One of the world’s largest manufacturers of contact lenses faces the challenge of managing a highly distributed and complex global network infrastructure while ensuring compliance with strict security and compliance standards and reducing downtime.
With IT systems becoming more strategic to CooperVision’s operations, a critical step was needed to enhance and modernize its out-of-band management network solution in order to strengthen business continuity and reduce the number of security threats. Given the ever increasing number of new, potential security threats, the out-of-band Management Gateway needed to keep pace with their current corporate security policies and mitigate exposure to future threats. CooperVision also wanted to provide secure remote access, which would boost productivity and flexibility.
With locations distributed around the globe in 12 countries, CooperVision was compelled to find a solution that could:
- Ensure security compliance with certificate-based VPN connections.
- Manage its network infrastructure remotely and securely out-of-band in order to minimize downtime and reduce on-site technician visits.
- Achieve disaster recovery compliance at remote locations that lack immediately available IT personnel.
As a result, CooperVision uses Opengear IM4200 advanced console servers to enable its central support team to perform reliable and secure data center management of its IT assets distributed across the world. Likewise, they wanted to ensure high availability for the support team that uses secure out-of-band access via 3G GSM cellular connectivity.
The Opengear IM4200 delivers enterprise-grade security for remote monitoring, access and control. Opengear’s next-generation management appliances support the industry’s most stringent security, encryption and AAA (authentication, authorization, and accounting) requirements, ensuring that management policies are always enforced, even during a network outage. Opengear solutions maintain and enforce AAA policies that protect distributed network and IT infrastructure from security threats with:
- OpenVPN and IPSec enterprise-grade PKI VPN remote access over primary or out-of-band connection
- FIPS 140-2–compliant OpenSSL cryptographic module, certified for use in the U.S. Government
- Two-factor authentication using RSA SecurID
- Enterprise0grade firewall
Cellular Out-of-Band Connectivity
The IM4200 cellular-enabled solutions reduce the complexity found in traditional dial-in out-of-band applications where international dialing costs and restrictions prevent ease of access. Equipped with built-in failover capability, the IM4200 appliances automatically switch from primary wired connections to wireless mobile broadband network during primary service outages and will automatically fail back without interrupting service.
This access is available even when the remote console server has private non-routable IP addresses, which is often the case when the console server is connected via a cellular modem connection. Opengear’s cellular enabled IM4200 can answer out-of-band connections that are initiated remotely, or they can be configured to initiate the outbound connection from the remote site using Call Home features.
Granular Logging With Localized Storage
Opengear appliances provide a selection of monitoring facilities that help diagnose the cause of problems and support Sarbanes-Oxley, GLBA, NERP and HIPAA conformance. The console server can maintain a record of all the direct access and communications with the serially managed devices and network-attached devices. A log of all system activity (syslog) is also maintained and stored locally on 16GB of internal flash memory.
To ensure compliance with internal audits, CooperVision relies on the IM4200’s robust logging and reporting capabilities even during outages. Additionally, the IM4200 provides real-time log inspection capabilities. This enables the IM4200 to generate alarms or trigger automated actions when specific patterns are identified in the log data.
Business Continuity on a Global Scale
Global companies require secure and dependable access to their large network of devices spread throughout the world. Maintaining continuity of the business operations and processes is vital to success in a competitive market. CooperVision selected the Opengear IM4200 as a key component in a major disaster recovery initiative targeted at enhancing reliability and uptime of its distributed network infrastructure located in 12 countries across five continents. The IM4200 gives CooperVision the most advanced GSM cellular features on the market today for proactive out-of-band management of their business-critical network infrastructure.