IOLAN SCG
Out-of-Band IT Infrastructure Management
- 16, 32 or 48 RS232 RJ45 Console Management Ports
- 10/100/1000Base-T Copper Network Connection
- ZTP & PerleVIEW Central Management Software simplifies configuration, administration, monitoring, and troubleshooting.
- Cloud Hosting -- Deploy and manage your network from the cloud
- Advanced routing engine with AAA security and SSH/SSL encryption to meet all data center compliance policies
The Perle IOLAN SCG Console Servers provide data center managers with the ultimate solution for redundant, secure remote console management of any device with an RS232 RJ45 console port. With integrated firewall, two-factor authentication, advanced failover to multiple networks, and Zero Touch Provisioning (ZTP), your IT professionals and network operations center (NOC) personnel will have everything they need to easily perform secure remote data center management and out-of-band management of IT assets from anywhere in the world. This cost-effective 1U rack solution also maintains protocol integrity across Ethernet and adds full IPv4/IPv6 routing capabilities with support for RIP, OSPF, and BGP protocols.
Console Management for IT assets
The IOLAN SCG Console Server supports RS232 RJ45 connectivity to console ports on equipment such as Cisco routers, switches, firewalls, servers (Solaris, Windows, Unix and Linux) PBXs, network storage equipment and security appliances through an IP network. The RS232 RJ45 ports are software configurable to use straight thru or rolled cables to connect your Cisco equipment. In addition, a DCD pin can be configured for 3rd party devices that need this extra signal. The means the Perle IOLAN SCG supports more serial devices than any other Console Server on the market. This makes it an ideal out of band management solution for IT equipment located in data centers or remote sites.
Advanced Network Security, Authentication, and Data Encryption
2 Factor Authentication (2FA) ensures access to equipment and data is limited to authorized users, while remote authentication (RADIUS, TACACS+, & LDAP) management, enables integration with enterprise-grade systems to control access to devices in the field.
The built-in firewall offers intuitive policies to protect inside networks from unauthorized access. The firewall also allows inside networks to be separated from each other. If there are network resources that need to be available to an outside user, such as a web or FTP server, these resources can be placed on a separate network behind the firewall in a demilitarized zone (DMZ).
Network data transmissions and access to remote console admin ports on IT equipment are protected through standard encryption tools such as Secure Shell (SSH) and Secure Sockets Layer (TLS/SSL). By using encryption technologies, an IOLAN SCG Console Server protects sensitive and confidential data before being sent across a corporate Intranet or public Internet. For compatibility with peer encryption devices, all the major encryption ciphers such as AES, 3DES, RC4, RC2, and CAST128 are fully supported.
With multiple concurrent VPN sessions, OpenVPN, and IPSec VPN, robust authentication and encryption of IP packets is provided at the network layer of the OSI model. This is ideal for multi-vendor interoperation within a network, providing flexibility and the ability to match the right solution for a particular application.
High Availability Access
To simplify management and respond swiftly to issues, network administrators require access to all console ports via a single portal view. Perle's cloud-based centralized management solution puts all your network and IT infrastructure into a single application and provides secure reliable access and visibility during normal operations and critical network failures. Scalable to suit any business requirement, Cloud Centralized Management reduces human error and guarantees repeatability.
The IOLAN SCG also has built-in fault-tolerant capabilities to ensure secure and reliable access for managing important mission-critical equipment. Redundant Path technology assures availability to Console Management ports through Active Standby or Dual Network Access modes. Virtual Router Redundancy Protocol (VRRPv3) enables a group of devices to form a single virtual device to provide network redundancy. The dual AC power supply ensures that console management is available even if the primary AC power source fails. And, protection against electrostatic discharges and power surges is provided with robust 15Kv ESD protection circuitry on each console port.
The auto-negotiating 10/100/1000Base-T Copper Port will meet any changing network access requirements. If you upgrade your Ethernet speed, you won't need to upgrade your IOLAN SCG.
Easy Set-up and Configuration
The IOLAN SCG is incredibly easy to get up and running on the network. The unit can then be configured over the network using a variety of configurator options including PerleVIEW, WebManager, CLI, etc.
For large scale roll-outs, the Micro SD Card slot can be used to back-up and restore configuration files as well as load new firmware. Perle is committed to eliminating configuration hassles for all IOLAN's on your IP network.
Flexible and Reliable Serial to Ethernet Connections
An IOLAN SCG Console Server is ideal for connecting serial-based COM port, UDP or TCP socket-based applications to remote devices. Perle’s TruePort re-director provides fixed TTY or COM ports to serial-based applications enabling communication with remote devices connected to Perle IOLAN's either in encrypted or clear text modes.
