Cisco, Palo Alto, Dell, etc... - Bugs in network hardware

rdrumrdrum Posts: 3Registered Users ■□□□□□□□□□
90% of my daily work is with Cisco hardware, with the other 10% being a mix of HP / Aruba switching and a few other big names on the firewall side.

My question is whether or not manufacturers outside of Cisco experience bugs? If so, is this a common occurrence?

I've seen plenty of threads online with people asking who is better, and then a big list of vendor bashing takes place. That's not my intent of this question, but more recently I have run into countless confirmed bugs with Cisco gear (security, routing, wireless). I'm just curious if the same happens with other vendors. I've seen some weird stuff with Sonicwall firewalls in the past, but again, most of my work is Cisco, and then a bit of HP / Aruba switching, so working in a consulting role with a single manufacturer, I'm sure bugs are more likely to pop up.

Would appreciate any feedback.

Comments

  • IristheangelIristheangel ABL - Always Be Labbin' Pasadena, CAPosts: 4,098Mod Mod
    Yes, every vendor has bugs. The larger the customer base and company size, the more you will hear about the bugs but they exist with every vendor.
    BS, MS, and CCIE #50931
    Blog: www.network-node.com
    Bonus TE Fun: Nerd Photos
  • the_Grinchthe_Grinch Posts: 4,118Member ■■■■■■■■■■
    Bugs are a security professionals bread and butter. Humans write code and thus flaws exist. I'd even go so far as to say there is no technology that doesn't have a bug or flaw of some kind.
    WIP:
    Python
    Java
  • hurricane1091hurricane1091 Posts: 918Member
    Thanks Cisco for releasing an ASA patch, then letting us know days later we need to upgrade again. I love waking up at 5:30 to reload some firewalls.
  • UnixGuyUnixGuy Are we having fun yet? Posts: 3,823Mod Mod
    What Iris said


    I worked with servers vendors before and most of them have bugs releases on a weekly basis sometimes...it doesn't mean you NEED to apply all those patches on a weekly basis. This is where your vulnerability management team (if they exist) come into play. Some bugs are categorized as CRITICAL by vendors but when you understand they're not so critical..

    while some bugs are categorized Medium (for example Microsoft categories Privilege escalation as Medium...) when in fact they can be fairly damaging....

    again assess the patches and where the devices are located within your network. Hardware/Firmware/OS/server etc...they all have bug fixes and improvements constantly pushed..RedHat/Oracle/Cisco/HP/etc..they all do it. It's part of the Software lifecycle..

    Have you been updating your iPhone lately? ;)
    Goal: MBA, March 2020
  • rdrumrdrum Posts: 3Registered Users ■□□□□□□□□□
    Appreciate the feedback so far. I kinda figured bugs were throughout different manufacturers; I just don't work with many outside of Cisco in my current role, and in previous roles networks were larger, but they were less complex. We just didn't run into cases where specific bugs caused bigger user impact.

    @hurricane1091 - Yes, that is certainly one that stands out. We saw webvpn configs and certificates get ripped out as a result of the patches in the 9.8 train. It made for a busy couple of weeks, and we're still patching, but it was interesting to see.

    I'm still a fan of Cisco gear, but I'm a little quicker to open TAC cases than double-checking my work now.
  • yoba222yoba222 Posts: 882Member ■■■■□□□□□□
    Instead of taking our word for it, see them for yourself.
    https://www.cvedetails.com/vendor.php
    Obtained: A+ | Network+ | Security+ | CySA+ | PenTest+ | CAPM | eJPT | CCNA R&S | CCNA CyberOps | GCIH | LFCS
    2018: Virtual Hacking Labs
    2019: eCPPT &/or OSCP | CISSP
Sign In or Register to comment.