Hello, I apologize if this is an unusual topic but I would like to know what this expert community thinks about this issue: We have noticed that a number of Cisco appliances we have recently purchased and paid (AS NEW), are being shipped as if they have been already used/refurbished. In other words, several times we have seen brand new Cisco hardware, out of the box, that has pre-existing configuration (Interfaces with Private IP addresses, static routes, etc …) and in some cases even non-system files, like ‘crashdump.txt’ or additional IOS images. Most importantly our latest purchase; 2 'new' ASAs, contain a series of files named: FSCK0000.REC, FSCK0001.REC, FSCK0002.REC, etc ... . Based on some research it seems like that these files are 'recovery files' signaling bad/failing hard disks in these appliances. Anyone on thhis group has seen this before and if yes, are we supposed to blindly trust the vendor saying the hardware is new, safe and secure? The only way I can explain this is that the hardware has been refurbished or previously configured for reasons unknown to me. I think if customers pays for new hardware, they should get new hardware, even if refurbished hardware may be covered by Smartnet. Any thoughts or recommendations anyone? The last thing we want to do is to deploy faulty (or non secure) security appliances in production. :) Thank you Best regards _________________________________________________________________ Hotmail: Free, trusted and rich email service. http://clk.atdmt.com/GBL/go/201469228/direct/01/
If you are getting Cisco hardware with configs on it or crashfiles, etc. Then no it is NOT new equipment. Who are you buying from? Are they a Gold partner on Cisco's partner locator? If not, then I have seen some seedy things, and of course i have seen seedy things with Gold partners too, I am just pointing out that the ability to compete and make margin get more and more difficult the lower the partner is on the totem pole and so desperation can drive certain behavior. In general from a cisco Gold partner you can expect as good as 35-40% or so on new equipment for a discount for regular deals. Special pricing for special projects you may be able to get a bit better, and maybe 1% or so better for general products from CDW or a big box company like them. If you are paying 50-60% off list for just individual items you order, then its likely not new and there is likely something shady going on, as no partner is going to get you some special discount pricing on a single 3845 for example. All of your good gold partners are going to charge around the same give or take a few percent on material. So find someone you can trust and just build a relationship. If your paying new prices for used gear then yes you are getting ripped off. I would be glad to recommend to you a reputable gold partner if you email me off list. Brian On Mar 4, 2010, at 3:48 PM, Kaveh . wrote:
Hello,
I apologize if this is an unusual topic but I would like to know what this expert community thinks about this issue:
We have noticed that a number of Cisco appliances we have recently purchased and paid (AS NEW), are being shipped as if they have been already used/refurbished. In other words, several times we have seen brand new Cisco hardware, out of the box, that has pre-existing configuration (Interfaces with Private IP addresses, static routes, etc …) and in some cases even non-system files, like ‘crashdump.txt’ or additional IOS images. Most importantly our latest purchase; 2 'new' ASAs, contain a series of files named: FSCK0000.REC, FSCK0001.REC, FSCK0002.REC, etc ... . Based on some research it seems like that these files are 'recovery files' signaling bad/failing hard disks in these appliances. Anyone on thhis group has seen this before and if yes, are we supposed to blindly trust the vendor saying the hardware is new, safe and secure?
The only way I can explain this is that the hardware has been refurbished or previously configured for reasons unknown to me. I think if customers pays for new hardware, they should get new hardware, even if refurbished hardware may be covered by Smartnet.
Any thoughts or recommendations anyone? The last thing we want to do is to deploy faulty (or non secure) security appliances in production. :)
Thank you
Best regards
_________________________________________________________________ Hotmail: Free, trusted and rich email service. http://clk.atdmt.com/GBL/go/201469228/direct/01/
Don't deploy the equipment, demand a refund, and report the reseller to Cisco. I agree completely with Brian - find a good Cisco partner and stick with them. Also, you can't legally buy used Cisco equipment and use the operating system. You can buy the equipment but the OS is absolutely non-transferrable. If you try to get SMARTNet on it red flags will go up and Cisco won't support it. Thanks, Matt Matt Adcock, Manager 334-481-6629 (w) / 334-312-5393 (m) / MAdcock@hisna.com 700 Hyundai Blvd. / Montgomery, AL 36105 P The average office worker uses 10,000 sheets of paper = 1.2 trees, per year By not printing this email, you’ve saved paper, ink and millions of trees From: Brian Feeny [mailto:bfeeny@mac.com] Sent: Thu 3/4/2010 3:05 PM To: Kaveh . Cc: nanog@nanog.org Subject: Re: Cisco hardware question If you are getting Cisco hardware with configs on it or crashfiles, etc. Then no it is NOT new equipment. Who are you buying from? Are they a Gold partner on Cisco's partner locator? If not, then I have seen some seedy things, and of course i have seen seedy things with Gold partners too, I am just pointing out that the ability to compete and make margin get more and more difficult the lower the partner is on the totem pole and so desperation can drive certain behavior. In general from a cisco Gold partner you can expect as good as 35-40% or so on new equipment for a discount for regular deals. Special pricing for special projects you may be able to get a bit better, and maybe 1% or so better for general products from CDW or a big box company like them. If you are paying 50-60% off list for just individual items you order, then its likely not new and there is likely something shady going on, as no partner is going to get you some special discount pricing on a single 3845 for example. All of your good gold partners are going to charge around the same give or take a few percent on material. So find someone you can trust and just build a relationship. If your paying new prices for used gear then yes you are getting ripped off. I would be glad to recommend to you a reputable gold partner if you email me off list. Brian On Mar 4, 2010, at 3:48 PM, Kaveh . wrote:
Hello,
I apologize if this is an unusual topic but I would like to know what this expert community thinks about this issue:
We have noticed that a number of Cisco appliances we have recently purchased and paid (AS NEW), are being shipped as if they have been already used/refurbished. In other words, several times we have seen brand new Cisco hardware, out of the box, that has pre-existing configuration (Interfaces with Private IP addresses, static routes, etc ...) and in some cases even non-system files, like 'crashdump.txt' or additional IOS images. Most importantly our latest purchase; 2 'new' ASAs, contain a series of files named: FSCK0000.REC, FSCK0001.REC, FSCK0002.REC, etc ... . Based on some research it seems like that these files are 'recovery files' signaling bad/failing hard disks in these appliances. Anyone on thhis group has seen this before and if yes, are we supposed to blindly trust the vendor saying the hardware is new, safe and secure?
The only way I can explain this is that the hardware has been refurbished or previously configured for reasons unknown to me. I think if customers pays for new hardware, they should get new hardware, even if refurbished hardware may be covered by Smartnet.
Any thoughts or recommendations anyone? The last thing we want to do is to deploy faulty (or non secure) security appliances in production. :)
Thank you
Best regards
The information in this email and any attachments are for the sole use of the intended recipient and may contain privileged and confidential information. If you are not the intended recipient, any use, disclosure, copying or distribution of this message or attachment is strictly prohibited. We have taken precautions to minimize the risk of transmitting software viruses, but we advise you to carry out your own virus checks on any attachment to this message. We cannot accept liability for any loss or damage caused by software viruses. If you believe that you have received this email in error, please contact the sender immediately and delete the email and all of its attachments
Hotmail: Free, trusted and rich email service. http://clk.atdmt.com/GBL/go/201469228/direct/01/
So if one were to purchase equipment, which is explicitly sold as "Refurbished" from, say www.impulsetech.us and they were to offer Smartnet on it, there is no guarantee that even if you paid for it, that Cisco would fulfil their support contract? Regards, Ken On 4 March 2010 15:22, Adcock, Matt [HISNA] <MAdcock@hisna.com> wrote:
Don't deploy the equipment, demand a refund, and report the reseller to Cisco. I agree completely with Brian - find a good Cisco partner and stick with them. Also, you can't legally buy used Cisco equipment and use the operating system. You can buy the equipment but the OS is absolutely non-transferrable. If you try to get SMARTNet on it red flags will go up and Cisco won't support it.
