NSP-SEC

Valdis.Kletnieks at vt.edu Valdis.Kletnieks at vt.edu
Mon Mar 22 13:08:35 UTC 2010


On Sat, 20 Mar 2010 21:06:25 BST, Guillaume FORTAINE said:

> you make an informed security decision. Cisco should examine its 
> patching schedule in light of the September 24th announcement; every six 
> months is not acceptable.

but then,,,

> 3) Testing, Testing, Testing
> 
> In this case we have a great example of why every network device needs 
> to be realistically tested under a variety of scenarios, both security 
> and performance driven.

Cognitive dissonance, anybody? :)

To paraphrase the old saying - frequent, well-tested, cheap - pick any two.

Sure - Cisco *could* release well-tested patch kits once a month, but it's
going to cost you.  Remember that Microsoft can amortize the cost of its
QA labs across several hundred million customers, so each one only has to
pay a few dollars.  Cisco has to split that cost across a few thousand
customers - each customer's share of the bill is going to be higher. You
want it once a month rather than once very six months, and just as well
tested? It's going to cost *at least* six times as much. Probably more.

So - just how much bigger a check you want to write to Cisco for support
(whether it's a yearly contract, or bundled into the unit's purchase price)?


-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 227 bytes
Desc: not available
URL: <http://mailman.nanog.org/pipermail/nanog/attachments/20100322/9342e961/attachment.sig>


More information about the NANOG mailing list