[holydude]

What makes you think they can do it better in terms of security? In my opinion it is a matter of costs and trying to solve a specific problem.

[astrodust]

Google can better control their designs and supply chain than Cisco.

Cisco's priorities are more directly profits. Google's are often more security related, though they can profit from being more secure.

[SCHiM]

They can better control their supply chain maybe, but still not good enough if/when they're up against state sponsored espionage.

[mlangdon]

The big difference here is that states can simply buy access to, e.g., a Cisco Nexus and attack it from inside and out until they find a vulnerability in NX-OS, let's say, a malformed CLI-via-HTTP call.

Whereas, what software does a Google switch even run? What's the architecture, the APIs? You basically need someone inside Google, or for one of these things to fall off a truck. Way more involved and expensive than the 10k you might spend on a Nexus to throw it your lab and set your hackers on it.

[stargrazer]

Actually, Google has published papers and have presented talks (many of which are available on Youtube) on the type of gear they have developed. I don't know what their latest versions are, but recently they were using OpenFlow style infrastructure to provided fine-grained control (security, balancing, analysis) over flows through out their network. OpenFlow style constructs also provide a micro-segmentation style control (ie distributed firewall) over ingress/egress of traffic at the individual container/vm port level.

[closeparen]

An organization whose job it is to infiltrate hostile governments and intelligence agencies should have no problem infiltrating Google.

[bastawhiz]

And you think Cisco devices are better equipped against state-sponsored espionage?

[astrodust]

I think they're worse off since they're manufactured abroad to known specifications.

[dualboot]

Google is a publicly traded company. The primary focus is always enhancing shareholder value.

[pducks32]

Ah shareholder value. Value is the keyword. It's not shareholder money per se. If a companies stock jumps because people think you are bold for making your own secure network equipment then you have created value. Security and privacy can make value. Look at Apple. Public perception of Apple makes up a nice part of their stock and it's based around (just to name some smaller ones) privacy and security.

[astrodust]

Better get on the phone with Jeff Bezos because he missed that memo.

[aibottle]

Well mostly because they don't rely on any legacy code base but they can write it all by themselves. Also Google has somewhat of an reputation for security other than Cisco.

[vgt]

Google rolling its own hardware is a key security pillar. This is a good read on the topic:

https://cloud.google.com/security/whitepaper

(work at G)

[dsr_]

Think of it in the same terms as any other service you're contemplating: do you want to pay other people for proprietary stuff, or do you want to pay your own people to develop skills around open stuff?

cisco has an incentive to not look foolish, but they don't particularly care about any small or mid-size accounts. Your people have an incentive to care about your security and functionality. Weigh up the advantages and disadvantages and make your choice appropriately.