Thanks, Matt
Matt Adcock, Manager 334-481-6629 (w) / 334-312-5393 (m) / MAdcock@hisna.com 700 Hyundai Blvd. / Montgomery, AL 36105
P The average office worker uses 10,000 sheets of paper = 1.2 trees, per year By not printing this email, you’ve saved paper, ink and millions of trees
From: Brian Feeny [mailto:bfeeny@mac.com] Sent: Thu 3/4/2010 3:05 PM To: Kaveh . Cc: nanog@nanog.org Subject: Re: Cisco hardware question
If you are getting Cisco hardware with configs on it or crashfiles, etc. Then no it is NOT new equipment. Who are you buying from? Are they a Gold partner on Cisco's partner locator? If not, then I have seen some seedy things, and of course i have seen seedy things with Gold partners too, I am just pointing out that the ability to compete and make margin get more and more difficult the lower the partner is on the totem pole and so desperation can drive certain behavior.
In general from a cisco Gold partner you can expect as good as 35-40% or so on new equipment for a discount for regular deals. Special pricing for special projects you may be able to get a bit better, and maybe 1% or so better for general products from CDW or a big box company like them. If you are paying 50-60% off list for just individual items you order, then its likely not new and there is likely something shady going on, as no partner is going to get you some special discount pricing on a single 3845 for example.
All of your good gold partners are going to charge around the same give or take a few percent on material. So find someone you can trust and just build a relationship. If your paying new prices for used gear then yes you are getting ripped off.
I would be glad to recommend to you a reputable gold partner if you email me off list.
Brian
On Mar 4, 2010, at 3:48 PM, Kaveh . wrote:
Hello,
I apologize if this is an unusual topic but I would like to know what
this expert community thinks about this issue:
We have noticed that a number of Cisco appliances we have recently
Anyone on thhis group has seen this before and if yes, are we supposed to blindly trust the vendor saying the hardware is new, safe and secure?
The only way I can explain this is that the hardware has been refurbished or previously configured for reasons unknown to me. I think if customers
purchased and paid (AS NEW), are being shipped as if they have been already used/refurbished. In other words, several times we have seen brand new Cisco hardware, out of the box, that has pre-existing configuration (Interfaces with Private IP addresses, static routes, etc ...) and in some cases even non-system files, like 'crashdump.txt' or additional IOS images. Most importantly our latest purchase; 2 'new' ASAs, contain a series of files named: FSCK0000.REC, FSCK0001.REC, FSCK0002.REC, etc ... . Based on some research it seems like that these files are 'recovery files' signaling bad/failing hard disks in these appliances. pays for new hardware, they should get new hardware, even if refurbished hardware may be covered by Smartnet.
Any thoughts or recommendations anyone? The last thing we want to do is
to deploy faulty (or non secure) security appliances in production. :)
Thank you
Best regards
The information in this email and any attachments are for the sole use of the intended recipient and may contain privileged and confidential information. If you are not the intended recipient, any use, disclosure, copying or distribution of this message or attachment is strictly prohibited. We have taken precautions to minimize the risk of transmitting software viruses, but we advise you to carry out your own virus checks on any attachment to this message. We cannot accept liability for any loss or damage caused by software viruses. If you believe that you have received this email in error, please contact the sender immediately and delete the email and all of its attachments
Hotmail: Free, trusted and rich email service. http://clk.atdmt.com/GBL/go/201469228/direct/01/
According to previous conversations with my Cisco rep the answer is no - Cisco won't support it. I'm blind copying him on this and will pass on his response. Thanks, Matt ________________________________ From: Ken Gilmour [mailto:ken.gilmour@gmail.com] Sent: Thu 3/4/2010 4:17 PM To: Adcock, Matt [HISNA] Cc: nanog@nanog.org Subject: Re: Cisco hardware question So if one were to purchase equipment, which is explicitly sold as "Refurbished" from, say www.impulsetech.us and they were to offer Smartnet on it, there is no guarantee that even if you paid for it, that Cisco would fulfil their support contract? Regards, Ken On 4 March 2010 15:22, Adcock, Matt [HISNA] <MAdcock@hisna.com> wrote: Don't deploy the equipment, demand a refund, and report the reseller to Cisco. I agree completely with Brian - find a good Cisco partner and stick with them. Also, you can't legally buy used Cisco equipment and use the operating system. You can buy the equipment but the OS is absolutely non-transferrable. If you try to get SMARTNet on it red flags will go up and Cisco won't support it. Thanks, Matt Matt Adcock, Manager 334-481-6629 (w) / 334-312-5393 (m) / MAdcock@hisna.com 700 Hyundai Blvd. / Montgomery, AL 36105 P The average office worker uses 10,000 sheets of paper = 1.2 trees, per year By not printing this email, you've saved paper, ink and millions of trees From: Brian Feeny [mailto:bfeeny@mac.com] Sent: Thu 3/4/2010 3:05 PM To: Kaveh . Cc: nanog@nanog.org Subject: Re: Cisco hardware question If you are getting Cisco hardware with configs on it or crashfiles, etc. Then no it is NOT new equipment. Who are you buying from? Are they a Gold partner on Cisco's partner locator? If not, then I have seen some seedy things, and of course i have seen seedy things with Gold partners too, I am just pointing out that the ability to compete and make margin get more and more difficult the lower the partner is on the totem pole and so desperation can drive certain behavior. In general from a cisco Gold partner you can expect as good as 35-40% or so on new equipment for a discount for regular deals. Special pricing for special projects you may be able to get a bit better, and maybe 1% or so better for general products from CDW or a big box company like them. If you are paying 50-60% off list for just individual items you order, then its likely not new and there is likely something shady going on, as no partner is going to get you some special discount pricing on a single 3845 for example. All of your good gold partners are going to charge around the same give or take a few percent on material. So find someone you can trust and just build a relationship. If your paying new prices for used gear then yes you are getting ripped off. I would be glad to recommend to you a reputable gold partner if you email me off list. Brian On Mar 4, 2010, at 3:48 PM, Kaveh . wrote: > > Hello, > > I apologize if this is an unusual topic but I would like to know what this expert community thinks about this issue: > > We have noticed that a number of Cisco appliances we have recently purchased and paid (AS NEW), are being shipped as if they have been already used/refurbished. In other words, several times we have seen brand new Cisco hardware, out of the box, that has pre-existing configuration (Interfaces with Private IP addresses, static routes, etc ...) and in some cases even non-system files, like 'crashdump.txt' or additional IOS images. Most importantly our latest purchase; 2 'new' ASAs, contain a series of files named: FSCK0000.REC, FSCK0001.REC, FSCK0002.REC, etc ... . Based on some research it seems like that these files are 'recovery files' signaling bad/failing hard disks in these appliances. > Anyone on thhis group has seen this before and if yes, are we supposed to blindly trust the vendor saying the hardware is new, safe and secure? > > The only way I can explain this is that the hardware has been refurbished or previously configured for reasons unknown to me. I think if customers pays for new hardware, they should get new hardware, even if refurbished hardware may be covered by Smartnet. > > Any thoughts or recommendations anyone? The last thing we want to do is to deploy faulty (or non secure) security appliances in production. :) > > Thank you > > Best regards > > The information in this email and any attachments are for the sole use of the intended recipient and may contain privileged and confidential information. If you are not the intended recipient, any use, disclosure, copying or distribution of this message or attachment is strictly prohibited. We have taken precautions to minimize the risk of transmitting software viruses, but we advise you to carry out your own virus checks on any attachment to this message. We cannot accept liability for any loss or damage caused by software viruses. If you believe that you have received this email in error, please contact the sender immediately and delete the email and all of its attachments > Hotmail: Free, trusted and rich email service. > http://clk.atdmt.com/GBL/go/201469228/direct/01/
Thanks for the feedback. Let me clarify a few things regarding issues that this thread has addressed so far: A) Pre-existing configs: What Tim and Joe mentioned is apparently correct. I was on phone with a few Cisco tech-reps earlier today and they told me that since version 8.2, they have been shipping ASAs with a default configuration, which explains the existence of private IP addresses on the inside interface, etc ... . B) What Cisco reps could NOT explain was the existence of a number of FSCK000#.REC files on these appliances. To be more specific each of ASAs in question contains 4 extra files: FSCK0000.REC, FSCK0001.REC, FSCK0002.REC, FSCK0003.REC). I said 'extra' because I asked the Cisco reps on phone to provide me a complete list of files that should exist on a brand new ASA, and the 4 files above were not part of the list and I think even they got confused when I mentioned the existence of these files. I could not find much info on these files, but a simple Google search indicates that these files may be 'recovery files' of Disks operating under Unix/Linux/BSD/etc /... kernel, indicating a dying hard drive. That would be enough to freak me out! Anyone can confirm this? C) SmarNet issue: I am a little confused on this. Since this purchase was for NEW equipment, and the devices were shipped by Cisco (at least that is what I read on the box; a Cisco warehouse in TX), then my understanding is that the devices came with the first 12 months of Smarnet anyway. So I will be surprised if they decline the contract renewal after the first year. After all they sold us the appliances as if they were new. How can decline renewal if I can prove that I paid them for new? D) Reseller: Yes, I appreciate the input. I will stick with a bigger name like CDW, next time, but again it appears to me that the devices were shipped from a Cisco warehouse in Texas, and not from the reseller's location. I would greatly appreciate any input, especially on B) Thank you Best regards
Subject: RE: Cisco hardware question Date: Thu, 4 Mar 2010 14:27:04 -0800 From: MAdcock@hisna.com To: ken.gilmour@gmail.com CC: nanog@nanog.org
According to previous conversations with my Cisco rep the answer is no - Cisco won't support it. I'm blind copying him on this and will pass on his response.
