IOLAN SCG M Secure Console Server
Out-of-Band IT Infrastructure Management with integrated Modem
- 18, 34 or 50 Console Management Ports
- Modular design supports RS232/RS422/RS485 RJ45 and USB 3.0 Interfaces
- Integrated v.92 modem for out of band access
- Dual 10/100/1000 Network Connection with RJ45 Copper and SFP Fiber Ports
- ZTP & PerleVIEW Central Management Software simplifies configuration, administration, monitoring, and troubleshooting.
- Cloud Hosting -- Deploy and manage your network from the cloud
- Advanced routing engine with AAA security and SSH/SSL encryption to meet all data center compliance policies
- Dual AC or Dual Feed 48vDC Power for Fault-tolerant uptime
The Perle IOLAN SCG M Console Servers provide data center managers with the ultimate solution for redundant, secure remote console management of any device with an RS232 RJ45 or USB console port. And, the IOLAN G16 RS-Multi Card, with 16 x software-selectable RS232/422/485 RJ45 interfaces enables organizations to connect a variety of serial-based devices to Ethernet. The integrated V.92 modem support provides multiple alternate access methods to manage, maintain, and troubleshoot critical network devices. With an expandable modular hardware platform, integrated firewall, two-factor authentication, advanced failover to multiple networks, and Zero Touch Provisioning (ZTP), your IT professionals and network operations center (NOC) personnel will have everything they need to easily perform secure remote data center management and out-of-band management of IT assets from anywhere in the world. This cost-effective 1U rack solution also maintains protocol integrity across Ethernet and adds full IPv4/IPv6 routing capabilities with support for RIP, OSPF, and BGP protocols.
Modular Hardware Platform enables Console Management of all IT assets
The modular IOLAN SCG M Console Server provides up to 50 Console Management ports supporting USB, RS232, RS422, and RS485 interfaces. The modular design of the IOLAN SCG allows the user to swap, upgrade, and scale to any combination of 16-port module cards to support all types of admin ports in one Console Management solution.
The Perle IOLAN SCG is the only industry solution that can support up to 50 high-density USB 3.0 ports that are compatible with all manufacturers’ USB solutions, including Cisco routers, switches, firewalls, servers (Solaris, Windows, Unix and Linux) PBXs, network storage equipment and security appliances.
The RS232 RJ45 ports are software configurable to use straight thru or rolled cables to connect your Cisco equipment and support DCD pin can be configured for 3rd party devices that need this extra signal. The software-selectable RS232/422/485 RJ45 interfaces simplify configuration and eliminate mechanical tampering associated with DIP switches. This mean the Perle IOLAN SCG supports more serial devices than any other Console Server on the market.
Advanced Network Security, Authentication, and Data Encryption
2 Factor Authentication (2FA) ensures access to equipment and data is limited to authorized users, while remote authentication (RADIUS, TACACS+, & LDAP) management, enables integration with enterprise-grade systems to control access to devices in the field.
The built-in firewall offers intuitive policies to protect inside networks from unauthorized access. The firewall also allows inside networks to be separated from each other. If there are network resources that need to be available to an outside user, such as a web or FTP server, these resources can be placed on a separate network behind the firewall in a demilitarized zone (DMZ).
Network data transmissions and access to remote console admin ports on IT equipment are protected through standard encryption tools such as Secure Shell (SSH) and Secure Sockets Layer (TLS/SSL). By using encryption technologies, an IOLAN SCR Console Server protects sensitive and confidential data before being sent across a corporate Intranet or public Internet. For compatibility with peer encryption devices, all the major encryption ciphers such as AES, 3DES, RC4, RC2, and CAST128 are fully supported.
With multiple concurrent VPN sessions, OpenVPN, and IPSec VPN, robust authentication and encryption of IP packets is provided at the network layer of the OSI model. This is ideal for multi-vendor interoperation within a network, providing flexibility and the ability to match the right solution for a particular application.
Multiple Out-of-Band (OOB) access methods
Every IOLAN SCG M Console Server comes with two secure remote access methods to critical network devices.
