Continuing with my theme of paying premium prices for faulty products, Michael McNamara shares a recent experience:
I just recently had two HA pairs of Cisco ASA firewalls just stop communicating. A reboot of both the primary and secondary firewall in each HA pair resolved the problem. I had never observed such odd behavior from two pairs of Cisco ASA firewalls so I immediately suspected either a possible public exploit or a software bug given that both HA pairs were upgraded within the past 6-7 months.
Upon reviewing the 9.1.7 release notes from Cisco I stumbled over the following entry;
CSCvd78303 – ARP functions fail after 213 days of uptime, drop with error ‘punt-rate-limit-exceeded’
Some Questions We Don’t Ask
How does a premium networking vendor ship a product, promoted & sold as mission critical, that simply stops working after 213 days ? Did the vendor not test it ?
Why is there no product recall advising customers of this problem like we have with consumer products ?
Should the customer take the responsibility for locating the problem and repairing the fault ?
If this was your car, would you take it back to the dealer and demand a replacement for this lemon ?
Why This Matters
I am aware that the Cisco ASA product is obsolete and has had serious problem for many years. Cisco still sells it today because customers keep buying it. Customers keep buying because they think newer products are worse than the old ones.
In my view, it should have been pulled from the product line as soon as they bought SourceFire but customers just live with and love the problems. As long as the product sells, customers get more of the same. Look around at products from other vendors, they all do it.
Until you start pushing back on the vendors about quality & reliability, you will get second rate products while paying premium prices.
Cisco ASA Firewall breaks after 213 days of uptime : https://blog.michaelfmcnamara.com/2017/09/cisco-asa-firewall-breaks-after-213-days-of-uptime/