[scg-sec] Core vendors?

Wed Aug 18 16:26:24 EDT 2004

Its an old email thread but I figured with all the stuff going on now
would be a good time to review/update.
My list of IMPORTANT NE vendors (no longer talking core here but the
equipment that carries traffic or support same).

Cisco Yes 
Juniper Yes
Avici  NO
Foundry NO (we have some but only in hosting enviroments)
Prockett NO
Shasta YES (vpn/edge)
RiverStone YES (edge)
Extremes YES (layer two only)
Arbor YES but downtime doesn't DIRECTLY currently affect any products.

Solaris YES (DNS and other services)
FreeBsd YES (DNS and other services)

Donald.Smith at qwest.com GCIA
pgpFingerPrint:9CE4 227B B9B3 601F B500  D076 43F1 0767 AF00 EDCC
Everyday is virus day. Do you know where your recovery CDs are? Did u
create them yet?

> -----Original Message-----
> From: scg-sec-bounces at puck.nether.net 
> [mailto:scg-sec-bounces at puck.nether.net] On Behalf Of Jared Mauch
> Sent: Thursday, May 20, 2004 1:09 PM
> To: Wendy Garvin
> Cc: scg-sec at puck.nether.net
> Subject: Re: [scg-sec] Core vendors?
> 
> 
> 	Wendy,
> 
> 	When you say "core vendors"
> 
> 	I think of the people who make the centralized bits move
> about.
> 
> 	This means if I traceroute from wherever i am in the world to
> google, amazon, yahoo, ebay, etc.. whatever types of devices 
> i traverse
> to get to those websites are important.
> 
> 	now speaking from our perspective, we've build the 
> "core" portion
> of our network with Juniper and Cisco equipment, with some mix of
> other devices in your list for various functions.  These don't
> provide what I would call a "core" function that really truly matter
> but our customers do traverse these pieces of equipment to get to
> our core.
> 
> 	Now i know that others on this list are using the "A" vendor
> you have listed..
> 
> 	I don't consider Foundry a core product anymore after a lot
> of bad experiences with them, and only the "A" and "P" vendors
> are worth considering.
> 
> 	- jared
> 
> On Thu, May 20, 2004 at 11:32:39AM -0700, Wendy Garvin wrote:
> > 
> > Hiya folks,
> > 
> > I'm trying to get a comprehensive list of whom you consider 
> 'core' vendors.
> > By that, I mean vendors who you depend on for your core operations.
> > 
> > There's Cisco and Juniper. A few others might be:
> > 
> > Avici 
> > Foundry (anyone have a good contact over there?)
> > Prockett? (is anyone running these in production yet?)
> > Others?
> > 
> > (Once we define the boxes, we should define the 
> protocols/services that are
> > 'critical' - for example, if I get a vuln on SIP 
> signalling, I don't know
> > right now how that's going to affect you. Maybe you do 
> voice, maybe not. How
> > big of an impact might it have? I'll save that for another 
> email, though.)
> > 
> > How about non routing platforms: Solaris for root servers? 
> Anyone running
> > these on MS, Linux, BSD?
> > 
> > Are Arbor and Riverhead considered Critical yet? Are we 
> worried yet that
> > someone is depending on a Riverhead box for protection, and 
> there's an
> > attack that takes it out first, then takes out the 
> customer? Similarly, are
> > Arbor boxes so critical for monitoring that if someone 
> takes one out, they
> > could slip another attack by while it's down?
> > 
> > I'm mostly trying to make sure that for the theoretical 
> next critical
> > fundamental protocol vulnerability, we know we've got the 
> right vendors
> > contacted.
> > 
> > -Wendy
> > 
> > -- 
> > Wendy Garvin - Cisco PSIRT - 408 525-1888 CCIE# 6526
> > ----------------------------------------------------
> >            http://www.cisco.com/go/psirt
> > _______________________________________________
> > scg-sec mailing list
> > scg-sec at puck.nether.net
> > https://puck.nether.net/mailman/listinfo/scg-sec
> 
> -- 
> Jared Mauch  | pgp key available via finger from jared at puck.nether.net
> clue++;      | http://puck.nether.net/~jared/  My statements 
> are only mine.
> _______________________________________________
> scg-sec mailing list
> scg-sec at puck.nether.net
> https://puck.nether.net/mailman/listinfo/scg-sec
> 
> 