[c-nsp] Cisco Security Advisory: TCP State Manipulation Denial ofService Vulnerabilities in Multiple Cisco Products
Kevin Graham
kgraham at industrial-marshmallow.com
Thu Sep 17 15:46:44 EDT 2009
> On the other hand, do you remember how long did it take to run native IOS on
> 65xx with the majority (not all) of the CatOS features?
Considering "IOS Feature Parity" was an SXI objective, quite a bit. It took a
long time, but the fundamental difference is that eventual convergence was
always an objective and ongoing consideration. For example, later generations
of hardware such as Sup32-PISA and VS-720C dropped CatOS altogether (I seem to
recall hearing that dropping it with the original Sup720 was considered).
This allowed the underlying OS migration to be embarked upon independent of
capex cycles, such that for a many years, you never had to buy a device (ie.
chassis, line cards, etc) that would only be usable on for "the old OS that
we're not prepared to move off of yet".
Though there's always bumps, but the GSR (IOS->XR) and 6500 (CatOS->IOS) were
well-executed, customer focused migrations that allowed each to move forward
without alienating an existing install base and complicating future purchasing
decisions.
More information about the cisco-nsp
mailing list