Non-Technical Factors in Vendor Choices

deanwebb · October 18, 2015, 11:10:57 AM

How many times has it happened? You do your homework, find the right gear for the right job, and make a recommendation to go with the new guy, Vendor 1, instead of the established firm, Vendor 2. Vendor 1's gear clearly can be shown to outperform 2 in the ways that matter for your enterprise.

And yet, there's still discussion... why?

"Well, we've always been a Vendor 2 shop."

"We get deep discounts on Vendor 2 gear, and this would disrupt the relationship."

"Vendor 2 has offered some very attractive pricing arrangements."

"Vendor 1's licensing actually puts us at a cost disadvantage. Going with Vendor 2, we're covered by their enterprise agreement."

While the first one is just intellectual laziness on the surface, it can have its roots in the other three. Price, along with bandwidth, latency, inspections per second, and all the other technical factors, is a *huge* concern and can't be disregarded.

In fact, your recommendation to go with Vendor 1 may actually be just a bargaining chip to get Vendor 2 to come way down in price. I've seen this happen many a time in negotiations. It may not cause Vendor 2 to change its product to make it where it is equal to or better than Vendor 1's gear, but it will cause them to drop prices so that they don't lose the business.

I've also seen price negotiations that go in Vendor 1's favor to result in a dramatically different set of gear ordered than what was recommended, just to finagle the price to where their gear comes in at a price point lower than Vendor 2.

"If we virtualize these components of the solution, then we can purchase under the software budget."

"These models, which do have lower performance specs, we can get at a steal."

"We'll buy this gear up front, but we won't activate maintenance and support until we actually install it in the next fiscal year, so don't connect any cables until October 1st next year."

"We got what you wanted, except for that additional expense for the value-added additional feature that required a higher licensing level to activate. We can visit that issue again in next year's budget."

These are things that have to be kept in the back of your mind as you make technical recommendations. Even if you get what you want, you may not get what you want.

burnyd · October 18, 2015, 08:09:43 PM

Everyone knows that one guy way up in the company to either gets free hand outs ie tickets to sporting events, dinners etc. Or the one guy who pushes a particular vendor to keep himself employed.

deanwebb · October 18, 2015, 09:34:43 PM

True... I've heard the tales of vendors shooting down careers of engineers that didn't drink enough kool-aid. They want to send a message so that others there live in fear.

In such cases, the vendor has way too much connected to the firm for the relationship to be healthy. Don't live in fear, move on.

wintermute000 · October 19, 2015, 12:02:15 AM

you missed out support and ease/cost of acquiring skillset (whether permanently in-house or temporarily/contracting or outsourced/consulting).

No use going with vendor X for 20% performance gain if nobody on your staff has the skills, you have to fly them somewhere else for a week @ 5k per head to do the basic course and their TAC is useless, etc. It usually has to be a pretty big gap to go to a completely unknown/niche vendor. Its obviously less of an issue for the big boys e.g. Cisco to Juniper.

Of course it depends - eg. deploying brocade switches on your access layer instead of cisco for example, no big deal. Core / MPLS switches, another issue altogether. (In Brocade's defence I've seen cost/performance figures up to 50% better than comparable ASRs so yes it can make sense LOL). Ditto for changing firewall vendors.

deanwebb · October 19, 2015, 05:41:24 AM

Yeah... firewalls... everyone wants Checkpoint/Palo, but they also trained up on an ASA 5505... Looks like we get another Cisco!

wintermute000 · October 19, 2015, 06:58:34 AM

Yech.... seen that scenario way too many times. but yes, that lab 5505 I bought (then sold as soon as I got that CCNP Sec pass email) turned out to be great value, considering the number of times I've had to jump onto an ASA CLI.

Firepower you say? Why, its basically a second device bolted onto the ASA that you have to separately mess with? great, two for the price of one!!!

routerdork · October 19, 2015, 09:25:03 AM

We are told we have to maintain two vendors not just for price wars but also so that each site can determine what equipment they want to use. We are a globablized/un-globalized mess. That's one item on my list of why I'm leaving.

dlots · October 19, 2015, 12:34:55 PM

If you can go single vendor like Cisco it really does help some-times, so when there is a routing issue between your FW and router they can't point fingers at one-another, there have just been so many times when devices didn't work right between echother that all worked out cause all items involved were Cisco that I fear what would happen getting different vendors working together.