Thanks, Matt
________________________________
From: Ken Gilmour [mailto:ken.gilmour@gmail.com] Sent: Thu 3/4/2010 4:17 PM To: Adcock, Matt [HISNA] Cc: nanog@nanog.org Subject: Re: Cisco hardware question
So if one were to purchase equipment, which is explicitly sold as "Refurbished" from, say www.impulsetech.us and they were to offer Smartnet on it, there is no guarantee that even if you paid for it, that Cisco would fulfil their support contract?
Regards,
Ken
On 4 March 2010 15:22, Adcock, Matt [HISNA] <MAdcock@hisna.com> wrote:
Don't deploy the equipment, demand a refund, and report the reseller to Cisco. I agree completely with Brian - find a good Cisco partner and stick with them. Also, you can't legally buy used Cisco equipment and use the operating system. You can buy the equipment but the OS is absolutely non-transferrable. If you try to get SMARTNet on it red flags will go up and Cisco won't support it.
Thanks, Matt
Matt Adcock, Manager 334-481-6629 (w) / 334-312-5393 (m) / MAdcock@hisna.com 700 Hyundai Blvd. / Montgomery, AL 36105
P The average office worker uses 10,000 sheets of paper = 1.2 trees, per year By not printing this email, you've saved paper, ink and millions of trees
From: Brian Feeny [mailto:bfeeny@mac.com] Sent: Thu 3/4/2010 3:05 PM To: Kaveh . Cc: nanog@nanog.org Subject: Re: Cisco hardware question
If you are getting Cisco hardware with configs on it or crashfiles, etc. Then no it is NOT new equipment. Who are you buying from? Are they a Gold partner on Cisco's partner locator? If not, then I have seen some seedy things, and of course i have seen seedy things with Gold partners too, I am just pointing out that the ability to compete and make margin get more and more difficult the lower the partner is on the totem pole and so desperation can drive certain behavior.
In general from a cisco Gold partner you can expect as good as 35-40% or so on new equipment for a discount for regular deals. Special pricing for special projects you may be able to get a bit better, and maybe 1% or so better for general products from CDW or a big box company like them. If you are paying 50-60% off list for just individual items you order, then its likely not new and there is likely something shady going on, as no partner is going to get you some special discount pricing on a single 3845 for example.
All of your good gold partners are going to charge around the same give or take a few percent on material. So find someone you can trust and just build a relationship. If your paying new prices for used gear then yes you are getting ripped off.
I would be glad to recommend to you a reputable gold partner if you email me off list.
Brian
On Mar 4, 2010, at 3:48 PM, Kaveh . wrote:
Hello,
I apologize if this is an unusual topic but I would like to know what this expert community thinks about this issue:
We have noticed that a number of Cisco appliances we have recently purchased and paid (AS NEW), are being shipped as if they have been already used/refurbished. In other words, several times we have seen brand new Cisco hardware, out of the box, that has pre-existing configuration (Interfaces with Private IP addresses, static routes, etc ...) and in some cases even non-system files, like 'crashdump.txt' or additional IOS images. Most importantly our latest purchase; 2 'new' ASAs, contain a series of files named: FSCK0000.REC, FSCK0001.REC, FSCK0002.REC, etc ... . Based on some research it seems like that these files are 'recovery files' signaling bad/failing hard disks in these appliances. Anyone on thhis group has seen this before and if yes, are we supposed to blindly trust the vendor saying the hardware is new, safe and secure?
The only way I can explain this is that the hardware has been refurbished or previously configured for reasons unknown to me. I think if customers pays for new hardware, they should get new hardware, even if refurbished hardware may be covered by Smartnet.
Any thoughts or recommendations anyone? The last thing we want to do is to deploy faulty (or non secure) security appliances in production. :)
Thank you
Best regards
The information in this email and any attachments are for the sole use of the intended recipient and may contain privileged and confidential information. If you are not the intended recipient, any use, disclosure, copying or distribution of this message or attachment is strictly prohibited. We have taken precautions to minimize the risk of transmitting software viruses, but we advise you to carry out your own virus checks on any attachment to this message. We cannot accept liability for any loss or damage caused by software viruses. If you believe that you have received this email in error, please contact the sender immediately and delete the email and all of its attachments
Hotmail: Free, trusted and rich email service. http://clk.atdmt.com/GBL/go/201469228/direct/01/
_________________________________________________________________ Hotmail: Powerful Free email with security by Microsoft. http://clk.atdmt.com/GBL/go/201469230/direct/01/
On Mar 4, 2010, at 6:16 PM, Kaveh . wrote:
Thanks for the feedback. Let me clarify a few things regarding issues that this thread has addressed so far:
A) Pre-existing configs: What Tim and Joe mentioned is apparently correct. I was on phone with a few Cisco tech-reps earlier today and they told me that since version 8.2, they have been shipping ASAs with a default configuration, which explains the existence of private IP addresses on the inside interface, etc ... .
B) What Cisco reps could NOT explain was the existence of a number of FSCK000#.REC files on these appliances. To be more specific each of ASAs in question contains 4 extra files: FSCK0000.REC, FSCK0001.REC, FSCK0002.REC, FSCK0003.REC). I said 'extra' because I asked the Cisco reps on phone to provide me a complete list of files that should exist on a brand new ASA, and the 4 files above were not part of the list and I think even they got confused when I mentioned the existence of these files.
I could not find much info on these files, but a simple Google search indicates that these files may be 'recovery files' of Disks operating under Unix/Linux/BSD/etc /... kernel, indicating a dying hard drive. That would be enough to freak me out! Anyone can confirm this?
C) SmarNet issue: I am a little confused on this. Since this purchase was for NEW equipment, and the devices were shipped by Cisco (at least that is what I read on the box; a Cisco warehouse in TX), then my understanding is that the devices came with the first 12 months of Smarnet anyway. So I will be surprised if they decline the contract renewal after the first year. After all they sold us the appliances as if they were new. How can decline renewal if I can prove that I paid them for new?
