nanog mailing list archives
Re: NSP-SEC
From: Valdis.Kletnieks () vt edu
Date: Mon, 22 Mar 2010 09:08:35 -0400
On Sat, 20 Mar 2010 21:06:25 BST, Guillaume FORTAINE said:
you make an informed security decision. Cisco should examine its patching schedule in light of the September 24th announcement; every six months is not acceptable.
but then,,,
3) Testing, Testing, Testing In this case we have a great example of why every network device needs to be realistically tested under a variety of scenarios, both security and performance driven.
Cognitive dissonance, anybody? :) To paraphrase the old saying - frequent, well-tested, cheap - pick any two. Sure - Cisco *could* release well-tested patch kits once a month, but it's going to cost you. Remember that Microsoft can amortize the cost of its QA labs across several hundred million customers, so each one only has to pay a few dollars. Cisco has to split that cost across a few thousand customers - each customer's share of the bill is going to be higher. You want it once a month rather than once very six months, and just as well tested? It's going to cost *at least* six times as much. Probably more. So - just how much bigger a check you want to write to Cisco for support (whether it's a yearly contract, or bundled into the unit's purchase price)?
Attachment:
_bin
Description:
Current thread:
- Re: NSP-SEC - should read Integrity, (continued)
- Re: NSP-SEC - should read Integrity Patrick W. Gilmore (Mar 19)
- Re: NSP-SEC - should read Integrity Guillaume FORTAINE (Mar 19)
- Open Security (was Re:[a string that stops delivery here]) Larry Sheldon (Mar 19)
- Re: NSP-SEC Justin M. Streiner (Mar 19)
- Re: NSP-SEC Hank Nussbacher (Mar 20)
- Re: NSP-SEC William Pitcock (Mar 20)
- Re: NSP-SEC Justin M. Streiner (Mar 20)
- Re: NSP-SEC Hank Nussbacher (Mar 20)
- Re: NSP-SEC Guillaume FORTAINE (Mar 20)
- Re: NSP-SEC Gadi Evron (Mar 20)
- Re: NSP-SEC Valdis . Kletnieks (Mar 22)
- Re: NSP-SEC Guillaume FORTAINE (Mar 22)
- Re: NSP-SEC Randy Bush (Mar 22)
- Re: NSP-SEC Andrew D Kirch (Mar 22)
- Re: NSP-SEC Valdis . Kletnieks (Mar 22)
- Re: NSP-SEC Guillaume FORTAINE (Mar 23)
- Re: NSP-SEC Valdis . Kletnieks (Mar 23)
- Re: NSP-SEC Nick Hilliard (Mar 23)
- Re: NSP-SEC Guillaume FORTAINE (Mar 20)
- Re: NSP-SEC Sean Donelan (Mar 20)
- Re: NSP-SEC Gadi Evron (Mar 20)