Sunday, March 22, 2009

NSM on Cisco AXP?

Last year I wrote Run Apps on Cisco ISR Routers. That was two weeks after our April Fool's joke that the Sguil Project Was Acquired by Cisco.

I am wondering if any TaoSecurity Blog readers are using Cisco AXP in production? Looking at the data sheet for the modules, they appear too underpowered for NSM applications, especially at the price point Cisco is advertising.

Anonymous said...

I would be wary of those NME's. They look like similar to the rounter IDS module platform. In my previous job we had a disappointing failure rate (~50%) on the hard drives. Cisco used 2.5" laptop hard drives that did not fare well in the environments that routers typically operate in such as wiring closets. Additionally the drives were not rated for 24 x 7 operation. The platform with the flash memor may fare better but the CPU looks underpowered.

Martin said...

Ah, that reminds me of the good 'ol days when I took a screwdriver and removed the faceplate from a NAM module in a 6509. When I plugged a keyboard and monitor into the unit and got a root password prompt, I dug a little deeper and found that it was just RedHat 7.3. So, I removed the hard drive from the unit, booted it as the secondary hard drive in a different computer, and reset the password. From there I basically had a fully functional RedHat box with a 6509 backplane interface. But just as I was ready to start doing some cool things, I found that most of the necessary tools to compile and install things were missing. I was new to Linux at the time, so after trying for a few hours to get a new Linux kernel to compile with the backplane drivers, I eventually gave up. I wish now that I had pursued that a little more, as I'm sure that now I'd know what I was doing with it. Unfortunately, the hardware was nothing more than a commodity-grade Pentium 3 and a small amount of RAM, so it sounds like these AXP modules are about in the same boat. Still, the idea of having a customizable SW module with a backplane interface has always been tantalizing. But for all of the geek appeal, with any kind of significant bandwidth, that hardware just won't cut it.