D) Reseller: Yes, I appreciate the input. I will stick with a bigger name like CDW, next time, but again it appears to me that the devices were shipped from a Cisco warehouse in Texas, and not from the reseller's location.
I would greatly appreciate any input, especially on B)
Thank you
Best regards
Subject: RE: Cisco hardware question Date: Thu, 4 Mar 2010 14:27:04 -0800 From: MAdcock@hisna.com To: ken.gilmour@gmail.com CC: nanog@nanog.org
According to previous conversations with my Cisco rep the answer is no - Cisco won't support it. I'm blind copying him on this and will pass on his response.
Thanks, Matt
________________________________
From: Ken Gilmour [mailto:ken.gilmour@gmail.com] Sent: Thu 3/4/2010 4:17 PM To: Adcock, Matt [HISNA] Cc: nanog@nanog.org Subject: Re: Cisco hardware question
So if one were to purchase equipment, which is explicitly sold as "Refurbished" from, say www.impulsetech.us and they were to offer Smartnet on it, there is no guarantee that even if you paid for it, that Cisco would fulfil their support contract?
Regards,
Ken
On 4 March 2010 15:22, Adcock, Matt [HISNA] <MAdcock@hisna.com> wrote:
Don't deploy the equipment, demand a refund, and report the reseller to Cisco. I agree completely with Brian - find a good Cisco partner and stick with them. Also, you can't legally buy used Cisco equipment and use the operating system. You can buy the equipment but the OS is absolutely non-transferrable. If you try to get SMARTNet on it red flags will go up and Cisco won't support it.
Thanks, Matt
Matt Adcock, Manager 334-481-6629 (w) / 334-312-5393 (m) / MAdcock@hisna.com 700 Hyundai Blvd. / Montgomery, AL 36105
P The average office worker uses 10,000 sheets of paper = 1.2 trees, per year By not printing this email, you've saved paper, ink and millions of trees
From: Brian Feeny [mailto:bfeeny@mac.com] Sent: Thu 3/4/2010 3:05 PM To: Kaveh . Cc: nanog@nanog.org Subject: Re: Cisco hardware question
If you are getting Cisco hardware with configs on it or crashfiles, etc. Then no it is NOT new equipment. Who are you buying from? Are they a Gold partner on Cisco's partner locator? If not, then I have seen some seedy things, and of course i have seen seedy things with Gold partners too, I am just pointing out that the ability to compete and make margin get more and more difficult the lower the partner is on the totem pole and so desperation can drive certain behavior.
In general from a cisco Gold partner you can expect as good as 35-40% or so on new equipment for a discount for regular deals. Special pricing for special projects you may be able to get a bit better, and maybe 1% or so better for general products from CDW or a big box company like them. If you are paying 50-60% off list for just individual items you order, then its likely not new and there is likely something shady going on, as no partner is going to get you some special discount pricing on a single 3845 for example.
All of your good gold partners are going to charge around the same give or take a few percent on material. So find someone you can trust and just build a relationship. If your paying new prices for used gear then yes you are getting ripped off.
I would be glad to recommend to you a reputable gold partner if you email me off list.
Brian
On Mar 4, 2010, at 3:48 PM, Kaveh . wrote:
Hello,
I apologize if this is an unusual topic but I would like to know what this expert community thinks about this issue:
We have noticed that a number of Cisco appliances we have recently purchased and paid (AS NEW), are being shipped as if they have been already used/refurbished. In other words, several times we have seen brand new Cisco hardware, out of the box, that has pre-existing configuration (Interfaces with Private IP addresses, static routes, etc ...) and in some cases even non-system files, like 'crashdump.txt' or additional IOS images. Most importantly our latest purchase; 2 'new' ASAs, contain a series of files named: FSCK0000.REC, FSCK0001.REC, FSCK0002.REC, etc ... . Based on some research it seems like that these files are 'recovery files' signaling bad/failing hard disks in these appliances. Anyone on thhis group has seen this before and if yes, are we supposed to blindly trust the vendor saying the hardware is new, safe and secure?
The only way I can explain this is that the hardware has been refurbished or previously configured for reasons unknown to me. I think if customers pays for new hardware, they should get new hardware, even if refurbished hardware may be covered by Smartnet.
Any thoughts or recommendations anyone? The last thing we want to do is to deploy faulty (or non secure) security appliances in production. :)
Thank you
Best regards
The information in this email and any attachments are for the sole use of the intended recipient and may contain privileged and confidential information. If you are not the intended recipient, any use, disclosure, copying or distribution of this message or attachment is strictly prohibited. We have taken precautions to minimize the risk of transmitting software viruses, but we advise you to carry out your own virus checks on any attachment to this message. We cannot accept liability for any loss or damage caused by software viruses. If you believe that you have received this email in error, please contact the sender immediately and delete the email and all of its attachments
Hotmail: Free, trusted and rich email service. http://clk.atdmt.com/GBL/go/201469228/direct/01/
_________________________________________________________________ Hotmail: Powerful Free email with security by Microsoft. http://clk.atdmt.com/GBL/go/201469230/direct/01/
Kaveh: I can confirm with absolute certainty that fcsk is a Unix utility for determining if a hard disk is failing and optionally attempting a recovery. I have never heard of such output files, though. How big are they? If they are tiny, they could just be status reports or a save of the program's output. If they are large, they may represent backups of the flash memory. Ben
Ben, Here is the output of # dir command - It includes all the files on disk0:/ ciscoasa# dir Directory of disk0:/ 134 -rwx 16275456 08:43:56 Jul 15 2009 asa821-k8.bin 135 -rwx 11348300 10:46:44 Jul 15 2009 asdm-621.bin 136 -rwx 20480 00:00:00 Jan 01 1980 FSCK0000.REC 3 drwx 4096 00:03:28 Jan 01 2003 log 10 drwx 4096 00:03:38 Jan 01 2003 crypto_archive 11 drwx 4096 00:04:00 Jan 01 2003 coredumpinfo 138 -rwx 61440 00:00:00 Jan 01 1980 FSCK0001.REC 139 -rwx 9526560 10:43:02 Jul 15 2009 csd_3.4.1108.pkg 140 drwx 4096 10:43:02 Jul 15 2009 sdesktop 141 -rwx 2397046 10:43:04 Jul 15 2009 anyconnect-wince-ARMv4I-2.3.0254-k9.pkg 142 -rwx 2648712 10:43:04 Jul 15 2009 anyconnect-win-2.3.0254-k9.pkg 143 -rwx 4217694 10:43:06 Jul 15 2009 anyconnect-macosx-i386-2.3.0254-k9.pkg 144 -rwx 4259411 10:43:10 Jul 15 2009 anyconnect-linux-2.3.0254-k9.pkg 145 -rwx 28672 00:00:00 Jan 01 1980 FSCK0002.REC 146 -rwx 4096 00:00:00 Jan 01 1980 FSCK0003.REC 255582208 bytes total (201719808 bytes free) Thanks
Subject: Re: Cisco hardware question From: bc-list@beztech.net Date: Thu, 4 Mar 2010 18:23:57 -0500 To: afx66@hotmail.com; nanog@nanog.org
On Mar 4, 2010, at 6:16 PM, Kaveh . wrote:
Thanks for the feedback. Let me clarify a few things regarding issues that this thread has addressed so far:
A) Pre-existing configs: What Tim and Joe mentioned is apparently correct. I was on phone with a few Cisco tech-reps earlier today and they told me that since version 8.2, they have been shipping ASAs with a default configuration, which explains the existence of private IP addresses on the inside interface, etc ... .
B) What Cisco reps could NOT explain was the existence of a number of FSCK000#.REC files on these appliances. To be more specific each of ASAs in question contains 4 extra files: FSCK0000.REC, FSCK0001.REC, FSCK0002.REC, FSCK0003.REC). I said 'extra' because I asked the Cisco reps on phone to provide me a complete list of files that should exist on a brand new ASA, and the 4 files above were not part of the list and I think even they got confused when I mentioned the existence of these files.
