Brand Inertia: Is Cisco Your Most Trusted IT Partner?

Jim Duffy wrote an article covering the 16th annual Cisco Partner Summit in San Diego, which you can read here. Jim reports that John Chambers asked the following poignant question, which Jim fittingly chose to close his article with:

How do we become the most trusted IT partner our customers have?

That’s a very telling sort of a question to ask of the partners you rely upon to help spread the Cisco gospel. The question implies something that I think is critical to understanding a perception of Cisco in the marketplace right now: Cisco has lost some of the trust they once had. Without a doubt, Cisco will remain a ubiquitous presence in the data centers and enterprise networks of the world for years to come. And yet, somehow things are different. Some in the marketplace are looking at Cisco with crossed arms and furrowed brows, and starting to bring in competitors for exploratory meetings. Implicit trust in Cisco wares and the Cisco brand is not taken for granted in circles where once it was.

So let’s talk…just us. If the Tasman Drive Thought Police were to probe your mind, what would they find? If it wasn’t for my tinfoil, lead-lined cap, this CCIE knows a few observations they’d find in his grey matter.

  • Frustration with technical support. The TAC experience has declined for me over the last few years. When I call TAC, it’s almost always because I’m the victim of a bug. Sure, I might misconfigure something or ask TAC to sanity check me; that happens – I’m not saying I’m above that. But usually if I’m on with the TAC, it’s because something isn’t working properly, and I need confirmation of a bug ID. I’m just not getting the sort of responses I used to get. Once upon a time, when I’d upload a diagram with icons, a wiring topology, MAC addresses, and IPs, plus logs of the relevant events, I’d get an engineer who’d say, “Thanks! I’m going to recreate this in the lab to confirm.” And they’d confirm, offer a workaround, and we were done. Not anymore. Now I get push back, second-guessing, and finger-pointing. I get resistance – people who just want to dump the problem back on me and not deal with it. So what’s this got to do with trust? If I can’t rely on my vendor to support their product *well* via their expensive annual support contract that they insist I buy, then that is a breach of my trust as a customer. I want TAC to be my advocate, not my adversary.
  • Lack of innovation, and/or overcharging for innovation. I want Cisco to come out with the speediest, most technically brilliant, gosh-darned clever IT networking solutions there are. While there are indisputable moments of technical excellence and thought leadership, I began thinking of Cisco as a market trailer some years ago. FabricPath is a good example of what I mean. Nexus hardware can suitably run FabricPath…but I can’t afford to license that feature. Cisco’s proprietary TRILL is a license-only add-on that’s thousands extra per box. So, while you could argue that a TRILL implementation (even a proprietary one) is an innovative offering, Cisco is missing an opportunity to drive market adoption by charging customers large amounts of money to put FabricPath into play. Yes, lots of us are buying Nexus gear, but the most many of us are doing with it is vPC. What a waste. While vPC breaks the single chassis barrier by offering MEC, it still effectively locks east-west traffic into a north-south topology. So what’s this got to do with trust? Cisco isn’t driving technology trends, and hasn’t been for a while. Instead, they are following the dollar, and I’m weary of licensing schemes that make me pay extra to get what is usually a nominal increase in functionality that I should have had to start with. The licensing schemes are as befuddling to Cisco sales reps and VARs as they are to end customers like me, and Cisco even writes whitepapers to explain their licensing, even for simple platforms (!). That makes Cisco a foe to be outwitted, not an IT partner to be trusted.
  • Cisco code releases are buggy to the point of being comic relief. A few simple examples I’ll make to get this point across. (1) Cisco’s SafeHarbor program has ceased to be meaningful. I am running a SafeHarbor recommended release of IOS SX on a pair of 6500s, and the software has issues with what I consider rudimentary routing functionality. EIGRP neighboring issues when using physical links instead of SVIs. EIGRP processes slowly leaking memory (not much, but I’m graphing it and watching it climb on two different 6500s). If SafeHarbor can’t root out those sorts of problems, then the program is useless to me as a customer as it negatively impacts both functionality and stability. (2) Cisco ASA code is just sort of sad, to the point that running a bug scrub on the 8.4 family will make you want to give up all hope of a stable firewall. While I’m finally having good success with 8.4(3), it’s not completely got my confidence as yet. (3) NX-OS bugs are becoming legendary in the Twitterverse. Almost every person I know running Nexus gear in production has expressed frustration with NX-OS’s bugginess. The question I see tied to new NX-OS releases isn’t “what bugs does it fix” but “what bugs does it *have*”. I’m getting ready to put Nexus gear into production over the next few months, and I’m not looking forward to the ride. So what’s this got to do with trust? I expect my networking vendor to provide me with a bulletproof choice, especially for my data center gear. I should be able to pick what features I need and punt the rest to reduce my exposure to the bad programming practices that are endemic in software development. For the most part, I can’t. Therefore, I don’t look at code upgrades with excitement; I look at them with fear and even dread. What’s to trust?