- The on-board RJ11 V.92 modem connection provides a secure and reliable out-of-band connection over the POTS network. This means that should IP network access become unavailable, the IOLAN SCG M can serve as the necessary alternate access method to troubleshoot and reboot critical network devices.
- Any dual combination of the two 10/100/1000Base-T Copper Ports and two 100/1000Base-X SFP Fiber Ports can be used to meet your unique network access requirements. This design provides users with a flexible, cost-effective solution to transmit data from mission-critical equipment over Copper or Fiber based Ethernet networks. When connecting to a fiber network, the pluggable SFP ports allow for flexible network configurations using SFP Optical Transceivers supplied by Perle, Cisco or other manufacturers of MSA compliant SFPs.
High Availability Access
To simplify management and respond swiftly to issues, network administrators require access to all console ports via a single portal view. Perle's cloud-based centralized management solution puts all your network and IT infrastructure into a single application and provides secure reliable access and visibility during normal operations and critical network failures. Scalable to suit any business requirement, Cloud Centralized Management reduces human error and guarantees repeatability.
The IOLAN SCG M also has built-in fault-tolerant capabilities to ensure secure and reliable access for managing important mission-critical equipment. Redundant Path technology assures availability to Console Management ports through Active Standby or Dual Network Access modes. Virtual Router Redundancy Protocol (VRRPv3) enables a group of devices to form a single virtual device to provide network redundancy. The dual AC power supply ensures that console management is available even if the primary AC power source fails. And, protection against electrostatic discharges and power surges is provided with robust 15Kv ESD protection circuitry on each console port.
Easy Set-up and Configuration with Front Panel Display and Keyboard
The IOLAN SCG M is incredibly easy to get up and running on the network. The Front Panel Display and Keyboard allows a user to assign an IP address directly through the display without a direct PC connection. The rest of the unit can then be configured over the network using a variety of configurator options including PerleVIEW, WebManager, CLI, etc.
The Front Panel Display is also a convenient way to monitor and trouble-shoot RS232, USB, and Ethernet port activity.
For large scale roll-outs, the Micro SD Card slot can be used to back-up and restore configuration files as well as load new firmware. Perle is committed to eliminating configuration hassles for all IOLAN's on your IP network.
Flexible and Reliable Serial to Ethernet Connections
An IOLAN SCG Console Server is ideal for connecting serial based COM port, UDP or TCP socket based applications to remote devices. Perle’s TruePort re-director provides fixed TTY or COM ports to serial based applications enabling communication with remote devices connected to Perle IOLAN's either in encrypted or clear text modes.
TrueSerial® packet technology delivers the most authentic serial connections across Ethernet for serial protocol integrity.
You can also tunnel serial data between devices across an IP network.
Advanced IP Technology
With support for IPv6, the IOLAN SCG provides organizations with investment protection to meet this rapidly growing standard.
Demand for IPv6, which is compatible with IPv4 addressing schemes, is driven by the need for more IP address. With the implementation and rollout of advanced cellular networks, a robust method is needed to handle the huge influx of new IP addressable devices on the Internet. In fact, the US Department of Defense has mandated that all equipment purchased be IPv6 compatible. In addition, all major Operating Systems such as Windows, Linux, Unix, and Solaris, as well as routers, have built-in support for IPv6.
It is therefore important for end users and integrators to select networking equipment that incorporates the IPv6 standard. The IOLAN line with support for IPv6 already built in is the best choice in serial to Ethernet technology.
More reasons that make the IOLAN SCG Console Servers the preferred choice:
- Primary/Backup host functionality enables automatic connections to alternate hosts should the primary TCP connection go down.
- EasyPort Web – Access equipment serial console ports by using your Java-enabled Internet browser
- Java-free browser access to remote serial console ports via Telnet and SSH.
- Dynamic DNS – Easy console management access from anywhere on the Internet.
All Perle IOLAN SCG models are backed by the best service and support in the industry including Perle’s unique lifetime warranty. Since 1976 Perle has been providing its customers with networking products that have the highest levels of performance, flexibility, and quality. With the Perle IOLAN SCG deploying and upgrading new services and equipment while minimizing capital expenditures, is easy.
