Avocent 5240 사용자 설명서

 Chapter 1: Introduction        3

Figure 1.1 is a conceptual illustration of a secure path between a remote user and an SP through the 
MergePoint 5224/5240 SP manager. A remote user is shown, but users may also be locally located, 
on the same LAN. In Figure 1.1, the remote user accesses the MergePoint 5224/5240 SP manager 
through a network connection to the public Ethernet port. Users may also dial into the MergePoint 
5224/5240 SP manager through an optional external modem or PC modem card.

In Figure 1.1, the dedicated Ethernet port of an SP is separate from the server’s Ethernet ports. The 
SP’s dedicated Ethernet port is connected to one of the SP manager’s private Ethernet ports. 

The IP address of the public Ethernet port is the only publicly defined IP address used for 
out

-

of

-

band management of all connected SPs, which reduces the deployment costs for the SPs.

Each target device is configured with a private designated IP address and, at the administrator’s 
discretion, each target device may also have a virtual IP address. If virtual addresses are defined, 
users may be allowed to see a target device’s virtual IP address but not to see the target device’s 
privately defined IP address. 

After the user selects the desired management action, the MergePoint 5224/5240 SP manager then 
creates a secure connection between the user and the SP, acting as a proxy on behalf of the user. 
While the user is performing any SP management action, the connection between the MergePoint 
5224/5240 SP manager and the SP is kept separate and protected from the connection between the 
user and the MergePoint 5224/5240 SP manager. Nothing that happens on the private network is 
exposed to the public network. Depending on the mode of access (either by browser or by SSH), 
either HTTPS or SSH is always being used to protect communications that are transported on the 
public network between the user and the MergePoint 5224/5240 SP manager.