To trust my networking vendor, to genuinely view them as a partner that can help my business to succeed, I need their products and people to be trustworthy. In Cisco’s case, I don’t have that level of confidence anymore, not considering the business and product set as an aggregate. An even larger question is begged here, which is this: if I pay dearly both in capex and opex to buy stuff that says “Cisco” on the pretty bezel, but I can’t count on it to deliver what I expect of it, then what’s the point of buying it?

Cisco is not the only vendor at fault here. HP, Symantec, Microsoft, and others are all as guilty of one or more of these sins in my very recent personal experience. As businesses, we’ve been trained to accept inferior IT products. Overpriced gear, complicated licensing schemes, and buggy code exacerbated by an apathetic and alienating technical support process is the new norm. And yet, despite these experiences, we keep buying this stuff. Why? It speaks to a certain lunacy…a kind of mental illness gripping our campuses and data centers with brand inertia.

There’s got to be a better way for the enterprise. I’ll contemplate how we can break away from brand inertia in future posts.


  1. says

    Another sensible post Ethan. As somebody who experienced TAC for the first time recently, I quickly came up against the push back ethos which made me feel like I was dealing with a local IT hobbyist out of his depth.

    Looking forward to your take on breaking brand loyalty. I think for most companies, the fear of change, the unknown factors and potential cost of re-training, both in terms of money and time can be daunting but it seems that there has never been a better opportunity for other vendors out there to go forth and spread the word as best they can.

  2. JRT says

    As a CCIE and a person that has a vested interest in Cisco products, every time I talk to Cisco reps I am left dumbfounded with disappointment.  The company moves too slowly, in too many directions, to be a leader 10-15 years from now.  HP, Brocade and others will take port count away from Cisco, as will Juniper with routing.  Microsoft Lync and it’s successor in 2014 will crush their Unified Communications business.  Cisco hasn’t even touched Webex since acquisition in 2007 – Google “webex for a dollar”.  Cisco’s Hosted-UC offering is an absolute joke.  They have not invested a dime in making UC multi-tenant capable.  Cisco Quad is a flop.  I’m thoroughly done with Cisco showing up and selling Partners ‘futures’ regarding things that are on the horizon – when better solutions are available in the here-and-now.

    Cisco will continue their practice of bypassing technical staff and heading straight to C-level when selling solutions, forcing their market share from the top.  It’s what they’ve been doing for years, and will continue to do so.  But how long can that possibly last?

    I’m not against Cisco, five years ago I thought that working there would be my dream job.  They need to own up and start putting their retained earning where their mouth is.

    • says

      I’d have to agree with everything you said (minus the UC stuff – because I’m ignorant in that area). They seem to aim their message more and more to the suits of the world, forcing their way in from the top. Appealing to the people making the final decisions is pretty smart on their part, but not exactly appealing to those of us who have to support it. The old adage of “nobody ever got fired for buying Cisco” is dying – Cisco actually has to start TRYING, after being able to sit on their laurels for the last decade.

  3. says

    Excellent article.

    Cisco is the new Inglenook.  At once the best in the valley, but now just a brand name under which inferior stuff is marketed.  I think that is the perception…

  4. Christian Talsness says

    I feel like we should all send links to this post to our Cisco sales reps and the account managers we deal with at re-sellers. I don’t think I could put into words how I feel about Cisco any better than you did Ethan.

  5. Allen Baylisv says

    Not getting to personal here but I agree with you. Cisco has made money on top level wins and not for their technological advances. I

  6. says

    In my view, vendors need to separate out those who request assistance with the configuration / use of their products or make feature requests, which should be billable, with those who wish to report faults in products having diagnosed the cause and provided means for reproduction, which should not be.

    To operate otherwise is surely highly unreasonable business practice, tantamount to extortion, as it burdens customers with costs that should be born by a vendor due to its own failings.

      • Fernando Montenegro says

        If not presenting the bills, a possible alternative would be to ‘move this up the foodchain’, thereby reducing the effectiveness of the ‘sell to senior management’ approach. Presumably, once someone with P&L visibility sees the wasted effort because of poor quality, the conversation would likely change.
        Not to say this is without risk, but it seems a viable approach to me…

  7. says

    Fantastic article Ethan. I think you’ve hit the nail on the head with all your points. I think the lack of innovation is the biggest one for me. Nexus is the only thing Cisco has done in recent memory that was even remotely innovative, and even then FabricPath is still based on TRILL – which isn’t exactly the answer either. 