TrueSerial® packet technology delivers the most authentic serial connections across Ethernet for serial protocol integrity.
You can also tunnel serial data between devices across an IP network.
Advanced IP Technology
With support for IPv6 the IOLAN SCG provides organizations with investment protection to meet this rapidly growing standard.
Demand for IPv6, which is compatible with IPv4 addressing schemes, is driven by the need for more IP address. With the implementation and rollout of advanced cellular networks, a robust method is needed to handle the huge influx of new IP addressable devices on the Internet. In fact, the US Department of Defense has mandated that all equipment purchased be IPv6 compatible. In addition, all major Operating Systems such as Windows, Linux, Unix and Solaris, as well as routers, have built-in support for IPv6.
It is therefore important for end users and integrators to select networking equipment that incorporates the IPv6 standard. The IOLAN line with support for IPv6 already built in, is the best choice in serial to Ethernet technology.
More reasons that make the IOLAN SCSG Console Servers the preferred choice:
- Primary/Backup host functionality enables automatic connections to alternate hosts should the primary TCP connection go down
- EasyPort Web– Access equipment serial console ports by using your java-enabled Internet browser
- Java-free browser access to remote serial console ports via Telnet and SSH
- Dynamic DNS – Easy console management access from anywhere on the Internet
Lifetime Warranty
All Perle IOLAN SCG models are backed by the best service and support in the industry including Perle’s unique lifetime warranty. Since 1976 Perle has been providing its customers with networking products that have the highest levels of performance, flexibility and quality. With the Perle IOLAN SCG deploying and upgrading new services and equipment, while minimizing capital expenditures, is easy.
Software Features - IOLAN SCG Secure Console Server
| Management & Configuration |
|---|
| Zero Touch Provisioning (ZTP): automates the provisioning of both the configuration and firmware files through DHCP/Bootp Options |
| PerleView Central Management: a web-based server configuration tool that simplifies setup and deployment and gives network managers visibility and control over network configurations at remote sites. |
| Management & Monitoring: HTTP/HTTPS, CLI/Piping, Telnet, SNMPv1/v2/v3, RESTful API, TACACS+ |
| Multiple firmware versions can be saved on the unit. This allows the customer to change between older and newer firmware versions without the need to download. |
| Multiple configuration files can be stored on the unit., This allows the customer to easily switch between older and newer configurations during testing or production deployments. |
| Automatic check for software updates available over FTP, HTTP, HTTPS, SCP, SFTP, and TFTP |
| LLDP-Link Layer Discovery Protocol, as per IEEE 802.1AB, is a neighbor discovery protocol that is used for network devices to advertise information about themselves to other devices on the network. This protocol runs over the data-link layer, which allows two systems running different network layer protocols to learn about each other via TLVs (Type-Length-Value). |
| RESTful API uses HTTP requests to access and use IOLAN statistics and configuration data. Any of the CLI commands can be executed through a RESTFul API script that cn be controlled externally from a server. |
| Connectivity Watchdog can instruct the IOLAN to take different actions (i.e. reboot) if the network connectivity to a pre-define IP address is lost. This is helpful for situations when the IOLAN is deployed on remote locations hard to service if the network connectivity is lost. |
| Automatic DNS Update: Utilize DHCP Opt 81 to set IOLAN domain name for easy name management and with Dynamic DNS support, users on the Internet can access the device server by name without having to know its IP address. See Automatic DNS update support for details |
| Dynamic DNS with DYNDNS.org |
| Installation Wizard |
| Remote Access |
| Dial, direct serial: PPP, PAP/CHAP, SLIP |