I could not find much info on these files, but a simple Google search indicates that these files may be 'recovery files' of Disks operating under Unix/Linux/BSD/etc /... kernel, indicating a dying hard drive. That would be enough to freak me out! Anyone can confirm this?
C) SmarNet issue: I am a little confused on this. Since this purchase was for NEW equipment, and the devices were shipped by Cisco (at least that is what I read on the box; a Cisco warehouse in TX), then my understanding is that the devices came with the first 12 months of Smarnet anyway. So I will be surprised if they decline the contract renewal after the first year. After all they sold us the appliances as if they were new. How can decline renewal if I can prove that I paid them for new?
D) Reseller: Yes, I appreciate the input. I will stick with a bigger name like CDW, next time, but again it appears to me that the devices were shipped from a Cisco warehouse in Texas, and not from the reseller's location.
I would greatly appreciate any input, especially on B)
Thank you
Best regards
Subject: RE: Cisco hardware question Date: Thu, 4 Mar 2010 14:27:04 -0800 From: MAdcock@hisna.com To: ken.gilmour@gmail.com CC: nanog@nanog.org
According to previous conversations with my Cisco rep the answer is no - Cisco won't support it. I'm blind copying him on this and will pass on his response.
Thanks, Matt
________________________________
From: Ken Gilmour [mailto:ken.gilmour@gmail.com] Sent: Thu 3/4/2010 4:17 PM To: Adcock, Matt [HISNA] Cc: nanog@nanog.org Subject: Re: Cisco hardware question
So if one were to purchase equipment, which is explicitly sold as "Refurbished" from, say www.impulsetech.us and they were to offer Smartnet on it, there is no guarantee that even if you paid for it, that Cisco would fulfil their support contract?
Regards,
Ken
On 4 March 2010 15:22, Adcock, Matt [HISNA] <MAdcock@hisna.com> wrote:
Don't deploy the equipment, demand a refund, and report the reseller to Cisco. I agree completely with Brian - find a good Cisco partner and stick with them. Also, you can't legally buy used Cisco equipment and use the operating system. You can buy the equipment but the OS is absolutely non-transferrable. If you try to get SMARTNet on it red flags will go up and Cisco won't support it.
Thanks, Matt
Matt Adcock, Manager 334-481-6629 (w) / 334-312-5393 (m) / MAdcock@hisna.com 700 Hyundai Blvd. / Montgomery, AL 36105
P The average office worker uses 10,000 sheets of paper = 1.2 trees, per year By not printing this email, you've saved paper, ink and millions of trees
From: Brian Feeny [mailto:bfeeny@mac.com] Sent: Thu 3/4/2010 3:05 PM To: Kaveh . Cc: nanog@nanog.org Subject: Re: Cisco hardware question
If you are getting Cisco hardware with configs on it or crashfiles, etc. Then no it is NOT new equipment. Who are you buying from? Are they a Gold partner on Cisco's partner locator? If not, then I have seen some seedy things, and of course i have seen seedy things with Gold partners too, I am just pointing out that the ability to compete and make margin get more and more difficult the lower the partner is on the totem pole and so desperation can drive certain behavior.
In general from a cisco Gold partner you can expect as good as 35-40% or so on new equipment for a discount for regular deals. Special pricing for special projects you may be able to get a bit better, and maybe 1% or so better for general products from CDW or a big box company like them. If you are paying 50-60% off list for just individual items you order, then its likely not new and there is likely something shady going on, as no partner is going to get you some special discount pricing on a single 3845 for example.
All of your good gold partners are going to charge around the same give or take a few percent on material. So find someone you can trust and just build a relationship. If your paying new prices for used gear then yes you are getting ripped off.
I would be glad to recommend to you a reputable gold partner if you email me off list.
Brian
On Mar 4, 2010, at 3:48 PM, Kaveh . wrote:
Hello,
I apologize if this is an unusual topic but I would like to know what this expert community thinks about this issue:
We have noticed that a number of Cisco appliances we have recently purchased and paid (AS NEW), are being shipped as if they have been already used/refurbished. In other words, several times we have seen brand new Cisco hardware, out of the box, that has pre-existing configuration (Interfaces with Private IP addresses, static routes, etc ...) and in some cases even non-system files, like 'crashdump.txt' or additional IOS images. Most importantly our latest purchase; 2 'new' ASAs, contain a series of files named: FSCK0000.REC, FSCK0001.REC, FSCK0002.REC, etc ... . Based on some research it seems like that these files are 'recovery files' signaling bad/failing hard disks in these appliances. Anyone on thhis group has seen this before and if yes, are we supposed to blindly trust the vendor saying the hardware is new, safe and secure?
The only way I can explain this is that the hardware has been refurbished or previously configured for reasons unknown to me. I think if customers pays for new hardware, they should get new hardware, even if refurbished hardware may be covered by Smartnet.
Any thoughts or recommendations anyone? The last thing we want to do is to deploy faulty (or non secure) security appliances in production. :)
Thank you
Best regards
The information in this email and any attachments are for the sole use of the intended recipient and may contain privileged and confidential information. If you are not the intended recipient, any use, disclosure, copying or distribution of this message or attachment is strictly prohibited. We have taken precautions to minimize the risk of transmitting software viruses, but we advise you to carry out your own virus checks on any attachment to this message. We cannot accept liability for any loss or damage caused by software viruses. If you believe that you have received this email in error, please contact the sender immediately and delete the email and all of its attachments
Hotmail: Free, trusted and rich email service. http://clk.atdmt.com/GBL/go/201469228/direct/01/
_________________________________________________________________ Hotmail: Powerful Free email with security by Microsoft. http://clk.atdmt.com/GBL/go/201469230/direct/01/
Kaveh:
I can confirm with absolute certainty that fcsk is a Unix utility for determining if a hard disk is failing and optionally attempting a recovery. I have never heard of such output files, though. How big are they? If they are tiny, they could just be status reports or a save of the program's output. If they are large, they may represent backups of the flash memory.
Ben
_________________________________________________________________ Hotmail: Free, trusted and rich email service. http://clk.atdmt.com/GBL/go/201469228/direct/01/
On 3/4/10 4:23 PM, Ben Carleton wrote:
Kaveh:
I can confirm with absolute certainty that fcsk is a Unix utility for determining if a hard disk is failing and optionally attempting a recovery. I have never heard of such output files, though. How big are they? If they are tiny, they could just be status reports or a save of the program's output. If they are large, they may represent backups of the flash memory.
Ben
fsck is not just for failing hard drives. fsck is used any time you want to check a disk (may it be ssd, optical, magnetic) for any kind of errors or inconsistencies. It's a standard part of any UNIX toolkit. On Linux systems with ext2/3, you'll see lost+found, which is where stuff ends up if it can't be connected to an actual file entry. Sounds exactly like what those FSCK files are - DOS used to do this with scandisk. -- Brielle Bruns The Summit Open Source Development Group http://www.sosdg.org / http://www.ahbl.org
On Thu, 2010-03-04 at 16:46 -0700, Brielle Bruns wrote:
fsck is not just for failing hard drives. fsck is used any time you want to check a disk (may it be ssd, optical, magnetic) for any kind of errors or inconsistencies. It's a standard part of any UNIX toolkit.