    I think the other big thing is that the brand itself is hurting. Cisco has become such a watered down brand. The fact that my grandmother can now to go her local best buy and purchase a cisco router is not a positive thing. They also hurt themselves deeply by starting their campaign to bash their competitors. Seeing the small fish doing some bashing is one thing, but seeing the former industry giant doing it just appears childish and desperate. It really makes me wonder why they are so afraid… you know?

    All of this adds up to customers looking at other options. If after an evaluation, they still buy Cisco – so be it. It’s certainly not a bad thing that there is more and more competition though; it makes everyone step up their game!

  8. says

    I feel the same as you… And the nexus comments is exactly what I’m getting almost on a daily basis… crappy software and even more crappy support…

    I’m actually getting to a point where I don’t know whats worst, Juniper TAC or Cisco TAC, and this was easily answered a few years ago.

  9. says

    Cisco is too big which probably explains why it’s lack of innovation, like every other giant technology based organization are facing, RIM, Apple, etc. While I still believe Cisco is a good technology company to work with, and a reliable hw/sw providers, but it was great in the past, not any more.
    1) TAC support – I am using a pair of N5010 / N2148 which were running on 4.1 which I planned upgrade them to 5.0.2, the pre-install script (sh install all impact …) was successful on one switch, however it failed on another one. So I called TAC for assistance, and I was told not need to worry about since it was A cosmetic bug, and the actual install command will be able to get through. So, on early Sunday morning, I came to data centre run the actual upgrade command, it was stopped at the exact same spot as the pre-install script did!   Along with my other experiences with TAC, they are not as helpful as they were before, not because I become more experienced, but rather their technical skills and competency decline quite significantly.

    2) Lack of innovation: I am not sure how many of you are using Cisco FWSM, which had NO hardware updates for more than half a decades, new S/W releases, nope! And in March, Cisco announced that they will stop s/w dev and bug fix of FWSM on 9/25/2013. I still have not seen Cisco has any serious application firewall on their shelf (let me know if I am wrong), I would like to stick with Cisco firewall after 9/25/2013, which might still happen, or I can go out to shop around, and perhaps to pick something like Palo Alto which was not possible in the past. But now, they are on the horizon.

    3) Declined product quality: We are using Cisco WiSM-1 controllers here, and purchased a couple of WiSM-2 controllers and planned to replaced the EoS WiSM-1 controllers. As usual, we put brand WiSM-2 in test centre, pre-configure, test it, and let it run for few weeks, etc. Everything were ok, so we went to upgrade, removed it from test centre and inserted it into prod switch, somehow, the WiSM-2 boot up but cannot load license file, so re-install the lic file and did a reboot and this time it never hang and cannot even power on line, call the TAC and we were told the brand new WiSM-2 had hardware problem and need RMA.

    My confidence and trust on Cisco is going down and low,it’s still a good company but again, not great any more, which force me to pay due diligence and seek alternatives. Cisco spin off some “delusional” business units which demonstrated positive sign, however it will take longer time to recover. 

  10. Alex White-Robinson says

    Cisco TAC has been a disappointment, their sales reps don’t know the product properly anymore and we get stung by licensing that we weren’t told we’d need far too often.

    Being oncall, frankly, used to be a lot less busy than it is now.

  11. says

    The key reason for this brand inertia is based on fear.
    People like to buy “normal” products. Everybody buys
    “normal” right !.

    In this case “normal” is Cisco, Microsoft, Vmware what ever big brand

    If they buy a cisco solution and it does not work, its not their fault.. its
    Cisco’s fault. If they buy a non “normal” brand and it goes wrong
    it’s their fault, because they did not buy “normal”.

    Despite the buggy
    code and the problems with TAC and the complex and expensive licensing
    everybody continues to buy “normal”.

    All major brands were once small brands fresh out the lab. It took decision
    makers with big balls and shrewd negotiation skills to go with the small guy.
    In the meantime all the cowards are watching these maverick decision makers in
    the background to see how it goes.

    If it works they then drop their current big brand comfort
    blankets and run to copy the mavericks. If it does not work they laugh and
    point at the mavericks “Ha Ha you should have bought normal like the rest of us”.

    The growing brands then become confident and sometimes lazy.
    They realise they have passed the inertia tipping point and go all out on
    revenue generation from partners as well as customers. They don’t have to
    innovate as much. Because they are passed the tipping point every body likes to
    buy “normal” right. Instead we get product fragmentation and complex licensing
    to drive revenue.

    This causes the big balled mavericks to go on the hunt
    again, whilst everybody else buys “normal”.

    It is slightly concerning that Cisco have to ask “How do we
    become the most trusted it partner”. They got this big because they obviously knew
    how to do that in the past.

    No ONE vendor should be your most trusted advisor.  Cisco has some pretty bad technology and very
    good technology “Catalysts” and UCS. Use the right tech for the right job. 