Software Features - IOLAN SCG M Secure Console Server
|Management & Configuration|
|Zero Touch Provisioning (ZTP): automates the provisioning of both the configuration and firmware files through DHCP/Bootp Options|
|PerleView Central Management: a web-based server configuration tool that simplifies setup and deployment and gives network managers visibility and control over network configurations at remote sites.|
|Management & Monitoring: HTTP/HTTPS, CLI/Piping, Telnet, SNMPv1/v2/v3, RESTful API, TACACS+|
|Multiple firmware versions can be saved on the unit. This allows the customer to change between older and newer firmware versions without the need to download.|
|Multiple configuration files can be stored on the unit., This allows the customer to easily switch between older and newer configurations during testing or production deployments.|
|Automatic check for software updates available over FTP, HTTP, HTTPS, SCP, SFTP, and TFTP|
|LLDP-Link Layer Discovery Protocol, as per IEEE 802.1AB, is a neighbor discovery protocol that is used for network devices to advertise information about themselves to other devices on the network. This protocol runs over the data-link layer, which allows two systems running different network layer protocols to learn about each other via TLVs (Type-Length-Value).|
|RESTful API uses HTTP requests to access and use IOLAN statistics and configuration data. Any of the CLI commands can be executed through a RESTFul API script that cn be controlled externally from a server.|
|Connectivity Watchdog can instruct the IOLAN to take different actions (i.e. reboot) if the network connectivity to a pre-define IP address is lost. This is helpful for situations when the IOLAN is deployed on remote locations hard to service if the network connectivity is lost.|
|Automatic DNS Update: Utilize DHCP Opt 81 to set IOLAN domain name for easy name management and with Dynamic DNS support, users on the Internet can access the device server by name without having to know its IP address. See Automatic DNS update support for details|
|Dynamic DNS with DYNDNS.org|
|Dial, direct serial: PPP, PAP/CHAP, SLIP|
|HTTP tunneling enables firewall-safe access to remote serial devices across the internet|
|Automatic DNS update: Utilize DHCP Opt 81 to set IOLAN domain name for easy name management and with Dynamic DNS support , users on the Internet can access the device server by name without having to know its IP address.|
|IPSEC VPN client/servers: Microsoft IPSEC VPN Client, Cisco routers with IPSEC VPN feature set, Perle IOLAN SDS, SDG, STS, STG, SCS, SCG, and SCR models|
|OpenVPN: Clients & Servers|
|Logging, Reporting & Alerts|
|Email alert notification|
|Syslog, Event Type, Report Type, Alerts & Monitoring, Triggers Status Screen Report, Data Usage, Diagnostic, Login Banner|
|Accessing Console Management Ports (Serial & Ethernet)|
|Serial Protocols: PPP, PAP/CHAP, SLIP|
|Connect directly using Telnet / SSH by port and IP address|
|Use an internet browser to access with HTTP or secure HTTPS|
|Java-free browser access to remote serial console ports via Telnet and SSH|
|Ports can be assigned a specific IP address|
|Multisession capability enables multiple users to access ports simultaneously|
|Multihost access enables multiple hosts/servers to share serial ports|
|Console Management Functions|
|Sun / Oracle Solaris Break Safe|
|Local port buffer viewing - 256K bytes per port|
|External port buffering via NFS, encrypted NFS and Syslog|
