Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
Bookmark
|
Subscribe
|
741
Views
3
Helpful
6
Replies

Migrate from catalyst switches to small business

chpmotry
Level 1
Level 1

‎11-03-2023 12:31 AM - edited ‎11-03-2023 12:59 AM

Hi guys.

our network is old about 15 years  with a lot of catalyst 2960 switches : c2960g, c2960+ and c2960s that their ios are for 2018 and older.and the edge of our internet access is fortinet firewall and we dont have c2960s or c2960g that is in edge of internet access.  is it making problem for our network security and are we forced to migrate to c9000 and small business switches?

is the using catalyst switches dangrous in terms of security threats such as unallowable login that couses denial-of-service or watchdog crash and othe cve that reported in cisco website?

0 Helpful
6 Replies 6

DanielP211
VIP Alumni
VIP Alumni

‎11-03-2023 12:40 AM

Hello!

If you follow security best practices and regularly upgrade switches, especially when a critical vulnerability emerges, I would say that Cisco Catalyst switches are among the most secure options you can get.

BR

****Kindly rate all useful posts*****

chpmotry
Level 1
Level 1
In response to DanielP211

‎11-03-2023 12:50 AM

Thank you @DanielP211 . The switches c2960s and c2960g are no longer supported in terms of  Vulnerability/Security.and i cant upgrade their ios

0 Helpful

DanielP211
VIP Alumni
VIP Alumni
In response to chpmotry

‎11-03-2023 01:47 AM

Best practice is to migrate to newer switches which have support ASAP. In your case SMB switches.,

****Kindly rate all useful posts*****
0 Helpful

M02@rt37
VIP
VIP

‎11-03-2023 01:02 AM

Hello @chpmotry 

In wich environnement? Datacenter? Office?

Best regards
.ı|ı.ı|ı. If This Helps, Please Rate .ı|ı.ı|ı.

chpmotry
Level 1
Level 1
In response to M02@rt37

‎11-03-2023 01:12 AM - edited ‎11-03-2023 01:13 AM

These c2960 are in offices that maximum have three clients.

0 Helpful

Joseph W. Doherty
Hall of Fame
Hall of Fame

‎11-03-2023 05:10 AM

"is the using catalyst switches dangrous in terms of security threats such as unallowable login that couses denial-of-service or watchdog crash and othe cve that reported in cisco website?"

Yes it is, however often many don't understand it's not so much a question of dangerous but how much dangerous.

In the case of a no longer supported IOS, it's difficult to even really know if you're at higher risk until a security flaw is found in current software which also applies to older software too.

Even if a non-fixed security flaw is identified, what's the risk that someone will use it against you?

"is it making problem for our network security and are we forced to migrate to c9000 and small business switches?'

Are you forced?  No.  However, it can be very difficult to scientifically analyze the situation because you end up with probabilities not certainties. For example, you might run your existing equipment for another 20 years, without a security exploitation or be running the latest and best and be hit by a zero day exploit.

So, must you upgrade?  Not really.

So, should you upgrade?  Cannot say.  That's something you need to decide.

I will say, much like insurance vendors recommend (buying) as much insurance as possible, hardware vendors also recommend (buying) newer equipment too.

Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card
Top