[svlug] Switches (was: Re: on proprietary hardware and licenses...)
Luke S Crawford
lsc at prgmr.com
Sun May 18 13:42:15 PDT 2008
Mark Weisler <mark at weisler-saratoga-ca.us> writes:
...snip "Cisco software is really expensive, even if the h/w is reasonably
priced used" discussion.
> To me, this is an interesting analysis of proprietary commercial hardware
> and software in a world changing rapidly with offerings such as m0n0wall,
> netfilter/iptables, and many more that operate on generic hardware
I've seen lots of progress in the router field.
Switches, however, are another matter.
Sure, you never put the snmp address outside the firewall, but
Running old software is still kinda dangerous. I'd like to
replace my catalyst 2924 with something a little more modern, preferably
something that keeps ahead of the security updates.
Open-source managed-switch firmware would be pretty awesome, but I don't know
that such a thing exists. I'd be ok with closed-source stuff, if keeping
the switch up to date didn't cost more than a new (used) one.
are there better ideas besides just going unmanaged, or just using old
firmware revisions and disabling/firewalling vulnerabilities as they
become known? I know most of the consumer-grade switch manufacturers
offer managed models that can be had new at more reasonable prices-
are they any good?
More information about the svlug
mailing list