[c-nsp] Giving customers access to your gear.
Sam Stickland
sam_mailinglists at spacething.org
Wed Jun 4 11:39:23 EDT 2008
Richey wrote:
> I've got a customer with a T1. They have been bought out by a large hotel
> chain. They are pretty much demanding that they have SNMP full read access
> to our router that is at their location as well as a copy of the config for
> the router. This is not their router, it is ours and we fully manage our
> router and hand them Ethernet. This seems a little odd that they want
> access to our gear, and I am not too keen on giving them access unless they
> are willing to accept some responsibility. They don't want to accept any
> responsibility for the access they would have to this box. They say that
> Verizion and AT&T don't have any problems giving them this kind of access to
> their gear.
>
>
>
> Any thoughts from the group
Well, from another angle, we've asked for - and been given - this access
from major providers without incident. At my current place of employment
we have a large MPLS L3 VPN provided by Cable & Wireless and we have
SNMP RO and SSH access on all of the deployed PEs. The SSH access is
command authorisation limited - there is no show run for example - and
we use C&W provided RSA tokens.
Telstra (one of our upstream providers) actually asked to have SNMP RO
access to our end of the BGP handoff.
Sam
More information about the cisco-nsp
mailing list