BradReese.Com Cisco Hardware Quotes Call Toll Free 877-549-2680 or 828-277-7272

Home About Repair Power Supplies Refurbished Blog Quick Links Site Map Contact Us

 
Brad Reese speaks out
Learn more about Brad Reese...
Archive
  Help

Aironet

Power Supplies

VoIP Gateways

Cisco Repair

Refurbished Cisco

Cisco CPQRGs

New Cisco

New HP ProCurve

Cisco Tools

Competitive Lab Tests

Tech Forums

How-to Tutorials

CCIE Gossip

Blogroll

 
View archive of Brad Reese speaks out

Subscribe to Bloggers speak out on BradReese.Com

ZTE's State of the Art Trusted Delivery Model

Can Cisco components and equipment manufactured in China meet ZTE's Trusted Delivery Model?

Hershey, PA:   Fri, 11/30/12 - 1:59pm    View comments

Network WorldJim DuffyThe below comment was made to Network World's Jim Duffy earlier this week:

Chinese media attack Cisco

"Since most network infrastructure hardware is manufactured in China and many targeted industrial cyberespionage attacks seem to originate in China as well, it is only prudent to ask the question 'how can we verify that critical enterprise network infrastructure devices have not been compromised during manufacturing or shipping?'

"For that matter, how can we verify that network devices designed & manufactured entirely within other countires are not compromised either? When you stop to think about it, we place implicit trust in equipment all the time simply because of the corporate logo on the front of the device, while, in reality, it is all coming out of the same globalized supply chain. 'Trust but verify.' Okay, but how do we actually 'verify'? Can anyone at Cisco, Huawei or ZTE answer this question?"

Well, I reached out to ZTE and received the following official response:
 


 

ZTE China

 

ZTE's State of the Art Trusted Delivery Model

Core elements of ZTE's Trusted Delivery Model include:

  • The Trusted Delivery Model provides a high assurance of security to stakeholders about ZTE's system, free from known security risks and matching carrier's purchasing order.
  • ZTE provides full transparency and complete cooperation while security testing and trusted delivery verifications are being executed by an independent third party assessor.
  • A comprehensive independent audit, including a physical facility review with a focus on security and maturity of ZTE's processes pertaining to software and hardware design and development, manufacturing and supply chain/delivery operations is conducted during the Trusted Delivery Model review.
  • A thorough, in-depth high assurance evaluation of the ZTE software, firmware and hardware is conducted by the assessor. Software and firmware source code are fully analyzed and evaluated. Hardware is evaluated to the level of detailed printed circuit board layout, discrete components and signal paths in and among circuit boards.
  • System level security vulnerability testing, conducted by the assessor and executed continuously throughout the system/technology lifecycle includes tailored penetration testing that is informed and guided by a deep analysis to bring to light vulnerabilities and exposures in the system.
  • The Trusted Delivery Model confirms that ZTE's systems match the systems certified by the assessor and deployed by the carrier. The security testing processes are continuously evolving to address specific government agency and carrier concerns.
  • The trusted delivery model promises complete visibility of audits and testing results for carriers authorized by the U.S. Government Agency and other stakeholders.

 

Note: I've both called and emailed Cisco's top Public Relations executive, John Earnhardt, seeking Cisco's official response regarding the "safety" of Cisco components and equipment that are manufactured in China and received absolutely NO response.

Related stories:

Chinese media attack Cisco

Is Cisco behind the U.S. Congressional attack on Huawei and ZTE?
 


What's your take?

Contact Brad Reese

Subscribe to Bloggers speak out on BradReese.Com

Brad's Favorite Story Picks

  1. 5 keys to successful enterprise NetFlow deployments - Mike Patterson
  2. Discrepancies found in Cisco's Q1'FY13 vs. Q1'FY12 net product sales
  3. Cisco's Q1'FY13 switching, routing, collaboration and other revenue declined year-over-year (YOY)
  4. An open letter to Cisco CEO John Chambers got results
  5. Former Cisco RTP employee and CCIE Voice #13747, Brad Cooper, appeals first degree murder conviction
  6. Cisco's Odd Johnny is out!
  7. Cisco internal email vows to hunt down the sources of confidential memo leaks to Brad Reese
  8. Cisco's salesforce is now compensated on profit contributions, not just bookings
  9. New book on NetFlow and IPFIX - Mike Patterson
  10. Cisco internal email addresses $100 million overcharge on $22 million California State University RFP
  11. ZTE USA workshop targets the $5 billion secondary Cisco market generated by the elite members of UNEDA
  12. Cisco's lead smart guy and rock star, David Meyer, jumps ship for Brocade
  13. Imminent death of VCE will be no surprise to Wall Street
  14. Voting for Cisco shareholder proposal No. 5 will oust John Chambers as Cisco's Chairman
  15. Is Cisco behind the U.S. Congressional attack on Huawei and ZTE?
  16. Have Cisco's councils and boards morphed into a bloated structure of 2-in-the box?
  17. Cisco Cat6k Sup2T is the premier NetFlow switch with amazing performance - Mike Patterson
  18. Padmasree Warrior declares her aspiration to become Cisco CEO
  19. Single-handedly, fierce Cisco competitor Arista Networks appears to have delayed Cisco's SDN initiative
  20. View the archive of Bloggers speak out on BradReese.Com
 
blog comments powered by Disqus

CCIE available Metro DC

Supplement Cisco SMARTnet Contracts

 

©2013 BradReese.Com - Home - About - Repair - Power Supplies - Refurbished - Blog - Quick Links - Site Map - Contact Us