    As Mr T would get some Nuts…. Be a maverick

  12. says

    Amazing article Ethan, very on-point. My only comments are for my love for the NX-OS software insanity. Had an issue with route redistribution filtering using ACL’s not working….NX-OS can only use ACL for route-map match with PBR as per the documentation. OK, no problem.

    So the workaround is to use prefix lists…But the 5.x code being used has a bug making prefix lists unusable?!

    Only in NX-OS would your workaround end up being another bug in the code.

  13. says

    I totally agree with the software licensing thing. I’ve seen so many places that continue to purchase Cisco routers exclusively because migrating away from EIGRP is all to hard. I can’t work out why they wouldn’t want to encourage people to widely use features like FabricPath and OTV for the same reasons.

  14. Landis Vinchattle says

    I read your pain points, and all I could think was “ditto”.  I still remember my first experience with TAC as a very green consulting tech barely able to navigate the CLI and attempting to set up a multisite frame relay network I didn’t really understand (and that nearly burned me out on networking).  I called TAC for some assistance in configuring dynamic routing, briefly described the design as I understood it, and was immediately rewarded with some helpful explanation and a functional configuration.

    Today?  We’re 8 months into a TAC case (IOS bug… or maybe hardware… can’t really get a solid confirmation) impacting multiple (four at my last count) sizeable customers.  I suspected for a long time their design was wrong even though we had explained it multiple times, and we were finally able to get on a webex with the engineer a couple of months ago.  After generating configurations for them, much as my first TAC engineer did for me (though I admit I took longer since I have my own job to tend to), they were finally able to duplicate the problem… I think.  I’ve only received one voicemail (three weeks ago) and one e-mail (a week ago) since then.  

    Their supply chains are seriously broken, I disagree a little bit on innovation as there are lots of “new” things – but none of them are fleshed out (still no VRF-aware SSH server), and overcharging for everything.  I’m really beginning to believe Cisco’s pricing is determined by the question “How much can we get them to pay, and if we give them a break upfront, how much can we take in maintenance and how little do we have to provide back?”

    In places like basic WAN/VPN/service networks (outside of high density, high performance, and niche requirements where ASICs and engineering start to bring value), I believe we are in the early phases of an evolution that will allow us to replace Cisco with commodity, x86 hardware and open source software.  You need look no further than Vyatta and Juniper for hints at this.  I’m testing that theory even beyond the established platforms, at least on a personal level.  I don’t expect to throw Cisco out completely – I have some bigger iron in datacenter environments that they are the best fit for.  But I do expect things will be interesting in a few years when time comes to start replacing equipment again, and that Cisco will have to do much more than just show up to look at the lack of competition.

  15. MRD says

    A few months ago I called into TAC with an issue on 5.1(3) for the Nexus 7000.  The TAC engineer identified the issue as a faulty SFP on the peer-link.  They then went a step further and stated that the group responsible for the N7K wanted all customers to move to the latest 5.2(x) version.  There was also a document at the top of the N7K release notes page advising the same.  I was a bit skeptical but two month into my adoption of 5.2(4) I have not seen any major issues.

    You get the impression with NX-OS that for the longest time Cisco believed that new features out weighed the quality of the code.  Each train of the 5.x code has a deferred version, two for ISSU and one for a feature introduced in that version.  I hope that 5.2(4) is a realization that quality outweighs features but I’m still skeptical.

  16. NetworkJanT says

    Hi Ethan,
    Maybe you-and many of the commenters below- should seriously consider looking for an alternative to Cisco: not perse to get rid of them, but to push them becoming more innovative again and re-consider their licensing model. If the customer only barks and doesn’t bite nothing happens in todays world.
    But competition does a great job putting customers back into the mind of vendors (and not only the investore). Nice example is in virtualisation: where VMW offered some of its nice features only with a license, when an inferior virtualisation platform (Hyper-V) offered some f these features as standard VMW had to follow (example Live Migration).
    So why not look at competitors in the enterpise/datacenter market:imho Force10 does offer a good alternative, the Z-9000 for a distributed core is great if you design your infrastructure in a way that it like this concept. Or the E-1200 series: if it can chew the data coming from the Largre Hadron Collider at CERN it will also handle my DC data (haven’t playes with that range though) and at a smaller datacenter (or as end-of-row) the S4810 is a nice box as well. And both the S as Z series use the same Trident+ as in Nexus5K boxes. (end both F10 and Cisco are wise enough NOT to use the Broadcom software and API’s but created own code from scratch: BD make nice chips but their code is
    And compared to Cisco chassis or Brocade RX my electricy meter runs a lot slower as well, and when my boxes use less power they also create less heat; keeping my airco quiet…

Leave a Reply

Your email address will not be published. Required fields are marked *