| HTTP tunneling enables firewall-safe access to remote serial devices across the internet |
| Automatic DNS update: Utilize DHCP Opt 81 to set IOLAN domain name for easy name management and with Dynamic DNS support , users on the Internet can access the device server by name without having to know its IP address. |
| IPSEC VPN client/servers: Microsoft IPSEC VPN Client, Cisco routers with IPSEC VPN feature set, Perle IOLAN SDS, SDG, STS, STG, SCS, SCG, and SCR models |
| OpenVPN: Clients & Servers |
| Logging, Reporting & Alerts |
| Email alert notification |
| Syslog, Event Type, Report Type, Alerts & Monitoring, Triggers Status Screen Report, Data Usage, Diagnostic, Login Banner |
| Accessing Console Management Ports (Serial & Ethernet) |
| Serial Protocols: PPP, PAP/CHAP, SLIP |
| Connect directly using Telnet / SSH by port and IP address |
| Use an internet browser to access with HTTP or secure HTTPS |
| Java-free browser access to remote serial console ports via Telnet and SSH |
| Ports can be assigned a specific IP address |
| Multisession capability enables multiple users to access ports simultaneously |
| Multihost access enables multiple hosts/servers to share serial ports |
| Console Management Functions |
| Sun / Oracle Solaris Break Safe |
| Local port buffer viewing - 256K bytes per port |
| External port buffering via NFS, encrypted NFS and Syslog |
| Event notification |
| Windows Server / Azure - SAC support GUI access to text-based Special Administrative Console |
| Terminal Server Functions |
| Telnet |
| SSH v1 and v2 |
| Auto session login |
| LPD, RCP printer |
| MOTD - Message of the day |
| Serial to Ethernet functions |
| Tunnel raw serial data across Ethernet - clear or encrypted |
| Raw serial data over TCP/IP |
| Raw serial data over UDP |
| Serial data control of packetized data |
| Share serial ports with multiple hosts/servers |
| Virtual modem simulates a modem connection - assign IP address by AT phone number |
| Virtual modem data can be sent over the Ethernet link with or without SSL encryption |
| TruePort com/tty redirector provides fixed TTY or COM ports to serial based applications enabling communication with remote devices connected to Perle IOLAN's either in encrypted or clear text modes. |
| TrueSerial packet technology provides the most authentic serial connections across Ethernet ensuring serial protocol integrity |
| RFC 2217 standard for transport of serial data and RS232 control signals |
| Customizable or fixed serial baud rates |
| Serial encapsulation of industrial protocols such as ModBus, DNP3 and IEC-870-5-101 |
| ModBus TCP gateway enables serial Modbus ASCII/RTU device connection to ModBus TCP |
| Data logging will store serial data received when no active TCP session and forward to network peer once session re-established - 32K bytes circular per port |
| Redundancy |
| Load Balancing |
| VPN Failover |
| Virtual Router Redundancy Protocol (VRRPv3) enables a group of devices to form a single virtual device to provide network redundancy |
| Primary/Backup host functionality enables automatic connections to alternate hosts |
| Routing / Switching Protocols |
| The IOLAN can be configured for any of the major routing protocols for an easy integration within the data center Ethernet backbone: RIP/RIPNg, OSPFv3, BGP-4, NAT, IPv4/IPv6, Static Routing, IPv6 Encapsulations (GRE, 6in4), Port Routing, STP, MSTP |
| IPv6 to IPv4 translation is fully supported for environments where the Ethernet data backbone is run on IPv6 and the port management is run on IPv4 |
| Using NAT for enhanced security, the IOLAN can map a single IP address, across all or several of it's Ethernet ports. |
| IP Applications |
| DDNS, DNS Proxy / Spoofing, relay, client, Opt. 82, |
| NTP & SNTP (versions 1, 2, 3, 4) |
| DHCP / DHCPv6 server / DHCP Snooping & BOOTP |
| VLAN & VPN |
| VLAN, OpenVPN, VPN Failover (16 concurrent VPN tunnels) |
| IPSec VPN: NAT Traversal, ESP authentication protocol |
| Firewall Features |
| Ability to set up firewalls to restrict incoming and outgoing packets |
| Built in Zone-Based Policy Firewall for local security and traffic filtering. |