On Linux systems with ext2/3, you'll see lost+found, which is where stuff ends up if it can't be connected to an actual file entry. Sounds exactly like what those FSCK files are - DOS used to do this with scandisk.
beat me to it by a minute or two :) I'd guess (from a *nix-yness background) that the appliance is set up to automatically fsck a disk if it's dirty - `dirtiness` can be caused by thing like unexpected power cut as well as nasty things like hardware troubles. Appliances are prone to "power pulls" as they are usually headless. Some "diskless" appliances don't even bother to check , somewhat dismayingly. Not sure what the exact fs is on those boxes - anyone happen to know? - but from experience, I wouldn't be worrying too much (though I'd be very curious of course). Gord -- snort, snort, oink, oink
Take the S/Ns and run them over by Cisco. On 3/4/10, gordon b slater <gordslater@ieee.org> wrote:
On Thu, 2010-03-04 at 16:46 -0700, Brielle Bruns wrote:
fsck is not just for failing hard drives. fsck is used any time you want to check a disk (may it be ssd, optical, magnetic) for any kind of errors or inconsistencies. It's a standard part of any UNIX toolkit.
On Linux systems with ext2/3, you'll see lost+found, which is where stuff ends up if it can't be connected to an actual file entry. Sounds exactly like what those FSCK files are - DOS used to do this with scandisk.
beat me to it by a minute or two :)
I'd guess (from a *nix-yness background) that the appliance is set up to automatically fsck a disk if it's dirty - `dirtiness` can be caused by thing like unexpected power cut as well as nasty things like hardware troubles. Appliances are prone to "power pulls" as they are usually headless. Some "diskless" appliances don't even bother to check , somewhat dismayingly.
Not sure what the exact fs is on those boxes - anyone happen to know? - but from experience, I wouldn't be worrying too much (though I'd be very curious of course).
Gord
-- snort, snort, oink, oink
-- Sent from my mobile device ***Stefan Mititelu http://twitter.com/netfortius http://www.linkedin.com/in/netfortius
On Thu, 04 Mar 2010 18:16:01 -0500, Kaveh . <afx66@hotmail.com> wrote:
A) Pre-existing configs: What Tim and Joe mentioned is apparently correct. I was on phone with a few Cisco tech-reps earlier today and they told me that since version 8.2, they have been shipping ASAs with a default configuration, which explains the existence of private IP addresses on the inside interface, etc ... .
The Pix 501 was like that too. It was usable "out of the box". ...
I could not find much info on these files, but a simple Google search indicates that these files may be 'recovery files' of Disks operating under Unix/Linux/BSD/etc /... kernel, indicating a dying hard drive. That would be enough to freak me out! Anyone can confirm this?
It's not a "disk", but a CF (256M in your case.) It's a DOS FAT filesystem. The underlying linux OS runs dosfsck on every boot. There are *lots* of reasons why it would find things to recover. It's not necessarily an indication of Badness(tm).
C) SmarNet issue: I am a little confused on this. Since this purchase was for NEW equipment, and the devices were shipped by Cisco (at least that is what I read on the box; a Cisco warehouse in TX)...
Not necessarily. I've seen a lot of boxes that appear to have come "direct" from Cisco, however, I know they came from a wholesaler's warehouse. (only one came direct from Cisco. from the factory in Malaysia.)
On 3/4/2010 16:16, Ricky Beam wrote:
Not necessarily. I've seen a lot of boxes that appear to have come "direct" from Cisco, however, I know they came from a wholesaler's warehouse. (only one came direct from Cisco. from the factory in Malaysia.)
A lot of counterfeits come direct from the factory, too. ;) ~Seth
That's very true. They ship some out one door for Cisco and some out another door for gray/black market. One other thing to note - the discounts shown on the Web site previously mentioned here are not that greater than the ones I know Cisco gives many companies. Is it really worth taking a chance with one of the most critical parts of your infrastructure to save 10% or 15%. In my industry (automotive) and I think in many others the answer is absoutely not. Matt Matt Adcock, Manager 334-481-6629 (w) / 334-312-5393 (m) / MAdcock@hisna.com 700 Hyundai Blvd. / Montgomery, AL 36105 P The average office worker uses 10,000 sheets of paper = 1.2 trees, per year By not printing this email, you’ve saved paper, ink and millions of trees From: Seth Mattinen [mailto:sethm@rollernet.us] Sent: Thu 3/4/2010 6:20 PM To: nanog@nanog.org Subject: Re: Cisco hardware question On 3/4/2010 16:16, Ricky Beam wrote:
Not necessarily. I've seen a lot of boxes that appear to have come "direct" from Cisco, however, I know they came from a wholesaler's warehouse. (only one came direct from Cisco. from the factory in Malaysia.)
A lot of counterfeits come direct from the factory, too. ;) ~Seth The information in this email and any attachments are for the sole use of the intended recipient and may contain privileged and confidential information. If you are not the intended recipient, any use, disclosure, copying or distribution of this message or attachment is strictly prohibited. We have taken precautions to minimize the risk of transmitting software viruses, but we advise you to carry out your own virus checks on any attachment to this message. We cannot accept liability for any loss or damage caused by software viruses. If you believe that you have received this email in error, please contact the sender immediately and delete the email and all of its attachments
On most transactions, good reputable cisco partners are making about 3% on the front end. Most good partners make their money off services, and they hire highly trained engineers to deliver projects. Cisco hardware is like any other retail business, there is not deep margins. So trying to get 38% off from CDW vs. taking 37% off from the hometown team you can trust, meet face to face with, talk to the "boss" if you need to......its just not worth it. This same thing holds true with network operators to some extent. Some of the best businesses to goto for good support, colocation, transit, etc. Are you mid tier guys with highly clued staff and the need to deliver good service in order to stay competitive. Brian On Mar 4, 2010, at 8:17 PM, Adcock, Matt [HISNA] wrote:
That's very true. They ship some out one door for Cisco and some out another door for gray/black market.
One other thing to note - the discounts shown on the Web site previously mentioned here are not that greater than the ones I know Cisco gives many companies. Is it really worth taking a chance with one of the most critical parts of your infrastructure to save 10% or 15%. In my industry (automotive) and I think in many others the answer is absoutely not.
Matt
Matt Adcock, Manager 334-481-6629 (w) / 334-312-5393 (m) / MAdcock@hisna.com 700 Hyundai Blvd. / Montgomery, AL 36105
P The average office worker uses 10,000 sheets of paper = 1.2 trees, per year By not printing this email, you’ve saved paper, ink and millions of trees
From: Seth Mattinen [mailto:sethm@rollernet.us] Sent: Thu 3/4/2010 6:20 PM To: nanog@nanog.org Subject: Re: Cisco hardware question
On 3/4/2010 16:16, Ricky Beam wrote:
Not necessarily. I've seen a lot of boxes that appear to have come "direct" from Cisco, however, I know they came from a wholesaler's warehouse. (only one came direct from Cisco. from the factory in Malaysia.)
A lot of counterfeits come direct from the factory, too. ;)
~Seth
The information in this email and any attachments are for the sole use of the intended recipient and may contain privileged and confidential information. If you are not the intended recipient, any use, disclosure, copying or distribution of this message or attachment is strictly prohibited. We have taken precautions to minimize the risk of transmitting software viruses, but we advise you to carry out your own virus checks on any attachment to this message. We cannot accept liability for any loss or damage caused by software viruses. If you believe that you have received this email in error, please contact the sender immediately and delete the email and all of its attachments
Response from my Cisco rep: "I has to be "Cisco Certified" refurbished. If it isn't it cannot have Smartnet placed on it without an inspection (which comes with an inspection fee) and the licensing paid for as well. When you combine these two cost items together with the selling price of the gear you're about back to the cost of a brand new piece of equipment. The most difficult part of buying this "gray market" or even "black market" gear is that you don't really know where it came from. The Department of Defense has found some of this "black market" gear (a fake) in the networks of their vendors. In some cases they have found a "phone home" feature that pokes a hole in the firewall and then allows outside users (Chinese) into the network. Once in they can siphon off data from your network." Thanks, Matt Matt Adcock, Manager 334-481-6629 (w) / 334-312-5393 (m) / MAdcock@hisna.com 700 Hyundai Blvd. / Montgomery, AL 36105 P The average office worker uses 10,000 sheets of paper = 1.2 trees, per year By not printing this email, you’ve saved paper, ink and millions of trees From: Adcock, Matt [HISNA] Sent: Thu 3/4/2010 7:17 PM To: Seth Mattinen; nanog@nanog.org Subject: RE: Cisco hardware question That's very true. They ship some out one door for Cisco and some out another door for gray/black market. One other thing to note - the discounts shown on the Web site previously mentioned here are not that greater than the ones I know Cisco gives many companies. Is it really worth taking a chance with one of the most critical parts of your infrastructure to save 10% or 15%. In my industry (automotive) and I think in many others the answer is absoutely not. Matt The information in this email and any attachments are for the sole use of the intended recipient and may contain privileged and confidential information. If you are not the intended recipient, any use, disclosure, copying or distribution of this message or attachment is strictly prohibited. We have taken precautions to minimize the risk of transmitting software viruses, but we advise you to carry out your own virus checks on any attachment to this message. We cannot accept liability for any loss or damage caused by software viruses. If you believe that you have received this email in error, please contact the sender immediately and delete the email and all of its attachments From: Seth Mattinen [mailto:sethm@rollernet.us] Sent: Thu 3/4/2010 6:20 PM To: nanog@nanog.org Subject: Re: Cisco hardware question On 3/4/2010 16:16, Ricky Beam wrote:
Not necessarily. I've seen a lot of boxes that appear to have come "direct" from Cisco, however, I know they came from a wholesaler's warehouse. (only one came direct from Cisco. from the factory in Malaysia.)
