While reviewing one of my remote office environments, I found a small edge router running antiquated, known-buggy code that Cisco has classified as “deferred”. For the uninitiated, when Cisco classifies an IOS release as “deferred”, that means that they don’t want you to run it because it’s known to be problematic. Some stability, security, or other critical issue has rendered the code to be unsuitable for production environments.
Out of habit, I logged into Cisco’s site, and proceeded to download the latest code for this device. The idea was to bring this router up to something that’s known to be stable and vulnerability free, especially considering it’s Internet-facing.
I can’t download the code. Not anymore. It looks like Cisco is matching CCO ID with associated SmartNet contracts. If the device you’re trying to download software for doesn’t match up with what’s covered in your contracts, your download will fail.
I’m going to guess this enforcement has been going on for a while, and this is just the first time I’ve run into it. We have a number of large SmartNet contracts, so this has just never come up for me in the past. Now that it has though, I’ve got some issues with Cisco’s approach.
- This is a lousy way to enforce licensing agreements. All this will serve to accomplish is growth in the warez and gray market for IOS images people need to get their jobs done. Not that I’m condoning that approach – I’m just pointing at the elephant in the room.
- I need to upgrade bad code Cisco shipped to me with a smile, but instead I’m stuck with the problems. In the auto industry, that would be called selling me a lemon. Therefore, Cisco is making me pay extra for the privilege of running code that isn’t borked. That’s bad customer service, and it’s potentially bad for the Internet as a whole, depending on what sort of borked the code is.
- It’s really inconvenient. As if the IOS software download system isn’t painful enough to navigate, I am taken all the way to the end of the download process to discover I’m being denied access to the required image. Cisco, you need to do better. If you’re going to enforce licensing based on CCO/SmartNet associations, why not just present me with a list of devices you will allow me to upgrade/unbork? Obviously, you’ve got the data on the backend already, so don’t make me guess.
- I’ve worked for multiple Cisco partners as well as large Cisco customers, and I’ve done my time in the SmartNet trenches. SmartNet contracts are one of the most poorly organized and administrated systems I’ve seen in the world of technology. New numbers are issued with every device unless you’re very explicit, and even then your instructions are often ignored. Different coverage levels require different SmartNet contracts. Anyone (i.e. your VAR instead of YOU) can get coverage for a given serial number, and there’s effectively no central management for a specific organization. Migrating devices between contracts is a brutal process. Co-terminus agreements are a battle to obtain. When ordering coverage, there is no predictable means of notification as to the coverage level, when the contract started, the contract numbers, or associated serial numbers. It’s an epic, end-to-end FAIL. And now I’m forced to maintain my Cisco infrastructure based on this foundation?