|Windows Server / Azure - SAC support GUI access to text-based Special Administrative Console|
|Terminal Server Functions|
|SSH v1 and v2|
|Auto session login|
|LPD, RCP printer|
|MOTD - Message of the day|
|Serial to Ethernet functions|
|Tunnel raw serial data across Ethernet - clear or encrypted|
|Raw serial data over TCP/IP|
|Raw serial data over UDP|
|Serial data control of packetized data|
|Share serial ports with multiple hosts/servers|
|Virtual modem simulates a modem connection - assign IP address by AT phone number|
|Virtual modem data can be sent over the Ethernet link with or without SSL encryption|
|TruePort com/tty redirector provides fixed TTY or COM ports to serial based applications enabling communication with remote devices connected to Perle IOLAN's either in encrypted or clear text modes.|
|TrueSerial packet technology provides the most authentic serial connections across Ethernet ensuring serial protocol integrity|
|RFC 2217 standard for transport of serial data and RS232 control signals|
|Customizable or fixed serial baud rates|
|Serial encapsulation of industrial protocols such as ModBus, DNP3 and IEC-870-5-101|
|ModBus TCP gateway enables serial Modbus ASCII/RTU device connection to ModBus TCP|
|Data logging will store serial data received when no active TCP session and forward to network peer once session re-established - 32K bytes circular per port|
|Virtual Router Redundancy Protocol (VRRPv3) enables a group of devices to form a single virtual device to provide network redundancy|
|Primary/Backup host functionality enables automatic connections to alternate hosts|
|Routing / Switching Protocols|
|The IOLAN can be configured for any of the major routing protocols for an easy integration within the data center Ethernet backbone: RIP/RIPNg, OSPFv3, BGP-4, NAT, IPv4/IPv6, Static Routing, IPv6 Encapsulations (GRE, 6in4), Port Routing, STP, MSTP|
|IPv6 to IPv4 translation is fully supported for environments where the Ethernet data backbone is run on IPv6 and the port management is run on IPv4|
|Using NAT for enhanced security, the IOLAN can map a single IP address, across all or several of it's Ethernet ports.|
|DDNS, DNS Proxy / Spoofing, relay, client, Opt. 82,|
|NTP & SNTP (versions 1, 2, 3, 4)|
|DHCP / DHCPv6 server / DHCP Snooping & BOOTP|
|VLAN & VPN|
|VLAN, OpenVPN, VPN Failover (16 concurrent VPN tunnels)|
|IPSec VPN: NAT Traversal, ESP authentication protocol|
|Ability to set up firewalls to restrict incoming and outgoing packets|
|Built in Zone-Based Policy Firewall for local security and traffic filtering.|
|Access Control Lists (list & ranges & time)|
|Filter based on MAC Address, IP, Port, Protocol, User|
|IEEE 802.1x Authentication and Port Security can be enabled for any Ethernet port for increased security port access.|
|Layer 2 MAC address filtering|
|AAA Security via remote authentication (Radius, TACACS+, & LDAP)|
|Trusted host filtering (IP filtering), allowing only those hosts that have been configured in the host table access to the router.|
|Ability to disable services (for example, Telnet, TruePort, Syslog, SNMP, Modbus, HTTP) for additional security|
|Ability to disable Ping responses|
|SSH client/server connections (SSH 1 and SSH 2). Supported ciphers are Blowfish, 3DES, AES-CBC, AES-CTR, AES-GMC, CAST, Arcfour and ChaCha20-Poly1305. Ability to individually disable network services that won’t be used by the SSH client/server connections.|
|SSL/TLS client/server data encryption (TLS v1.2)|
|SSL Peer authentication|
|SSL encryption: AES-GCM, key exchange ECDH-ECDSA, HMAC SHA256, SHA384|
