Lights Out Management
Lights Out Management ( LOM ) allows a system administrator to access a server system regardless of whether it is switched on or whether an operating system has been installed. The name "Lights Out" comes from the fact that the light no longer has to be on in the data center because nobody is in it.
The LOM functionality is usually available in computer systems that are used in the server area and are primarily designed for continuous operation. In some cases, however, this technology is also used in centrally managed workstation computers, for example for software-independent remote maintenance from the IT department.
technology
A LOM system consists of two components: The first is an English Baseboard Management Controller , BMC, which is designed as a dedicated hardware module , sometimes also referred to as a "LOM module", which has independent power and network connections and the operating status of the computer Hardware level monitored (switch-on status, temperature, runtimes, etc.). Thanks to the independent connection, this module remains active even if the server is shut down or defective. Often a LOM also monitors the functionality of the hardware and can access all hardware resources such as the entire memory by bypassing all operating system restrictions.
The second component is software such as a web interface that allows access to the server independently of the software and the operating system on the server. The administrator can check the status of the server remotely, redirect the current screen output via the network, trigger mouse and keyboard entries and identify any hardware or software problems that may occur on the computer. He can shut down the system, restart it or reinstall it from boot media that are held in the network. He can set parameters in the BIOS, change the fan speed or monitor warning messages that appear in the event of defects during booting.
Reasons for Use
In large data centers in particular , it is no longer possible for maintenance personnel like system administrators to look after every server on site: On the one hand, the travel times to be physically on-site speak, and on the other hand there are access barriers in data centers that exist for security or technical reasons are against. Rather, a large number of servers are automatically monitored and the maintenance staff is notified in the journal service in the event of problems that cannot be solved automatically. Using LOM, the administrator can carry out all work steps that do not require any physical hardware changes on site.
Further use of LOM are desktop computers and laptops in larger organizations such as companies, possibly distributed over several locations, in which a lot of administrative maintenance work can be carried out by a central IT department using remote maintenance software . In addition to LOM, remote maintenance programs are also available in this area of application, which run directly on the computer as a separate process and do not require their own hardware, such as Virtual Network Computing (VNC). With LOM, the possibilities of the purely software-supported remote maintenance solutions can be expanded, since it also enables, for example, the complete reinstallation of workstation computers by means of remote maintenance by the IT department.
The positive possibilities of LOM are offset by problems in the area of data protection. In principle, anyone who can access a computer via LOM can bypass all restrictions on the computer system and operating system without the computer software being able to detect or prevent access. In the case of an incorrectly implemented or incorrectly configured LOM, attackers without physical access to the computer have the same options as with physical access.
Manufacturer
The Intelligent Platform Management Interface (IPMI) is an open, cross-manufacturer standard . In addition, there are a number of proprietary LOMs that are mostly limited to one manufacturer:
- Intel Active Management Technology (iAMT)
- HPE : Integrated Lights-Out (iLO)
- Fujitsu : RemoteView Service Board (RSB), Integrated Remote Management Controller (iRMC)
- Dell : Integrated Dell Remote Access Controller (iDRAC) (integrated on the server motherboard )
- Dell : Dell Remote Access Controller (DRAC) (as a plug-in card outside the motherboard)
- Apple (for the Intel Xserve systems)
- IBM : Remote Data Management, Integrated Management Module (IMM)
- Sun Microsystems : Advanced Lights Out Management (ALOM), Integrated Lights Out Manager (ILOM)
- IBM : Hardware Management Console (HMC)
Individual evidence
- ↑ Best Practices for managing servers with IPMI features enabled in Datacenters. Supermicro, company publication, accessed October 29, 2017 .