Out of Band Management

We’ve all had things go wrong with computers, however when they go catastrophically wrong, there’s often little you can do other than to be physically on site to reinstall. This doesn’t have to be the case though. Most PCs have a tiny secondary processor which can allow full remote control of a computer that’s crashed, unresponsive or even switched off.

On your desktop or laptop, built into the PCH (Platform Controller Hub) of its motherboard is a secondary processor which has its own RAM, its own storage and its own networking. This processor runs alongside the main CPU of your system, sharing many of the peripherals, but completely independently.

On servers, depending on the manufacturer, it might be known as the: IDRAC – Integrated Dell Remote Access (Dell), IMM – Integrated Management Module (IBM), iLO – Integrated Lights Out (HP), ILOM – Integrated Lights Out Manager (Sun/Oracle). But whatever your one is called, it provides remarkable control over your system. With a properly configured IDRAC, as long as your computer is switched on at the wall, it doesn’t matter if it’s turned off, the BIOS has incorrect settings or the computer’s missing an operating system entirely, you can remotely manage it as if you were sitting in front of it.

As the IDRAC shares many of the components of your system, it has the ability to remotely trigger wake-up commands as if the power button was pressed, it can view the graphics which should be displayed on your screen and insert keystrokes as if you were sat at the keyboard physically attached to the computer. These all happen over its own network, independent of the OS your computer is (or isn’t) running. One of its greatest strengths however is the capability of providing virtual media. Should you wish to completely reinstall your computer, you can copy over to the IDRAC your operating system install media and it will make this appear as a CD drive which as far as the computer is concerned, is physically attached to it and is a perfectly valid medium to boot from.

You may have concerns such as “What if someone is using the out of band management on my desktop without my knowledge?” Firstly, if a monitor’s attached, you will see frenetic yellow and red “ants” marching around the edge of your screen, they’re very hard to miss!

Should you wish to disable the management capabilities entirely, you can accomplish this via the BIOS and via MEBx, shown below for a Dell desktop.

Whilst these technologies are normally used on servers, many desktop computers and laptops are also equipped with this technology in a form called intel vPro/AMT. If you are managing computers from a remote location (or just couldn’t be bothered walking downstairs), the open-source software MeshCommander is a great starting point for remote management.

Author