CRN Exclusive: Cisco Earns Top Ratings For Response To Spectre, Meltdown Security Crisis


Printer-friendly version Email this CRN article

In the days after the Spectre and Meltdown bugs hit the news, Faisal Bhutto, vice president of corporate strategy at Computex, a solution provider in Houston, was struck by the level of confusion in the market.

"The fact is there's no easy fix, and in the first couple of days there was a lot of noise in the market, a lot of confusion in the market," Bhutto said. But as far as Computex's Cisco customers were concerned, the bugs and the strategies for handling them were not a big deal thanks to the networking giant's focused, fast-moving and complete response to the chip vulnerabilities.

"They did a bang-up job, and we were able to get customers aware of what's happening and calm their nerves," Bhutto said.

[Read on: CRN's coverage of the Spectre and Meltdown Response]

In a recent CRN survey of solution providers, Cisco earned top marks among hardware vendors for its response to the Spectre and Meltdown vulnerability discovery; it scored better than bested other industry titans like IBM, HPE, and Dell EMC.

CRN conducted an online poll of 190 members of the CRN Channel Intelligence Council, a panel of solution providers representing the broad channel ecosystem in North America. In the survey, solution providers ranked the vendor responses to the Spectre and Meltdown vulnerability issue on a scale of 1 to 5, with 5 being the top mark, or "excellent."

Cisco scored a mean rating of 3.66 out of five in the survey, which asked solution providers currently involved with the vendor to score vendors' technical, patching, support service and partner communication in the wake of the Spectre and Meltdown bugs. IBM scored 3.58 in the survey, while HPE scored 3.57 and Dell EMC scored 3.57. Lenovo scored 3.55. HP Inc. scored 3.54 and Apple scored 3.47. NetApp scored 3.28.

"The major manufacturers we work with – Cisco, HPE, Dell EMC – they're all world-class organizations, but the engagement we had with [Cisco's] data center team sets them apart," Bhutto said. "When it comes to field engagement, it's not just newsletters and blogs," he said. "That content is there, but at the end of the day, a phone call, a Spark message is more enriching, and that's what stands out."

The Spectre and Meltdown bugs affected CPUs industry-wide, prompting Cisco to issue security advisories covering dozens of products, including UCS servers. Cisco's response, Bhutto said, is helped by the fact that its channel-focused engineers act as specialists rather than generalists.

"We do a lot of UCS business, and you have engineers who are focused on a particular architecture," Bhutto said. "There's a concentrated effort of assigning partner engineers. That's helped, and you could see the results when Spectre and Meltdown happened. For all of our customers who are UCS clients, it was fairly easy."

Close communication and focused engineering expertise have enabled Computex to calm customers and provide clear, comprehensive advice, Bhutto said.

"We held education sessions with each large customer of ours," Bhutto said. "We give them a breakdown, and we assigned three of our experts on data center to put together a very concise summary and present it to customers, and that was a huge help. It's about continual education, making sure customers take care of patches and have a disciplined patching cycle. This is a problem you don't solve overnight, but we had enough data to begin communicating with customers right away."
 

Printer-friendly version Email this CRN article