Kaspersky SD-WAN
2.1
English
Managing CPE devices  >  Out-of-band management of CPE devices

Out-of-band management of CPE devices

As part of the deployed Kaspersky SD-WAN solution, the orchestrator interacts with CPE devices via an overlay SD-WAN network and is in-band. However, the solution also supports out-of-band management (hereinafter also referred to as OOB management), which involves the exchange of control traffic between the orchestrator and the devices through the underlay network via HTTPS or TLS without using links.

OOB management lets you manage and diagnose CPE devices even in the absence of established links. For example, you can use OOB management if you are using only local breakout connection points or when the SD-WAN suffers an accident.

After registration, the CPE device starts sending API requests to the orchestrator at a certain interval to retrieve new configurations. This time interval is specified when configuring the connection of the device to the SD-WAN in the Update interval (sec.) field.

When you make changes to the CPE device configuration in the web interface, the orchestrator saves the new configuration with the Waiting status. The device, in turn, receives this configuration the next time an API request is sent, and the configuration gets the Executing status. If the configuration is applied successfully, the device notifies the orchestrator, after which the configuration gets the Executed status. If the device reports that the configuration could not be applied, the status changes to Error.

Before applying the new configuration to the CPE device, the current configuration is copied. If the device cannot send a confirmation message to the orchestrator after successfully applying the new configuration, it is rolled back to the previous version after 3 attempts. In this case, the configuration on the orchestrator also changes to the Error status.

You can view configuration statuses on an individual CPE device.

To view the configuration statuses:

  1. In the menu, go to the SD-WAN section.

    By default, the CPE subsection is displayed with a table of CPE devices.

  2. Click the CPE device.

The settings area is displayed in the lower part of the page. You can expand the settings area to fill the entire page by clicking the expand button . The configurations and their statuses are displayed in the Out-of-band management table.

Article ID: 251415, Last review: Aug 21, 2024
Page top