[124061] in North American Network Operators' Group
Re: NSP-SEC
daemon@ATHENA.MIT.EDU (Valdis.Kletnieks@vt.edu)
Mon Mar 22 09:09:46 2010
To: Guillaume FORTAINE <gfortaine@live.com>
In-Reply-To: Your message of "Sat, 20 Mar 2010 21:06:25 BST."
<BLU0-SMTP86FA966991191CDC083275C8290@phx.gbl>
From: Valdis.Kletnieks@vt.edu
Date: Mon, 22 Mar 2010 09:08:35 -0400
Cc: nanog@nanog.org
Errors-To: nanog-bounces+nanog.discuss=bloom-picayune.mit.edu@nanog.org
--==_Exmh_1269263315_7098P
Content-Type: text/plain; charset=iso-8859-1
Content-Transfer-Encoding: quoted-printable
On Sat, 20 Mar 2010 21:06:25 BST, Guillaume FORTAINE said:
> you make an informed security decision. Cisco should examine its=20
> patching schedule in light of the September 24th announcement; every si=
x=20
> months is not acceptable.
but then,,,
> 3) Testing, Testing, Testing
>=20
> In this case we have a great example of why every network device needs =
> to be realistically tested under a variety of scenarios, both security =
> and performance driven.
Cognitive dissonance, anybody? :)
To paraphrase the old saying - frequent, well-tested, cheap - pick any tw=
o.
Sure - Cisco *could* release well-tested patch kits once a month, but it'=
s
going to cost you. Remember that Microsoft can amortize the cost of its
QA labs across several hundred million customers, so each one only has to=
pay a few dollars. Cisco has to split that cost across a few thousand
customers - each customer's share of the bill is going to be higher. You
want it once a month rather than once very six months, and just as well
tested? It's going to cost *at least* six times as much. Probably more.
So - just how much bigger a check you want to write to Cisco for support
(whether it's a yearly contract, or bundled into the unit's purchase pric=
e)?
--==_Exmh_1269263315_7098P
Content-Type: application/pgp-signature
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (GNU/Linux)
Comment: Exmh version 2.5 07/13/2001
iD8DBQFLp2vTcC3lWbTT17ARAonDAJ9Mzll/dbiC8CnlwfWbdweOI7WPvQCg5VPL
b6R330p2poI2fPmsIE4H+Go=
=gc8z
-----END PGP SIGNATURE-----
--==_Exmh_1269263315_7098P--
