To assist anybody who is wondering about similar questions, I have had recent discussions with McAfee and:
- Mgmt 1 is used for all inbound and outbound communications with the other SIEM components, as well as GUI/console access. Mgmt 2 can be reconfigured to accept connections to the GUI if needed.
- After the above response, clarification was received to advise: You can use both Mgmt 1 and Mgmt 2 for communicating with devices (only Mgmt 1 is used out of the box). Main issue is routing, as static routes will need to be configured (not confirmed, but I believe this would need to be via the CLI as root - and there is no [current] guarantee that those static routes would remain if updates/upgrades carried out. Need to confirm if this is formally supported)
- Mgmt 3 and Mgmt 4 are not currently used, and any future use for them has not yet been defined
- As of 9.3.2, a NIC bonding feature has been added, allowing the same IP to be added to Mgmt 1 and Mgmt 2 if they are connected to two separate switches, allowing for switch redundancy. Need to confirm if this can be used for link aggregation (related, but different)
So you could use the Mgmt 2 port to plug in an IP KVM? Or would you use 3 or 4 for that?
As I cannot edit my post from May 12, please be advised that the information in that reply pertains to the ESM/ETM, and not the ERC (the ERC obviously does not have a GUI!).
In response to above,
For a KVM, I believe that as of release 9.4, RMM3 / IPMI functionality will be available on all appliances (not sure of which port will be used however) - I think that the hardware already exists in the appliances, just hasnt been enabled for this purpose pre-9.4. For pre9.4, an IP KVM will be connected to the appliances as any KVM would be - the IP connection is made to the IP KVM, and the KVM is connected to the monitor and keyboard connectors on the appliance.