| Access Control Lists (list & ranges & time) |
| Filter based on MAC Address, IP, Port, Protocol, User |
| IEEE 802.1x Authentication and Port Security can be enabled for any Ethernet port for increased security port access. |
| Layer 2 MAC address filtering |
| Port Forwarding |
| BGP Communities |
| Security Features |
| AAA Security via remote authentication (Radius, TACACS+, & LDAP) |
| Trusted host filtering (IP filtering), allowing only those hosts that have been configured in the host table access to the router. |
| Ability to disable services (for example, Telnet, TruePort, Syslog, SNMP, Modbus, HTTP) for additional security |
| Ability to disable Ping responses |
| SSH client/server connections (SSH 1 and SSH 2). Supported ciphers are Blowfish, 3DES, AES-CBC, AES-CTR, AES-GMC, CAST, Arcfour and ChaCha20-Poly1305. Ability to individually disable network services that won’t be used by the SSH client/server connections. |
| SSL/TLS client/server data encryption (TLS v1.2) |
| SSL Peer authentication |
| SSL encryption: AES-GCM, key exchange ECDH-ECDSA, HMAC SHA256, SHA384 |
| Encryption: AES (256/192/128), 3DES, DES, Blowfish, CAST128, ARCFOUR(RC4), ARCTWO(RC2) |
| Hashing Algorithms: MD5, SHA-1, RIPEMD160, SHA1-96, and MD5-96 |
| Key exchange: RSA, EDH-RSA, EDH-DSS, ADH |
| VPN: OpenVPN & IPSec VPN (NAT Traversal, ESP authentication protocol) |
| Certificate Support (X.509) |
| Certificate authority (CA) list |
| Local database |
| RIP authentication (via password or MD5) |
| 2 Factor (2F) Authentication over e-mail enhances administration access security |
| Management Access Control |
| Demilitarized Zone (DMZ) |
| Secure HTTP/HTTPS/FTP/Telnet Authentication Proxy |
| SNMP v3 Authentication and Encryption support |
| IP Address filtering |
| Disable unused daemons |
| Active Directory via LDAP |
| Protocols |
| IPv6, IPv4, TCP/IP, Reverse SSH, SSH, SSL, IPSec/IPv4, IPSec/IPv6, IPSec, RIPV2/MD5, ARP, RARP, UDP, UDP Multicast, ICMP, BOOTP, DHCP, TFTP, SFTP, SNTP, Telnet, raw, reverse Telnet, LPD, RCP, DNS, Dynamic DNS, WINS, HTTP, HTTPS, SMTP, SNMPV3, PPP, PAP/CHAP, SLIP, CSLIP, RFC2217, MSCHAP |
Hardware Specifications - IOLAN SCG Secure Console Server
| Processor | 1750 MIPS, 500 MHz core 32 bit ARM processor, with integrated hardware encryption processor |
|---|---|
| Memory | |
| RAM MB | 1000 |
| Flash MB | 4000 |
| Interface Ports | |
| Integrated Device Management Ports | IOLAN SCG16: 16 x RS232 RJ45 IOLAN SCG32: 32 x RS232 RJ45 IOLAN SCG48: 48 x RS232 RJ45 |
| Sun / Solaris | Sun / Oracle ‘Solaris' Safe - no "break signal" sent during power cycle causing costly server re-boots or downtime |
| Serial Port Speeds | 300bps to 230Kbps with customizable baud rate support |
| Data Bits | Configurable for 5,6,7 or 8-bit protocol support Use TruePort to transparently pass 9-bit serial data |
| Parity | Odd, Even, Mark, Space, None |
| Flow Control | Hardware, Software, Both, None |
| Serial Port Protection | 15Kv Electrostatic Discharge Protection (ESD) |
| Local Console Ports | 1 x RS232 RJ45 1 x Micro USB with DB9 adapter |
| Network | 1 x 10/100/1000Base-T RJ45 Copper Software selectable Ethernet speed 10/100/1000, Auto Software selectable Half/Full/Auto duplex |
| Ethernet Isolation | 1.5Kv Magnetic Isolation |
| Power | |
| Power Supply | AC power supply USA Models: IEC320-C13 to NEMA 5-15P line cord UK Models: IEC320-C13 to BS1363 line cord EU Models: IEC320-C13 to CEE 7/7 Schuko South Africa Models: IEC320-C13 to BS546 line cord Australia Models: IEC320-C13 to AS3112 line cord |
| Nominal Input Voltage | 110/230v AC |
| Input Voltage Range | 100-240v AC |
| AC Input Frequency | 47-63Hz |
| Current Consumption @ 100v (Amps) | IOLAN SCG16: 0.14 IOLAN SCG32: 0.21 IOLAN SCG48: 0.28 |
| Current Consumption @ 240v (Amps) | IOLAN SCG16: 0.06 IOLAN SCG32: 0.08 IOLAN SCG48: 0.11 |
| Typical Power Consumption (Watts) | 14 Watts |
| Power Line Protection | Fast transients: 1 KV (EN61000-4-4 Criteria B) Surge: 2KV (EN61000-4-5 common mode), 1KV (EN61000-4-5 differential and common modes) |
| LED Indicators | |
| System Ready Network Link Activity |
|
| Environmental Specifications | |
