The Importance of Upgrading
When thinking about keeping your network safe, upgrading networking hardware is often overlooked. It’s hard enough to get everything to play nicely together, and once it does, the last thing you want to do is disrupt that delicate balance. Plus, there’s a lot of planning, a lot of meetings, and probably a lot of money to spend. No wonder just the thought of upgrading infrastructure makes most admins want to run and hide.
Not upgrading, though, can put you at risk in a variety of ways.
EOL? EOE? EOS? SOL!
Nothing gold can stay, and that is as true for networking hardware as much as anything else. As vendors develop new and exciting feature sets, old hardware gets strained more and more until, finally, it just can’t keep up. You might not necessarily be interested in those new features – as long as the packets are flowing, who needs the latest and greatest? And that makes sense – there’s a lot to be said for not being an early adopter. As cool as cutting-edge innovation often sounds, it sometimes fails to deliver on its promises (Look at the ill-fated Lily Drone, the Juicero Juicer, and the Cisco Umi – all products that showed great promise, but fell far short of expectations.)
We all understand how important it is to at least keep up with security updates, but products don’t get updates forever. Watch out for these 3 phases of the product life cycle signify it’s time to get ready for replacements:
EOE: End of Engineering
No new features or fixes will be developed during this phase, although critical security fixes might still be released, and you can still get support….although the answer to most of your support questions will probably be “Upgrade.”
EOS: End of Support
There is no support and probably no security fixes (although if a critical vulnerability is uncovered, you might get a patch). For all intents and purposes, the product is dead. You might be able to get support assistance to upgrade, or they might help you if you run into an already-known bug.
EOL: End of Life
Stick a fork in it; it’s done – no support, no patches, no nothing. For all intents and purposes, this product no longer exists.
Still Lurking Out There
Why does it matter if something still has vendor support? Well, just because the vendor has seemingly forgotten about these devices does not mean hackers have. Here’s an example: In 2021, six years after Western Digital ended support for their My Drive line of external hard drives, a remote code execution bug resulted in many users losing all of their data. The worst part is the vulnerability was reported to Western Digitial in 2018, a full three years before the bug was exploited, but since support for the drives had already ended Western Digital chose not to fix it.
Sometimes those new features become default standards. Devices in the late 90’s that shipped with 802.1a or 802.1b wireless networks were quickly rendered obsolete when a critical design flaw was found in WEP. Anyone not wanting a laughably easy to hack wireless password had to get completely new hardware. Now all networking hardware ships with some form of WPA enabled.
If you’re still not convinced, consider this: you could run afoul of the law if you use out-of-date hardware. Many regulatory standards like GDPR, HIPAA, PCI DSS and more require organizations to take reasonable steps to protect sensitive information. If you are the victim of a data breach, you will have a hard time justifying the use of old hardware. It could also impact your certifications – if you maintain SOC 2 or ISO 27001, EOL hardware might put you out of compliance.
Upgrading networking may not be the most exciting prospect, but as technology evolves and grows, it’s crucial to ensure you’re not falling behind. Proactive upgrades not only enhance your ability to stay secure, but they also keep you safe from regulatory and legal penalties in the case of a data breach. Investing in the future by keeping your network infrastructure current will ensure you can support your organization’s goals for security, growth, and innovation going forward.
