Smart Management Fabric

Smart Management Fabric represents an advanced functionality designed to offer heightened flexibility and accessibility to network and IT professionals throughout the network fabric. It empowers them by facilitating effective orchestration and management through the management network.

As Smart Management Fabric expands its reachability through the utilization of OSPF and the integration of Opengear nodes and Lighthouse for establishing new paths, it is crucial to acknowledge the potential risk of overexposing the network, which could lead to bypassing Layer 2 or Layer 3 access control measures.

While the communication between the Lighthouse and OpenGear nodes, such as OM, is safeguarded through a VPN connection, and the OSPF configuration is carefully restricted and secured, there exists a potential risk when devices like routers and switches under customer autonomy are configured within the OSPF process without adequate diligence. To address and mitigate these risks, the following strategies are recommended:

  • Conduct a meticulous examination of networks participating in OSPF advertisement, with a suggestion to implement passive interfaces.

  • Execute comprehensive testing and verification to ensure that no routing occurs among networks not involved in Smart Management Fabric.

  • Verify the activation of OSPF authentication to augment network security.

Smart Management Fabric uses dynamic link state routing to allow IP connectivity to IT resources on IPv4 networks connected to compatible Opengear products:

  • via SSH, https (GUI), SPs/BMCs (iLO, iDRAC, etc.).

  • via commonly used automation tools such as RDP, Ansible, Python, vCenter.

To implement Smart Management Fabric an appropriate subscription type is required, as well as a supported (23.10.4 firmware and up) Opengear console server such as Operations Manager.

Image showing Smart Management deployment

Note:  Smart Management Fabric is advanced functionality that utilizes dynamic routing protocols. It is crucial to acknowledge the potential risk of overexposing your network.

Enable Smart Management Fabric

After deploying the Lighthouse, to set up Smart Management Fabric to create an internal network area between Lighthouse and the console servers:

  1. Log in to the Lighthouse web UI as a Lighthouse Administrator or the root user.

  2. In the Settings Pane, select > SERVICES > Smart Management Fabric.
    The SMART MANAGEMENT FABRIC page displays.

  3. Select Enabled.

  4. Enter the Internal Area ID for the backbone area for the internal network.
    The area is a logical collection of internal networks, routers, and links with the same area identification.

  5. Click Apply.

To ensure the Smart Management Fabric stays up to date, these are the following scenarios that would require an additional push of configuration after the initial setup:

  • Any changes made to Smart Management Fabric VPN subnets for the Primary or Multi Instance Lighthouses.

  • A new Multi-Instance Lighthouse is added that is required to be part of the Smart Management Fabric network.

  • Any changes to the Lighthouse VPN for the Primary or Multi Instance Lighthouse that may include:

    • Any subnet changes.

    • Any changes to MTU for a specific node.