| Heat Output (BTU/HR) | IOLAN SCG16: 47.77 IOLAN SCG32: 69.27 IOLAN SCG48: 91.45 |
| MTBF ( Hours ) | 94,455
Calculation model based on MIL-HDBK-217-FN2 @ 30 °C |
| Operating Temperature | 0°C to 55°C, 32°F to 131°F |
| Storage Temperature | -40°C to 85°C, -40°F to 185°F |
| Humidity | 5 to 95% (non condensing) for both storage and operation. |
| Case | SECC Zinc plated sheet metal (1 mm) |
| Ingress Protection Rating | IP30 |
| Mounting | 1U - 19" rack, front and rear mounting hardware included |
| Product Weight and Dimensions | |
| Product Weight | IOLAN SCG16: 3.06 kg / 6.75 lbs IOLAN SCG32: 3.23 kg / 7.12 lbs IOLAN SCG48: 3.39 kg / 7.47 lbs |
| Dimensions | 1U Rack form factor - 26.4 x 43.4 x 4.4 (cm), 10.38 x 17.1 x 1.75 (in) |
| Packaging | |
| Shipping Dimensions | 59 x 36 x 9cm |
| Shipping Weight | IOLAN SCG16: 4.00 kg / 8.82 lbs IOLAN SCG32: 4.17 kg / 9.20 lbs IOLAN SCG48: 4.33 kg / 955 lbs |
| Regulatory Approvals | |
| Emissions | FCC 47 Part 15 Subpart B Class A ICES-003 (Canada) EN55011 (CISPR11) EN55032 (CISPR32) EN61000-3-2 Limits for Harmonic Current Emissions EN61000-3-3 Limits of Voltage Fluctuations and Flicker |
| Immunity | EN55024 EN 61000-4-2 (ESD): Contact: EN 61000-4-3 (RS): EN 61000-4-4 (EFT): EN 61000-4-5 (Surge): EN 61000-4-6 (CS): EN 61000-4-8 (PFMF) EN 61000-4-11 |
| Safety | UL/EN/IEC 62368-1 (previously 60950-1) CAN/CSA C22.2 No. 62368-1 |
| Other | Reach, RoHS and WEEE Compliant CCATS - G168387 ECCN - 5A992 HTSUS Number: 8517.62.0020 Perle Limited Lifetime warranty |
| IOLAN RJ45 Serial Connector Pinout - DCE mode (Straight-through) | |||
|---|---|---|---|
|
Pinout | Direction | EIA-232 |
| 1 | in | CTS | |
| 2 | in | DSR | |
| 3 | in | RxD | |
| 4 | GND | ||
| 5 | not used | ||
| 6 | out | TxD | |
| 7 | out | DTR | |
| 8 | out | RTS | |
Optional Perle adapters for use with straight thru CAT5 cabling |
|||
RJ45 Socket| IOLAN RJ45 Serial Connector Pinout - DTE mode (Rolled) | |||
|---|---|---|---|
|
Pinout | Direction | EIA-232 |
| 1 | out | RTS | |
| 2 | out | DTR | |
| 3 | out | TxD | |
| 4 | GND | ||
| 5 | in | DCD | |
| 6 | in | RxD | |
| 7 | in | DSR | |
| 8 | in | CTS | |
| (A rolled RJ45 cable will automatically perform DTE to DCE crossover) | |||
| Data Center Console Management |
|---|
IOLAN SCG Remote Console Management |
| TCP |
|---|
Using RAW TCP Sockets A raw TCP socket connection which can be initiated from the serial-Ethernet device or from the remote host/server. This can either be on a point to point or shared basis where a serial device can be shared amongst multiple devices. TCP sessions can be initiated either from the TCP server application or from thePerle IOLAN serial-Ethernet adapter.  |
| UDP |
Using Raw UDP Sockets For use with UDP based applications, Perle IOLANs can convert serial equipment data for transport across UDP packets either on a point to point basis or shared across multiple devices.  |
| Console Server |
Console Management For access to remote console ports on routers, switches,etc, Perle IOLAN’s enable administrators secure access to these RS232 ports via inband Reverse Telnet / SSH or out of band with dial-up modems. Perle IOLAN models with integrated modems are available.  |
| COM/TTY |
Connect Serial-based Applications with a COM/TTY Port Driver Serial ports can be connected to network servers or workstations running Perle's TruePort software operating as a virtual COM port. Sessions can be initiated either from the Perle IOLAN or from TruePort.  |
| Tunneling |
Serial Tunneling between two Serial Devices Serial Tunneling enables you to establish a link across Ethernet to a serial port on another IOLAN. Both IOLAN serial ports must be configured for Serial Tunneling (typically one serial port is configured as a Tunnel Server and the other serial port as a Tunnel Client).  |
| Virtual Modem |
Virtual Modem Enables the serial-Ethernet adapter to simulate a modem connection. When connected to the IOLAN and initiates a modem connection, the IOLAN starts up a TCP connection to another IOLAN serial-Ethernet adapter configured with a Virtual Modem serial port or to a host running a TCP application.  |