Friday, August 24, 2012

Cisco irritates me

Why must everything be so difficult with Cisco?

Specifically in this case, 802.1Q tagging on a Catalyst 2960.  The lack of a "vlan dot1q tag native" command is causing an issue for me that is actually solved in my case by using a Cisco (aka Linksys) SG300-28 switch which costs hundreds (thousands maybe?) less.

Can I vent for a minute?  OK, thanks. 

Don't get me wrong, Cisco makes solid products and they are pretty much the gold standard.  However, as a close friend of mine said when talking about a PIX, "It's easy to be rock solid when you are a rock."  The fact that you need to buy separate products for separate functions for just about everything makes it unrealistic for the types of environments I deal with on a regular basis.

Take for example a scenario where we need a firewall, WAN load balancer, WAN optimization, web filtering, inline antivirus, wireless LAN controller, and IDS/IPS.  To do this would require several Cisco devices with advanced licensing, consulting services with several white collar project managers, potentially a couple of servers, and even third party software from a vendor like WebSense.  Or... we could just buy a FortiGate UTM appliance for the same cost as a single Cisco device and it includes all of these things and more and has a very nice user interface.

Even with Cisco's purchase of Linksys and various other strategic acquisitions, now all they seem to have is a disjoined selection of product lines with new sets of limitations.  Maybe Cisco is still the premier solution for enterprises that have unlimited budgets, but for the other 95% of the world, I think it is time to raise the bar.

Now, Cisco does still hold the spot for T1 routers in my book (and a few niche products like the Catalyst 3750-X stack).  But for general switches, price drives most conversations and I can get all the features I need for most implementations in HP, Dell, Netgear, and yes, even the SMB Cisco/Linksys lines.  For Firewalls/VPN/UTM/WAN OPT/LB/wireless, Fortinet holds my heart now.  For phone systems, the verdict is still out but I am pretty sure Cisco doesn't sit anywhere on my list because of complexity and cost.  If I had to pick a phone system, I would say ShoreTel at this point.  And for servers, the Cisco UCS does look pretty nice and listening to a sales/marketing pitch on it paints it to be so much better than HP or anything else, but at the end of the day in my virtual reality of a life, hardware is hardware and HP/Dell(/even SuperMicro) works perfectly fine for me and my client base at a lower cost.

I'm feeling bad for being so down on Cisco right now and am worried I will get a horse head in my bed tonight when big brother sees this but I needed to get it off my chest.  I guess they do still have good certification tracks if nothing else :)

No comments:

Post a Comment