|Encryption: AES (256/192/128), 3DES, DES, Blowfish, CAST128, ARCFOUR(RC4), ARCTWO(RC2)|
|Hashing Algorithms: MD5, SHA-1, RIPEMD160, SHA1-96, and MD5-96|
|Key exchange: RSA, EDH-RSA, EDH-DSS, ADH|
|VPN: OpenVPN & IPSec VPN (NAT Traversal, ESP authentication protocol)|
|Certificate Support (X.509)|
|Certificate authority (CA) list|
|RIP authentication (via password or MD5)|
|2 Factor (2F) Authentication over e-mail enhances administration access security|
|Management Access Control|
|Demilitarized Zone (DMZ)|
|Secure HTTP/HTTPS/FTP/Telnet Authentication Proxy|
|SNMP v3 Authentication and Encryption support|
|IP Address filtering|
|Disable unused daemons|
|Active Directory via LDAP|
|IPv6, IPv4, TCP/IP, Reverse SSH, SSH, SSL, IPSec/IPv4, IPSec/IPv6, IPSec, RIPV2/MD5, ARP, RARP, UDP, UDP Multicast, ICMP, BOOTP, DHCP, TFTP, SFTP, SNTP, Telnet, raw, reverse Telnet, LPD, RCP, DNS, Dynamic DNS, WINS, HTTP, HTTPS, SMTP, SNMPV3, PPP, PAP/CHAP, SLIP, CSLIP, RFC2217, MSCHAP|
Hardware Specifications - IOLAN SCG M Secure Console Server
|Processor||1750 MIPS, 500 MHz core 32 bit ARM processor, with integrated hardware encryption processor|
|Integrated Device Management Ports||2 x USB 3.0|
|Modular Device Management Ports||
Create 18, 34, or 50-port SCG Console Servers using any combination of 16-port module cards to support all types of admin ports in one Console Management solution:
|Sun / Solaris||Sun / Oracle ‘Solaris' Safe - no "break signal" sent during power cycle causing costly server re-boots or downtime|
|Serial Port Speeds||50bps to 230Kbps with customizable baud rate support|
|Data Bits||Configurable for 5,6,7 or 8-bit protocol support
Use TruePort to transparently pass 9-bit serial data
|Parity||Odd, Even, Mark, Space, None|
|Flow Control||Hardware, Software, Both, None|
|Serial Port Protection||15Kv Electrostatic Discharge Protection (ESD)|
|Local Console Ports||1 x RS232 RJ45
1 x Micro USB with DB9 adapter
|Network||2 x 10/100/1000Base-T RJ45 Copper
2 x 100/1000Base-X Fiber SFP Ports
Note: Any combination of two network ports can be used.
Software selectable Ethernet speed 10/100/1000, Auto
Software selectable Half/Full/Auto duplex
|Micro SD Card slot||Yes|
|Ethernet Isolation||1.5Kv Magnetic Isolation|
|Integrated Modem||Integrated V.92/V.90 modem with RJ11 jack|
|Front Panel LCD Display and Keyboard Indicators|
|Network Link Activity
Serial Tx/Rx data per port
Network Link Activity
|Heat Output (BTU/HR)||IOLAN SCG18: 54.59
IOLAN SCG34: 76.77
IOLAN SCG50: 98.95
Calculation model based on MIL-HDBK-217-FN2 @ 30 °C
|Operating Temperature||0C to 55C, 32F to 131F|
|Storage Temperature||-40C to 85C, -40F to 185F|
|Humidity||5 to 95% (non condensing) for both storage and operation.|
|Case||SECC Zinc plated sheet metal (1 mm)|
|Ingress Protection Rating||IP30|
|Mounting||1U - 19" rack, front and rear mounting hardware included|
|Emissions||FCC 47 Part 15 Subpart B Class A
EN61000-3-2 Limits for Harmonic Current Emissions
EN61000-3-3 Limits of Voltage Fluctuations and Flicker
EN 61000-4-2 (ESD): Contact:
EN 61000-4-3 (RS):
EN 61000-4-4 (EFT):
EN 61000-4-5 (Surge):
EN 61000-4-6 (CS):
EN 61000-4-8 (PFMF)
|Safety||UL/EN/IEC 62368-1 (previously 60950-1)
CAN/CSA C22.2 No. 62368-1
|Other||Reach, RoHS and WEEE Compliant
CCATS - G168387
ECCN - 5A992
HTSUS Number: 8517.62.0020
Perle Limited Lifetime warranty
|Power||Dual AC Models||Dual Feed DC Models|
USA: IEC320-C13 to NEMA 5-15P line cord
UK: IEC320-C13 to BS1363 line cord
EU: IEC320-C13 to CEE 7/7 Schuko