A lot of counterfeits come direct from the factory, too. ;) ~Seth
On Thu, 2010-03-04 at 19:16 -0500, Ricky Beam wrote:
It's a DOS FAT filesystem.
hmmmm. hmmmmmmmmmm. FAT. Ah well, there must be a reason I guess. Not exactly what I'd choose for a high security snort box ;) But, horses for courses I suppose. Yes, as others say, good idea to check the s/n's with Cisco directly. You can _never_ be _too_ careful, both security-wise and financially. It's not exactly a cheap piece of equipment, service contracts and licences considered (and I don't mean the GPL one haha ) You can't rreally blame the frontline reps for not knowing what a fsck is, its a new tech concept. Post-80's on fact. Oops, another boot-up un in there, sorry. Humour aside, in fairness, I'm not sure an average rep would know much about QNX dumps either. *nix-y stuff puts you very close to the hardware and architectures. You see it all fly by in the logs and dmesg. Companies like cisco probably like to keep you at arms length from it. In this case you don't see the hardware so much but you "see" the bottom line of the invoice. That gives you all the right in the world to ask deep probing questions whenever you find things like this. A good manufacturer and supplier will answer them fully, though it may take some time to find the right clued-up tech internally. eg: Until you use ZFS you'd never believe the error rates on seemingly good hard drive systems, especially through "high-end" kit with supposedly safe "error correction". What you don't see doesn't worry you. Gord -- oink. oink. alert. oink. snort
On Mar 4, 2010, at 6:16 PM, Kaveh . wrote:
Thanks for the feedback. Let me clarify a few things regarding issues that this thread has addressed so far:
A) Pre-existing configs: What Tim and Joe mentioned is apparently correct. I was on phone with a few Cisco tech-reps earlier today and they told me that since version 8.2, they have been shipping ASAs with a default configuration, which explains the existence of private IP addresses on the inside interface, etc ... .
C) SmarNet issue: I am a little confused on this. Since this purchase was for NEW equipment, and the devices were shipped by Cisco (at least that is what I read on the box; a Cisco warehouse in TX), then my understanding is that the devices came with the first 12 months of Smarnet anyway. So I will be surprised if they decline the contract renewal after the first year. After all they sold us the appliances as if they were new. How can decline renewal if I can prove that I paid them for new?
Cisco devices don't "come" with SmartNet. They come with a manufacturer warranty which does not entitle you to the same support as smartnet (TAC support, software upgrades, 4 or 8 hour replacement, etc). You need to purchase SmartNet which is recommended.
D) Reseller: Yes, I appreciate the input. I will stick with a bigger name like CDW, next time, but again it appears to me that the devices were shipped from a Cisco warehouse in Texas, and not from the reseller's location.
Buying from CDW is not worth the extra 1% or whatever. What I meant was find a good partner that has account managers that are there for you, engineers you can lean on for pre-sales support, and treats you with customer service. That could be anyone, but you have to find these partners as not every company these days understands what customer service is. They will answer all these types of questions you posted here as well. Brian
I would greatly appreciate any input, especially on B)
Thank you
Best regards
Subject: RE: Cisco hardware question Date: Thu, 4 Mar 2010 14:27:04 -0800 From: MAdcock@hisna.com To: ken.gilmour@gmail.com CC: nanog@nanog.org
According to previous conversations with my Cisco rep the answer is no - Cisco won't support it. I'm blind copying him on this and will pass on his response.
Thanks, Matt
________________________________
From: Ken Gilmour [mailto:ken.gilmour@gmail.com] Sent: Thu 3/4/2010 4:17 PM To: Adcock, Matt [HISNA] Cc: nanog@nanog.org Subject: Re: Cisco hardware question
So if one were to purchase equipment, which is explicitly sold as "Refurbished" from, say www.impulsetech.us and they were to offer Smartnet on it, there is no guarantee that even if you paid for it, that Cisco would fulfil their support contract?
Regards,
Ken
On 4 March 2010 15:22, Adcock, Matt [HISNA] <MAdcock@hisna.com> wrote:
Don't deploy the equipment, demand a refund, and report the reseller to Cisco. I agree completely with Brian - find a good Cisco partner and stick with them. Also, you can't legally buy used Cisco equipment and use the operating system. You can buy the equipment but the OS is absolutely non-transferrable. If you try to get SMARTNet on it red flags will go up and Cisco won't support it.
Thanks, Matt
Matt Adcock, Manager 334-481-6629 (w) / 334-312-5393 (m) / MAdcock@hisna.com 700 Hyundai Blvd. / Montgomery, AL 36105
P The average office worker uses 10,000 sheets of paper = 1.2 trees, per year By not printing this email, you've saved paper, ink and millions of trees
From: Brian Feeny [mailto:bfeeny@mac.com] Sent: Thu 3/4/2010 3:05 PM To: Kaveh . Cc: nanog@nanog.org Subject: Re: Cisco hardware question
If you are getting Cisco hardware with configs on it or crashfiles, etc. Then no it is NOT new equipment. Who are you buying from? Are they a Gold partner on Cisco's partner locator? If not, then I have seen some seedy things, and of course i have seen seedy things with Gold partners too, I am just pointing out that the ability to compete and make margin get more and more difficult the lower the partner is on the totem pole and so desperation can drive certain behavior.
In general from a cisco Gold partner you can expect as good as 35-40% or so on new equipment for a discount for regular deals. Special pricing for special projects you may be able to get a bit better, and maybe 1% or so better for general products from CDW or a big box company like them. If you are paying 50-60% off list for just individual items you order, then its likely not new and there is likely something shady going on, as no partner is going to get you some special discount pricing on a single 3845 for example.
All of your good gold partners are going to charge around the same give or take a few percent on material. So find someone you can trust and just build a relationship. If your paying new prices for used gear then yes you are getting ripped off.
I would be glad to recommend to you a reputable gold partner if you email me off list.
Brian
On Mar 4, 2010, at 3:48 PM, Kaveh . wrote:
Hello,
I apologize if this is an unusual topic but I would like to know what this expert community thinks about this issue:
We have noticed that a number of Cisco appliances we have recently purchased and paid (AS NEW), are being shipped as if they have been already used/refurbished. In other words, several times we have seen brand new Cisco hardware, out of the box, that has pre-existing configuration (Interfaces with Private IP addresses, static routes, etc ...) and in some cases even non-system files, like 'crashdump.txt' or additional IOS images. Most importantly our latest purchase; 2 'new' ASAs, contain a series of files named: FSCK0000.REC, FSCK0001.REC, FSCK0002.REC, etc ... . Based on some research it seems like that these files are 'recovery files' signaling bad/failing hard disks in these appliances. Anyone on thhis group has seen this before and if yes, are we supposed to blindly trust the vendor saying the hardware is new, safe and secure?
