mysidia at gmail.com
Sat Nov 21 01:55:14 UTC 2015
On Fri, Nov 20, 2015 at 2:37 PM, Kevin Burke
<kburke at burlingtontelecom.com> wrote:
> What kind of experience do people have with rack access control systems
> (electronic locks)? Anything I should pay attention to with the
Overpriced, overkill for most real-world uses?
High-Tech technology for technology's sake?
Avoid them if you can. Within six months or so, at least once, there will
probably be some glitch delaying or denying required prompt access.
> We have half a dozen racks, mostly ours. Mostly I want something to log
> who opened what door when. Cooling overhaul is next on the list but one
It probably makes sense if there are more than a handful of people with
unobserved physical access, and high frequency of access, or there's a
trust issue, high-risk consideration. Or you have to satisfy a
You're not going to be able to look at a log and see Joe opened it at 2:45AM
12 months ago, and ever since then, the servers are not quite right.
Consider manual procedures
Example: Electronic access control to the actual rooms.
A Robo-Key system (RKS), Keyvault, or Realtor lockboxes on
each server rack ^_^
Physical locks on cabinets. Key vault that supports multiple combinations.
Then you don't need exotic hardware, just a good lock, and sound key control
I am imaging if you need to automate control of individual keys;
that there will be more competing solutions for this than specialty rack locks.
Logging procedures for key access...
Send an e-mail when someone opens the vault.
Simple magnetic reed switches on all cabinet doors.
Send an e-mail when a cabinet door is opened.
Quite a few standard alarm panels can do those types of things.
Assign someone to periodically check handwritten logs and check for
> at a time. Even with cameras those janky make nobody happy.
More information about the NANOG