First it was Cisco; now it is Juniper and apparently there are a number of other vendors who will be affected by this flaw.
While no one is saying who the vendor of the flawed hardware inside Cisco and Juniper products is, it is believed that it is Intel’s Atom C2000 chip. Intel has acknowledged problems with that chip which seem to match the description that Cisco and Juniper are saying exists in their hardware. Stay tuned.
Cisco has set aside $125 million to pay for repairs for faulty equipment.
So what, exactly, is the problem?
Juniper and Cisco are saying that there is a flaw in a hardware clock component that is used in their switches, routers and security devices that may cause the device to crash and die starting about 18 months. The device is not rebootable and not recoverable. It is, as we geeks like to say, “bricked”.
Cisco says certain models of its series 4000 Integrated Service Routers, ASA security devices, Nexus 9000 switches and other devices are affected.
Juniper said that 13 models of switches, routers and other products are affected.
Juniper says it is not possible to fix the devices in the field. They also said that they started using this component in January 2016, so the 18 month lifetime is rapidly approaching. They say they are working with affected customers.
HP has announced that some of their products use the Intel C2000 and may be affected as well. Expect more manufacturers to make announcements as they analyze their product lines.
For users, it seems like if your product is under warranty or a service contract dated as of November 16, 2016, Cisco will replace the device proactively. They say that they expect the failure rate to have limited failures at 18 months, but a more significant failure rate as it reaches the three year age range.
For customers that are not under warranty or a service contract, well ……… I think you may be on your own.
If you have products that use this component, you should work with your suppliers to understand the risk and figure out how to mitigate it.