[c-nsp] Re-licensing secondhand Cisco equipment

Chris Marget chris at marget.com
Tue Jan 7 17:54:28 EST 2014


On Tue, Jan 7, 2014 at 5:23 PM, Andrew Miehs <andrew at 2sheds.de> wrote:

> If you can't afford new Cisco hardware for production, then find another
> platform.

According to this thread, even those who can afford new Cisco hardware are
going to have a problem unless they can *also* afford a support contract.
See the previous notes about the ISRG2 from newegg or pcconnection, which
will ship with an unknown software version for about 40% off list ($1595,
right?). That's about "normal", and it comes from a genuine Cisco channel
partner.

You NEED to be able to update the software on the boxes. These devices
> become a danger to the Internet if you don't keep up to date with the
> security fixes.

I recognize this need. That's why I'm interested in buying software
licenses :)

FWIW, it seems that the security fixes might be available for free, so long
as Cisco PSIRT recognizes a vulnerability in a particular bit of software.
...But the document describing that process suggests calling TAC, which
doesn't usually go well if the serial number of the device isn't covered by
a support contract...
http://www.cisco.com/web/about/security/psirt/security_vulnerability_policy.html

Running them for a home lab is another story.
>
It's another story from the vulnerability perspective, but the same story
from the "am I entitled to run this software?" perspective, which is the
one I'd like to better understand.

/chris


More information about the cisco-nsp mailing list