South Africa: IEC320-C13 to BS546 line cord
Australia: IEC320-C13 to AS3112 line cord
|Terminal Blocks with screw terminals accommodating 28 - 12 AWG wire sizes.|
|Nominal Input Voltage||110/230v AC||48v DC|
|Input Voltage Range||100-240v AC||24- 60v DC|
|AC Input Frequency||47-63Hz||-|
|Current Consumption||@ 100v (Amps)
IOLAN SCG18: 0.17
IOLAN SCG34: 0.23
IOLAN SCG50: 0.29
@ 240v (Amps)
IOLAN SCG18: 0.06
IOLAN SCG34: 0.09
IOLAN SCG50: 0.12
|@ 48v DC (Amps)
IOLAN SCG18: 0.17
IOLAN SCG34: 0.23
IOLAN SCG50: 0.29
|Typical Power Consumption||16 Watts|
|Note: USB cards can use an additional power of 2.5 Watts per port up to a max of 8 Watts total|
|Power Line Protection||Fast transients: 1 KV (EN61000-4-4 Criteria B)
Surge: 2KV (EN61000-4-5 common mode), 1KV (EN61000-4-5 differential and common modes)
|Weight and Dimensions||Dual AC Models||Dual Feed DC Models|
|Product Weight||IOLAN SCG18: 3.26 kg / 7.19 lbs
IOLAN SCG34: 3.43 kg / 7.56 lbs
IOLAN SCG50: 3.60 kg / 7.94 lbs
|IOLAN SCG18: 3.17 kg / 6.99 lbs
IOLAN SCG34: 3.34 kg / 7.36 lbs
IOLAN SCG50: 3.50 kg / 7.72 lbs
|Product Dimensions||1U Rack form factor - 26.4 x 43.4 x 4.4 (cm), 10.38 x 17.1 x 1.75 (in)|
|Shipping Weight||IOLAN SCG18: 4.20 kg / 9.26 lbs
IOLAN SCG34: 4.37 kg / 9.63 lbs
IOLAN SCG50: 4.54 kg / 10.01 lbs
|IOLAN SCG18: 4.11 kg / 9.06 lbs
IOLAN SCG34: 4.28 kg / 9.43 lbs
IOLAN SCG50: 4.44 kg / 9.79 lbs
|Shipping Dimensions||59 x 36 x 9 (cm), 23.22 x 14.17 x 3.54 (in)|
|IOLAN G16 RS232 Card RJ45 Serial Connector Pinout - DCE mode (Straight-through)|
|IOLAN G16 RS232 Card RJ45 Serial Connector Pinout - DTE mode (Rolled)|
|(A rolled RJ45 cable will automatically perform DTE to DCE crossover)|
|IOLAN G16 RS-Multi Card RJ45 Serial Connector Pinout|
|Pinout||Direction||EIA-232||EIA-422||EIA-485 Full Duplex||EIA-485 Half Duplex|
|Data Center Console Management|
Using RAW TCP Sockets
A raw TCP socket connection which can be initiated from the serial-Ethernet device or from the remote host/server. This can either be on a point to point or shared basis where a serial device can be shared amongst multiple devices. TCP sessions can be initiated either from the TCP server application or from thePerle IOLAN serial-Ethernet adapter.
Using Raw UDP Sockets
For use with UDP based applications, Perle IOLANs can convert serial equipment data for transport across UDP packets either on a point to point basis or shared across multiple devices.
For access to remote console ports on routers, switches,etc, Perle IOLAN’s enable administrators secure access to these RS232 ports via inband Reverse Telnet / SSH or out of band with dial-up modems. Perle IOLAN models with integrated modems are available.
Connect Serial-based Applications with a COM/TTY Port Driver
Serial ports can be connected to network servers or workstations running Perle's TruePort software operating as a virtual COM port. Sessions can be initiated either from the Perle IOLAN or from TruePort.
Serial Tunneling between two Serial Devices
Serial Tunneling enables you to establish a link across Ethernet to a serial port on another IOLAN. Both IOLAN serial ports must be configured for Serial Tunneling (typically one serial port is configured as a Tunnel Server and the other serial port as a Tunnel Client).
Enables the serial-Ethernet adapter to simulate a modem connection. When connected to the IOLAN and initiates a modem connection, the IOLAN starts up a TCP connection to another IOLAN serial-Ethernet adapter configured with a Virtual Modem serial port or to a host running a TCP application.