[c-nsp] Re-licensing secondhand Cisco equipment
Gert Doering
gert at greenie.muc.de
Wed Jan 8 03:44:54 EST 2014
Hi,
On Tue, Jan 07, 2014 at 05:54:28PM -0500, Chris Marget wrote:
> FWIW, it seems that the security fixes might be available for free, so long
> as Cisco PSIRT recognizes a vulnerability in a particular bit of software.
> ...But the document describing that process suggests calling TAC, which
> doesn't usually go well if the serial number of the device isn't covered by
> a support contract...
> http://www.cisco.com/web/about/security/psirt/security_vulnerability_policy.html
It actually works out. We've done it a few times for devices that have
no contract anymore (because they are old and we have enough spares, like
for 7200/NPE-G1). Sometimes you have to beat them a few times with the
advisory and the sentence "free software for all" in it, but eventually
they get it.
So applause to Cisco PSIRT for making this happen.
OTOHO, the whole way Cisco treats the folks that have paid lots of money
for their hardware ("they are all lying software thieves, and we need
to invest lots of energy into our download portal to ensure that people
will never ever download a single image that we have not personally
cleared for them!") sucks.
I can see that they do not want to sell a box with "ip only" and have
the customer run "advanced enterprise plus" on it, without paying for
the extra license - but making software *updates* complicated and
restrictive is not the way to solve *that*...
gert
--
USENET is *not* the non-clickable part of WWW!
//www.muc.de/~gert/
Gert Doering - Munich, Germany gert at greenie.muc.de
fax: +49-89-35655025 gert at net.informatik.tu-muenchen.de
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 305 bytes
Desc: not available
URL: <https://puck.nether.net/pipermail/cisco-nsp/attachments/20140108/543265d2/attachment.sig>
More information about the cisco-nsp
mailing list