win the business. We’ll realize the greatest success through continual communication and support.

To get all the details on our 2020 Value-Added Reseller Program for the Americas, take a look at our Partner Page!

Top Healthcare Network Challenges

In healthcare, patient needs are constantly evolving. To meet these demands, these institutions are taking advantage of emerging technology which has essentially changed the landscape of the industry.

From IoT devices to Electronic Medical Records to Picture Archiving Systems, bandwidth intensive applications are digitally tying together healthcare systems. The constant addition of new applications can improve greatly improve patient care and also create challenges with the network. Some of the top network challenges are:

System interoperability

In healthcare deployments there are on average more than 20 different operating systems. It’s predicated that by 2025, IoT in the healthcare sector will reach $534 billion.1 As these devices continue to get added to these networks, the ability to exchange and interpret data acquired from each application becomes more challenging. In order to ensure the efficient transmittal of real time data collected, these devices must be able to speak the same language.


Healthcare is one of the top two industries affected by cyberattacks, with more than 190 million patient records stolen since 2009.2 Due to the large amount of patient data being constantly collected, healthcare has become a target for hackers. Not only do applications such as EHRs contain sensitive patient records, they also have valuable financial information. Due to this, the industry has unique compliance and security challenges. Any type of security breach could leave facilities that are not compliant with Health Insurance Portability and Accountability Act (HIPPA) standards could result with up to $1.5 million in fines.3 Governing health related transactions and procedures, healthcare facilities must adhere to these requirements to ensure that patient records are protected. The HIPPA security rule require that each healthcare organization creates a contingency plan to ensure that if a disruption does occur business processes remain uninterrupted.


Connecting devices to the internet and ensuring that they are receiving the strongest signals possible is a constant challenge in healthcare. It’s important to understand that not all mobile and connected devices can be treated the same way. The only way for these devices to function properly is to have constant and dynamic network connectivity.

When Every Minute Counts, Rely On Opengear

Opengear solutions are the foundation of a contingency plan. Lighthouse Enterprise provides full visibility of an entire healthcare network while Smart Out-of-Band enables engineers to remotely monitor and manage any IT issues that may occur. Paired with Failover to Cellular™ which provides always-on availability with 4G LTE, healthcare organizations are able to continue business operations while the issues are remediated.


Network Disaster Recovery Planning

Hurricane season is well underway with Barry, Dorian and Humberto having already hit and deluged most of the Bahamas and the southern United States, there’s still a total of 22 more predicted storms to hit before November. These storms leave a large wake in their path and enterprises are not exempt. According to the Small Business Administration, 45% of businesses don’t reopen after they experience a disaster.1 A network Disaster Recovery Plan (DRP) helps to protect IT infrastructure, ascertain organizational stability and establish systematic disaster recovery.

Whether it be to meet compliance requirements, adhere to customer agreements or to implement best practices, many organizations have a network disaster recovery plan in place.

An IT disaster recovery plan must take into account how to:

Types of Plans

There are a variety of disaster recovery plans, each influenced by the systems relied on by an organization.

Virtualization Disaster Recovery

An organization can quickly and easily begin their recovery efforts by placing a virtual server on reserve or in the cloud to reduce the need to recreate an actual server if an issue occurs. Take stock of the virtualization platforms in your environment with the backup and recovery tools used by each. A plan can be created to get virtual workloads back up and running.

Data Center Disaster Recovery

A plan for data center disaster recovery includes IT systems housed in a computing facility. It involves the building itself, utility providers, backup power, security and support personnel. This requires input from IT teams, facilities management and security providers.

Network Disaster Recovery

A disaster can affect servers, applications and services that depend on network connectivity. This type of plan takes into account contacting the proper IT personnel and getting network equipment replacements to get the network back up and running.

The main purpose of a network disaster recovery plan is to ensure services can continue to be delivered despite a disruption through network connectivity. Whatever type of plan you choose to implement for your organization, there must be a solution in place to ensure always-on, secure access.

Disasters come in different forms which makes it difficult to predict what their potential impact could be and how to best address network issues that may arise, however Opengear solutions provide cellular to your critical devices in every situation. Opengear solutions should be the foundation of your plan. Once that is in place and the other necessary considerations are added in, the plan should be documented and tested in advance which will help expedite the process when an actual disaster strikes. The three main components that should be addressed in a recovery plan are data, systems and people.

Creating A Disaster Recovery Plan

To get started with creating a disaster recovery plan to meet the specific needs of your organization there are a few steps to follow.

Complete A Risk Assessment

Create a risk assessment that details the likelihood of a disaster.

Collect Data and Document

Document and collect the information needed to create your plan. This may include taking inventory of servers, network diagrams and floor plans.

Test Your Plan

In general, it’s ill-advised to crank up the heat in a data center or disconnect a critical server, however there are ways to determine if your plan will work. Hands-on technical tests and tabletop simulations are just a few ways to see if your plan will work.

Opengear solutions should be added to every network disaster recovery plan. Smart Out-of-Band and Failover to Cellular ensure that even during a disruption, the network can be accessed. Visit our solutions page to learn more.