Hi,
On 23 Dec 2025, at 22:11, heasley <heas@shrubbery.net> wrote:
Tue, Dec 23, 2025 at 08:51:54PM +0100, Lukasz Bromirski via NANOG:
I'm pretty sure you're half-joking and half-not, but that's the reality. I lead platform (hardware) development for Cisco Firewalls. I can tell you, that during my discussions with all of our Customers, from biggest to smallest ones, security folks don't appreciate fully dedicated, separate out-of-band management ports, with their own OS that's available no-matter-what.
I'd expect that, from a security perspective, one problem is that BMCs are often neglected by both the customer and the mfg. eg, they often never receive a s/w update for the life of the product or the update procedure is arcane and unautomatable; both like smc and unacceptable.
Yes, and that's actually one of my talking points (to not use something off the shelf and instead deploy hardened Linux on some ARM/SoC). We never get to that point of discussion though. Currently our way of doing that was to dedicate cores from main CPU to run it's own VM as FXOS, or in some cases run these ports indeed as dedicated FXOS instance, physically distinct from the "main" CPU and OS. All we've heard was "oh, it adds complexity, we don't like it".
- you vote with your wallets how much is really saved? is it actually a noticable cost? make it a daughter card?
What I meant is by buying equipment that doesn't have it, or not driving this as a requirement in RFPs. The actual cost of the SoC, flash and circuitry is going to be like 5$. Let's be generous and assume I'm going to add 100$ to the price of the box to adjust for margins. There will be some cost of added development and testing. You think you're going to notice this in a 300k$ box? Or 1M$ box? Nah. But we need this clearly articulated by you - the people, otherwise it's "these PMs are making things up". -- ./