1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.
Dismiss Notice

Welcome To SNBForums

SNBForums is a community for anyone who wants to learn about or discuss the latest in wireless routers, network storage and the ins and outs of building and maintaining a small network.

If you'd like to post a question, simply register and have at it!

While you're at it, please check out SmallNetBuilder for product reviews and our famous Router Charts, Ranker and plenty more!

Regarding tp link SMB or semi managed switches

Discussion in 'Switches, NICs and cabling' started by System Error Message, Nov 17, 2019.

  1. System Error Message

    System Error Message Part of the Furniture

    Joined:
    Oct 14, 2014
    Messages:
    4,097
    I have a few questions from those that currently use or have used tp link semi managed or business switches.

    How reliable are they (in the timespan of a year have you had to reboot them because of a hang?)
    how featureful are they and how well do these features work (older netgear prosafe switches that used store and forward method would do poorly when you enable jumbo frames for example)

    Im asking because im trying to list decent low cost switches that dont need to be as featureful as mikrotik/ubiquiti yet be cheap and fulfill small business requirements. Netgear and cisco i found for years had hardcoded backdoors in their switches and routers, but you cant install openwrt on a prosafe.

    Zyxel is good but very pricey.
     
  2. coxhaus

    coxhaus Part of the Furniture

    Joined:
    Oct 7, 2010
    Messages:
    3,186
    Location:
    texas
    I kind of doubt there are any back doors in the Cisco switches. Could you be more specific about which model switch and what the back door is?
     
  3. System Error Message

    System Error Message Part of the Furniture

    Joined:
    Oct 14, 2014
    Messages:
    4,097
    https://www.tomshardware.com/news/cisco-backdoor-hardcoded-accounts-software,37480.html
    anything that runs cisco IOS, that would include their SMB line too as i remember you mentioning that they do run cisco IOS.

    The problem isnt isolated to just cisco, even netgear's prosafe line isnt safe either as government mandated backdoors find their way in. Which reminds me that if you arent from a country that has an intelligence cooperation in the US, by procedure or law if the country is keeping up would be illegal to use such devices.

    I have spent a lot of time in cybersecurity the past few months so i picked up a lot of the boring black and white policy.
     
  4. coxhaus

    coxhaus Part of the Furniture

    Joined:
    Oct 7, 2010
    Messages:
    3,186
    Location:
    texas
    I have never said Cisco small business line of routers, switches and wireless APs run IOS. They run on Linux if they ran IOS we could not afford them.

    That is an old article and I would guess most of that stuff has been fixed. Here is a later refence to some recently discovered hack that was fixed which is much newer than that article. https://www.cisco.com/c/en/us/support/docs/csa/cisco-sa-20191016-sbss-xss.html

    I would say a lot of this stuff is never discovered in consumer gear because it does not have good enough support from the companies. The hacks just exist for the taking but not documented. They are just selling products not software.

    If you are in cybersecurity then it seems like to me you would want to run hardware that has security support.
     
    Last edited: Nov 20, 2019
  5. MichaelCG

    MichaelCG Very Senior Member

    Joined:
    Jan 4, 2017
    Messages:
    580
    Location:
    Central US
    His point about the other devices is they may be able to run one of the open source packages. The "general" perk of open source is that anyone can look at the code for back doors. However...it really is a matter of how many eyes have actually looked at the code.

    Dealing with Cybersecurity is always a challenge. There is no single right way to do things. Everything brings risk.....everything. It is a matter of finding the balance between compliance, risk, cost, and convenience. There are perks to using the hardware/software from the big boys....but there are drawbacks as well. OpenSource software is awesome in many ways, but quite often pose more compliance and operational challenges. There are some compliance requirements out there that mandate current vendor support.

    Compliance does not always equal Secure.
    Secure does not always equal Compliant.
    A system can be extremely secure, but completely non-compliant.
    A system can be 100% compliant, but be an absolute hot mess for security.
     
  6. coxhaus

    coxhaus Part of the Furniture

    Joined:
    Oct 7, 2010
    Messages:
    3,186
    Location:
    texas
    Cisco small business line is based on Linux. Linux is open source and a lot of times when there is a Linux hack it shows up in the Cisco small business line of equipment. But Cisco issues free firmware fixes for hacks.

    Cisco IOS is a different story as it is a proprietary operating system. There are still hacks discovered but Cisco fixes them.

    And yes maybe more people are working on hacking Cisco than smaller companies. But a lot of those smaller companies don't have the resources to maintain and fix their software. They just want to sell you another piece of hardware. So you pick and choose what is best for you by what you buy.