The only way I can explain this is that the hardware has been refurbished or previously configured for reasons unknown to me. I think if customers pays for new hardware, they should get new hardware, even if refurbished hardware may be covered by Smartnet.
Any thoughts or recommendations anyone? The last thing we want to do is to deploy faulty (or non secure) security appliances in production. :)
Thank you
Best regards
The information in this email and any attachments are for the sole use of the intended recipient and may contain privileged and confidential information. If you are not the intended recipient, any use, disclosure, copying or distribution of this message or attachment is strictly prohibited. We have taken precautions to minimize the risk of transmitting software viruses, but we advise you to carry out your own virus checks on any attachment to this message. We cannot accept liability for any loss or damage caused by software viruses. If you believe that you have received this email in error, please contact the sender immediately and delete the email and all of its attachments
Hotmail: Free, trusted and rich email service. http://clk.atdmt.com/GBL/go/201469228/direct/01/
_________________________________________________________________ Hotmail: Powerful Free email with security by Microsoft. http://clk.atdmt.com/GBL/go/201469230/direct/01/
Step #2. Retain legal counsel or talk to general counsel. On Mar 4, 2010, at 4:22 PM, Adcock, Matt [HISNA] wrote:
Don't deploy the equipment, demand a refund, and report the reseller to Cisco. I agree completely with Brian - find a good Cisco partner and stick with them. Also, you can't legally buy used Cisco equipment and use the operating system. You can buy the equipment but the OS is absolutely non-transferrable. If you try to get SMARTNet on it red flags will go up and Cisco won't support it.
Thanks, Matt
Matt Adcock, Manager 334-481-6629 (w) / 334-312-5393 (m) / MAdcock@hisna.com 700 Hyundai Blvd. / Montgomery, AL 36105
P The average office worker uses 10,000 sheets of paper = 1.2 trees, per year By not printing this email, you’ve saved paper, ink and millions of trees
From: Brian Feeny [mailto:bfeeny@mac.com] Sent: Thu 3/4/2010 3:05 PM To: Kaveh . Cc: nanog@nanog.org Subject: Re: Cisco hardware question
If you are getting Cisco hardware with configs on it or crashfiles, etc. Then no it is NOT new equipment. Who are you buying from? Are they a Gold partner on Cisco's partner locator? If not, then I have seen some seedy things, and of course i have seen seedy things with Gold partners too, I am just pointing out that the ability to compete and make margin get more and more difficult the lower the partner is on the totem pole and so desperation can drive certain behavior.
In general from a cisco Gold partner you can expect as good as 35-40% or so on new equipment for a discount for regular deals. Special pricing for special projects you may be able to get a bit better, and maybe 1% or so better for general products from CDW or a big box company like them. If you are paying 50-60% off list for just individual items you order, then its likely not new and there is likely something shady going on, as no partner is going to get you some special discount pricing on a single 3845 for example.
All of your good gold partners are going to charge around the same give or take a few percent on material. So find someone you can trust and just build a relationship. If your paying new prices for used gear then yes you are getting ripped off.
I would be glad to recommend to you a reputable gold partner if you email me off list.
Brian
On Mar 4, 2010, at 3:48 PM, Kaveh . wrote:
Hello,
I apologize if this is an unusual topic but I would like to know what this expert community thinks about this issue:
We have noticed that a number of Cisco appliances we have recently purchased and paid (AS NEW), are being shipped as if they have been already used/refurbished. In other words, several times we have seen brand new Cisco hardware, out of the box, that has pre-existing configuration (Interfaces with Private IP addresses, static routes, etc ...) and in some cases even non-system files, like 'crashdump.txt' or additional IOS images. Most importantly our latest purchase; 2 'new' ASAs, contain a series of files named: FSCK0000.REC, FSCK0001.REC, FSCK0002.REC, etc ... . Based on some research it seems like that these files are 'recovery files' signaling bad/failing hard disks in these appliances. Anyone on thhis group has seen this before and if yes, are we supposed to blindly trust the vendor saying the hardware is new, safe and secure?
The only way I can explain this is that the hardware has been refurbished or previously configured for reasons unknown to me. I think if customers pays for new hardware, they should get new hardware, even if refurbished hardware may be covered by Smartnet.
Any thoughts or recommendations anyone? The last thing we want to do is to deploy faulty (or non secure) security appliances in production. :)
Thank you
Best regards
The information in this email and any attachments are for the sole use of the intended recipient and may contain privileged and confidential information. If you are not the intended recipient, any use, disclosure, copying or distribution of this message or attachment is strictly prohibited. We have taken precautions to minimize the risk of transmitting software viruses, but we advise you to carry out your own virus checks on any attachment to this message. We cannot accept liability for any loss or damage caused by software viruses. If you believe that you have received this email in error, please contact the sender immediately and delete the email and all of its attachments
Hotmail: Free, trusted and rich email service. http://clk.atdmt.com/GBL/go/201469228/direct/01/
If you are getting Cisco hardware with configs on ... Then no it is NOT new equipment.
That is not entirely true. Many Cisco models arrive with a default configuration - private IP addresses and all. All the new Cisco ASA's I've seen were this way. -- Tim Sanderson THIS MESSAGE IS INTENDED ONLY FOR PERSONAL AND CONFIDENTIAL USE OF THE INDIVIDUAL OR ENTITY TO WHOM IT IS ADDRESSED AND MAY CONTAIN INFORMATION THAT IS PRIVILEGED, CONFIDENTIAL, AND EXEMPT FROM DISCLOSURE UNDER APPLICABLE LAW. If the reader of this message is not the intended recipient, or the employee or agent responsible for delivering the message to the intended recipient, you are hereby notified that you have received this message in error and that any review, dissemination, distribution, or copying of this message is strictly prohibited. If you have received this message in error, please notify the sender immediately by e-mail or telephone, and delete the original message immediately. Thank you.
Tim Sanderson wrote:
That is not entirely true. Many Cisco models arrive with a default configuration - private IP addresses and all. All the new Cisco ASA's I've seen were this way.
Ditto on that. Of about 12 ASA 5505s and 5510s I've deployed in the last year, only one didn't come with a private IP enabled and a public interface set to DHCP. The only one that didn't was running about a year behind in firmware, while the rest came pre-loaded with the latest. Joe Johnson Chief Information Officer Riverside Consulting Group, Ltd. joe@riversidecg.com www.riversidecg.com
We have noticed that a number of Cisco appliances we have recently purchased and paid (AS NEW), are being shipped as if they have been already used/refurbished. In other words, several times we have seen brand new Cisco hardware, out of the box, that has pre-existing configuration (Interfaces with Private IP addresses, static routes, etc …) and in some cases even non-system files, like ‘crashdump.txt’ or additional IOS images. Most importantly our latest purchase; 2 'new' ASAs, contain a series of files named: FSCK0000.REC, FSCK0001.REC, FSCK0002.REC, etc ... . Based on some research it seems like that these files are 'recovery files' signaling bad/failing hard disks in these appliances.
May be you purchased a truly brand new Cisco appliance where the HDD is refurbished, possibly due to: - Cisco cutting costs on parts procurement - Cisco supplier cutting costs by refurbishing HDD - Cisco contractor that does assembly making extra revenue by selling new HDDs that Cisco bought and replacing them with refurbished ones Rubens
participants (14)
-
Adcock, Matt [HISNA] -
Ben Carleton -
Brian Feeny -
Brielle Bruns -
Ernie Rubi -
gordon b slater -
Joe Johnson -
Kaveh . -
Ken Gilmour -
Ricky Beam -
Rubens Kuhl -
Seth Mattinen -
Stefan -
Tim Sanderson