Chinese made switches anyone?

it_consultant

US nuke lab removes Chinese-made switches over security fears - U.S. News

Interestingly, the H3C switches look very similar to the 3COM/HP switches here in the US. These companies have been sued a couple of times for patent infringement so it wouldn't shock me if they did rip off 3COM.

My question is this, of all the switch manufacturers, your telling Los Alamos couldn't buy:

Avaya
Cisco
Juniper
Brocade
HP
Alcatel-Lucent
Extreme
Enteresys
Meraki

For their ethernet switches? If your the boss of Los Alamos, wouldn't it have occurred to you that using Chinese made switches [even if they are truly not a threat] would raise eyebrows?

meadIT

H3C and 3Com are the same. Just a different brand of the same company.

H3C - About H3C - HP Finalizes Acquisition of 3Com Corporation, Accelerates Converged Infrastructure Strategy

http://www.h3c.com/portal/About_H3C/News/Corporate_News/201004/670331_1515_0.htm wrote:

As a wholly owned subsidiary of 3Com, H3C will be integrated into HP after the transaction. H3C will be responsible for the sales & marketing, as well as service & support of networking products in Mainland China, Hong Kong and Macau. In countries outside of China, HP will continue to implement “China Out” strategy. The products developed and manufactured by H3C will be sold to the widest overseas market through HP’s global resources.

JustFred

Funny

it_consultant

meadIT wrote: »

H3C and 3Com are the same. Just a different brand of the same company.

H3C - About H3C - HP Finalizes Acquisition of 3Com Corporation, Accelerates Converged Infrastructure Strategy

They aren't the same - 3COM and H3C might be the same product line but the old ProCurves are different switches.

meadIT

Correct. The ProCurves are HPs. 3Coms (before HP started re-doing their code) shared code with the H3C switches, at least on the fixed port switches. I think the higher end modulars were a different code base.

HP now owns both 3Com and H3C. The HP A3600 is actually an re-branded H3C switch. http://h20000.www2.hp.com/bizsupport/TechSupport/DocumentIndex.jsp?lang=en&cc=us&contentType=SupportManual&prodTypeId=12883&prodSeriesId=4174765&docIndexId=64255&printver=true#0

veritas_libertas

There was a big brouhaha a few years back when the FBI realized there were a bunch of Cisco switches/routers being used by the government that were actually Chinese knockoffs: FBI: Counterfeit Cisco routers risk "IT subversion" | ZDNet

JDMurray

Purchased based primarily on low bid, I'd guess.

MentholMoose

HP is selling this hardware now, for example:

HP 5120-24G EI Switch - Access switches - fixed port - HP: JE066A#ABA

So maybe they bought an HP expecting an HP, but got an H3C instead. Unfortunately the article is sparse on details. The installation of H3C gear may have raised a red flag may at least in part due to the major vulnerabilities recently found in gear from Huawei-3Com (H3C, now part of HP). In the last 6 month, security researchers have been ripping them to shreds.

Expert: Huawei routers are riddled with vulnerabilities | Security & Privacy - CNET News
Superimposing Nothing Nowhere: HP/H3C and Huawei SNMP Weak Access to Critical Data

The DEFCON presentation slides are particularly condemning.

https://media.blackhat.com/ad-12/FX/bh-ad-12-FX-Huawei-slides.pdf

the_Grinch

All this really adds up to fear mongering. If they had some proof, I'd be more then ok with this. But to blindly go in and start pulling equipment that was paid for is just wasteful. I promise you when they initially brought this equipment, the program manager was being hounded to cut where they could because the tax payers wouldn't stand for high costs. Well you get what you pay for then. Besides, how many of these company actually build every piece in the US? You'd be hard pressed to find that.

MentholMoose

the_Grinch wrote: »

All this really adds up to fear mongering. If they had some proof, I'd be more then ok with this.

Based on the info provided by the article, I agree. It has mostly the same info that has been making the rounds in the mainstream press for a while. However, check out the links I posted above. Based on the major security vulnerabilities found in just the last few months, it is not unreasonable for security conscious organizations to avoid H3C networking gear for the time being, until H3C and HP fix the current problems and prove they are taking meaningful steps to help prevent future problems.

it_consultant

I think mentholmoose has it right, they may have thought they were getting what we all know and love as a HP ProCurve, not a 3COM dressed in HP clothing. I have actually made that mistake before - ordered what I thought was a regular pro curve and I got a 3COM. I mean...the box even said "3COM" on it when I got it. I RMA'd it for a "true" Pro Curve because my boss was unhappy .

Even then, low bid maybe but this is Los Alamos, they can afford to get the good stuff!

the_Grinch

I do agree with you that there are legit concerns, but do we know they didn't test the equipment prior to putting it in? I'd assume they have some very bright people working at Los Alamos doing network security and they'd know their network fairly well. I just hate war hawks in Congress crying foul on a topic they have little knowledge of. Can they spell IP? Probably not. Then let the experts handle it.

Mrock4

I'd be willing to bet they didn't test before purchasing them. I've seen too many times in gov't situations where a high ranking leader sees some new technology (at a trade show perhaps), and suddenly orders his folks to acquire those products. Even if untested..it happens..

MentholMoose

the_Grinch, it bothers me as well. But given the timing - multiple severe vulnerabilities in potentially similar gear found shortly prior - I think there is a chance they pulled the H3C gear for more than the ongoing unsubstantiated claims against Huawei. I'd assume PNNL is highly security-conscious and tests network equipment for security issues, but to what extent I don't know.

the_Grinch

Fair enough there is always more to a story then we know. I just see this suddenly spiraling out of control when all these manufacturers are using the same parts and plants to make their stuff. If they honestly expect me to believe that they source and secure each part then I have a bridge in Philly I'd like to sell them. Plus they make this seem like this is something new. As others have pointed out, the FBI had this issue years ago. Suddenly now it's a big issue? They probably already got the information they were looking for anyway.

My other issue is this is something we have done in the past, why do they seem so taken aback by it? During the first Iraq war we modified printers to send copies of everything they printed back to us. Why are we some how shocked that the Chinese are doing this? It just strikes me that you could run around in circles chasing every potential security flaw with every piece of equipment in your network. How do you balance this? It's a tough position to be in that's for sure.

deth1k

just about everything is made in china. so you either manufacture your own or go with whats available i.e chinese produce. this has been discussed on multiple forums before, there is no way to sniff or intercept traffic at line rate speeds it's only asumptions. this is more of a hatred between cisco and huawei, with second ones catching up in market shares etc.

ankit12690

this is really funny...

MickQ

What deth1k said is so true. Look at all the individual components and where they are made, shipped to and assembled.

After all, how can we in the EU trust HP, Cisco, etc. more than Huawei? At least we can be safe in the relative security that they've probably got more backdoors than a whorehouse in Washington DC.

Btw, Meraki are now Cisco

it_consultant

Meraki is Cisco, but their codebase is completely different - and it will be for a while. Original HP and 3COM aren't on the same codebase and that purchase went down a while ago.

Zartanasaurus

You can install Chinese made switches, but you just have to reinstall them an hour later.