Not saying that's a final "you should always buy Cisco", but it's defiantly something to keep in mind.

wintermute000 · October 20, 2015, 04:30:11 AM

the only time I've ever seen that happen is routing to a Nexus :p

either
- broke the Nexus design rules re: peering over a vPC or related topic
- plain old NX-OS bug (7ks.... 5k L3 modules... kill me now)

Never seen a normal vendor FW to a normal router/L3 switch running normal OSPF or BGP develop any issues outside of incorrect design/config.

Of course, active/active FWs and each vendor's special sauce MAC spoofing ghetto load balancing and all bets go out the window

dlots · October 20, 2015, 08:03:09 AM

I have had several issues with EIGRP.
Had one where the ASA kept getting stuck in active with an ASR 1002 (IOS bug on the 1002).
One where the ASA wouldn't get the route update the 2921 sent it (IOS issue with the 2921).
One where we had connections flapping between routers alot (IOS bug where you couldn't have QoS on different types of interfaces).
Port channels won't form between different switch modal types.

deanwebb · October 20, 2015, 08:09:44 AM

Lol technical issues... too bad, accounting says that it's cheaper to run our routing off the ASA instead of using a dedicated L3 device, so you get that EIGRP to work, or you're over budget. And that won't look good on your annual review.

Accounting is architecture, remember that!

routerdork · October 20, 2015, 09:06:36 AM

Quote from: deanwebb on October 20, 2015, 08:09:44 AM
Accounting is architecture, remember that!

This awful, true statement belongs in your signature line so as to be never forgotten

deanwebb · October 20, 2015, 09:27:20 AM

Quote from: routerdork on October 20, 2015, 09:06:36 AM
Quote from: deanwebb on October 20, 2015, 08:09:44 AM
Accounting is architecture, remember that!
This awful, true statement belongs in your signature line so as to be never forgotten

Done. And bolded. Commence the wailing and gnashing of teeth.

NetworkGroover · October 20, 2015, 12:21:37 PM

Quote from: wintermute000 on October 19, 2015, 12:02:15 AM
you missed out support and ease/cost of acquiring skillset (whether permanently in-house or temporarily/contracting or outsourced/consulting).

No use going with vendor X for 20% performance gain if nobody on your staff has the skills, you have to fly them somewhere else for a week @ 5k per head to do the basic course and their TAC is useless, etc. It usually has to be a pretty big gap to go to a completely unknown/niche vendor. Its obviously less of an issue for the big boys e.g. Cisco to Juniper.

Of course it depends - eg. deploying brocade switches on your access layer instead of cisco for example, no big deal. Core / MPLS switches, another issue altogether. (In Brocade's defence I've seen cost/performance figures up to 50% better than comparable ASRs so yes it can make sense LOL). Ditto for changing firewall vendors.

You know... reading this... I gotta say this sounds a little lazy (Minus the support part - that's spot-on).

So you're saying you wouldn't go for an overall 20% improvement in performance simply because you'd have to learn something new? Isn't that part of working in IT? I mean I get the reality and all... but in my mind I'd say a little growing pain (which should be minimal if you have the right people with the right mindset) is well worth a 20% permanent improvement to the network. You should always welcome a new challenge and improve your skill set! But I guess that's why I would never be a CTO...

NetworkGroover · October 20, 2015, 12:27:04 PM

Quote from: burnyd on October 18, 2015, 08:09:43 PM
Everyone knows that one guy way up in the company to either gets free hand outs ie tickets to sporting events, dinners etc. Or the one guy who pushes a particular vendor to keep himself employed.

Truth... truth... truth....

Vendor X had a bake-off against Vendor Y at a to-be-unnamed company. Same BGP/OSPF network side-by-side, same convergence tests using IXIA to get exact numbers, and Vendor X smoked Vendor Y in almost every category. Talking to the engineers, the feedback I got was they loved Vendor X, and weren't interested in "beta-testing" Vendor Y technology. A former distinguished engineer from Vendor Y becomes their new senior lead architect - guess what they're beta-testing..... hooray for politics.