Products that aren't designed for Windows XP or Windows 2000

Anti-Windows Catalog

We practice what we preach at Pan-Am Internet Services

Search Products By:

Do as we say, not as we do: Cisco TAC

Written by Gordon Fecyk, 4/24/2010

Cisco preaches Least Privilege, but doesn't seem as worried about that in their own products. If you're really worried, they have another product for you.

Properly licensed and paid-for, of course.

CISCO SYSTEMS TREATS every computer security problem as a network security problem. Like treating every problem as a nail when your only tool is a hammer, Cisco has a product to cure every computer security ill, even when it isn't network-related. Toss in their stringent certification regimen that churns out trained network ninjas, and they have a self-perpetuating marketing machine that solves and creates and solves (again) computer security problems.

If Cisco could create a networking appliance that would prevent users from spilling coffee on their keyboards, they'd have a product for you. Only then they'd need another product that would make sure you can still work after their coffee-guard product stops you from working.

They even have a networking product that's supposed to do better than conventional anti-virus software... not that it takes much effort to do that, but that's how absurd their product line gets.


AND I MEAN 'SELF-PERPETUATING' when I say it. Cisco even has a product called "Cisco Security Agent" that, among other things, can prevent unauthorized software from running on a Windows PC. But why would you want something like that when your Windows PC can prevent that all by itself? Probably because some of Cisco's other applications make you turn that built-in protection off.

At least Cisco's support people are honest about their irony. According to a support person from their TAC team:

After discussing with the [developers of CCP], it is my understanding that [this bug on CCP] is by design. Essentially CCP is a tool catered for network admins and it is expected the user will have admin privileges on the machine where they install and use the software.

Furthermore, the [business unit?] has no current plans to change this behavior.

Now I'm all for Cisco's preaching the Principle of Least Privilege and all that, but here Cisco's TAC team is telling me, "Do as we say, not as we do."

And what should I have to worry about? I'm using Cisco CSA, Cisco NAC, Cisco ASA, Cisco ACS, and Cisco MARS in my all-Cisco environment aren't I? All properly licensed and paid-for? I should be able to use my Windows PC with full local admin access, right?

Wrong. All of this after-the-fact garbage makes no difference in the face of new, real computer security threats.

It's all about standards. I just want the best.

-- Gordon Ramsay

I expect no less from a company like Cisco Systems.


EVERY NON-CISCO NETWORK product I've used works with what I call safe computing on a Windows PC. In technobabble, this means I practice the Principle of Least Privilege with all of my non-Cisco gear. I can even administer Active Directory and Exchange Server without admin access on my local PC.

I demand no less from Cisco gear, but Cisco doesn't seem as worried about that sort of thing. After all, if you're really worried, they have another product for you.

Properly licensed and paid-for, of course.

Related Links:

Editor Log On:
Sign up to get an editor account.

Username:

Password:

[Catalog Home]

Resources:

Links

Downloads

Product Roundups

What is the Anti-Windows Catalog?

Help for New Editors

Frequently Asked Questions

Recently Edited Categories:

Computers, Notebook

Media, Video

Game, Role Play

Scanner, ID Cards

Hospitality

Browse All Categories

Recent Commentaries:

The More Things Change, The More They Stay Secure

The devil you know, versus the Adobe you don't

Paying for things we get for free?

Jump! Jump! Jump! Jump! Or, Windows 8: Get Over It

Don't Fear the Start Screen

Browse All Commentaries

Pan-Am Home Page Valid HTML 4.01! All trademarks are property of their respective owners.