> The interesting thing about OOB on most modern servers is that its a separate, physical NIC. Not only is that easily VLAN able
On lower grade servers OOB is using main NIC. It's still possible (in all implementation I have seen, which is not too many) to have OOB in VLAN.
> a more security conscious datacenter could even air-gap the out of band LAN!
1. If you air-gap remote management, you take away it's function.
2. It's not possible to truly air-gap OOB if servers with OOB are not air-gapped (it's theoretically possible to use server to get into OOB network by exploiting/flashing custom OOB from OS).
On lower grade servers OOB is using main NIC. It's still possible (in all implementation I have seen, which is not too many) to have OOB in VLAN.
> a more security conscious datacenter could even air-gap the out of band LAN!
1. If you air-gap remote management, you take away it's function.
2. It's not possible to truly air-gap OOB if servers with OOB are not air-gapped (it's theoretically possible to use server to get into OOB network by exploiting/flashing custom OOB from OS).