A great deal of pirated software has found its way into enterprises through previously trustworthy channels, and now counterfeit hardware permeates enterprise networks to a greater degree than most are prepared to admit.  Enterprises are spending billions of dollars on pirated equipment, and billions more in lost productivity as the inferior equipment fails. Network managers must be diligent to ensure that network hardware components are genuine.

A Growing Problem

Imagine upgrading 50 Cisco WAN Interface Cards (WICs), and watching in terror as network connections to branches drop like flies. The Network World article, "Fake network gear," details the horrifying experience of one network manager who faced just such a scenario. What makes this case even more frightening is that the equipment was purchased from a registered Cisco reseller.

Fake network gear began appearing en masse only a few short years ago. The problem has now become so pervasive that a recent white paper from Alliance for Gray Market and Counterfeit Abatement (AGMA) and KPMG, "Managing the Risks of Counterfeiting in the Information Technology Industry," estimates that counterfeit IT products account for a staggering 10% of the market, or in excess of $100 billion in sales. Counterfeiters have become so good at creating knock-off equipment that it can be virtually impossible to tell the pirated gear from the real thing. That is, of course, until it starts failing in droves and wreaking havoc on the enterprise network.

Where Is It Coming From?

The majority of counterfeit network hardware today is manufactured in China. According to the US Patent and Trademark Office (USPTO), US Customs and Border Protection reported that 66% of the value of seizures of all counterfeit goods in 2003 originated in mainland China, up strikingly from 16% in 1999.

Legitimate technology development companies in China have become desperate to stem the flow of counterfeit goods out of the country, and have been begging the Chinese government to step in and get tough on pirating. While the country has passed laws aimed at curbing the counterfeiting scourge, coordinated enforcement is lacking. It is akin to a high-stakes game of the carnival game, Whac-A-Mole – as soon as you take one counterfeiter out, another one pops up to take its place.

While it is true that the majority of pirated network equipment originates from China, it is not the only culprit. The problem is growing in countries like India, Malaysia, Indonesia, former Eastern Bloc countries, and even in the US. No matter where the counterfeit product originates, the old adage, "let the buyer beware" is more applicable today than it has ever been.

As one might imagine, hardware pirates tend to counterfeit high-end, premium network equipment. A comparative analogy would be wrist watches: you don't see fake Timex's, but Rolex knock-offs are everywhere. So it follows that Cisco is one of the major targets of counterfeiting. Prime candidates for pirating include WICs and Gigabit Interface Converters (GBICs), but fake switches and routers are also finding their way into the secondary market.

Recommendations

Counterfeit network equipment is getting increasingly difficult to identify as pirates continue to hone their reverse engineering skills. When purchasing network equipment, follow these rules:

1. Avoid the secondary market. The lure of purchasing inexpensive network equipment from the secondary market is almost too much to resist. Sellers on online auction sites, such as eBay, entice potential buyers with hardware that is a fraction of list prices. To provide some context, an eBay search for "Cisco WIC" nets over 500 items. A couple of examples include:
   • A seller from China offering a "new in box" Cisco Ethernet WIC (WIC-1ENET) for $18. This price represents a 94% discount off the $300 list price.
   • A seller from Hong Kong identifies himself as being from the United Kingdom, and offers the same item as above, also brand new, for $16.
2. If it looks too good to be true, it probably is. Common sense dictates that the above examples are almost certainly counterfeit. Even Cisco's best resellers receive less than 50% discounting. If an item is discounted more than 40% from list pricing, proceed with extreme caution.
3. Examine equipment closely. Ensure that serial numbers and item numbers match manufacturer naming conventions, look for distinguishing characteristics, such as anti-counterfeit holograms, and compare chipset layouts to known genuine devices. These are not foolproof methods of identifying pirated gear, but rather another step in the due-diligence process.
4. Contact the manufacturer. Register all new network hardware with the manufacturer to ensure that it is genuine. Even if the gear was purchased from a reputable, reliable reseller, it is essential to cross-check with the product vendor.
5. If uncertainty exists, do not deploy the hardware. If there is a grain of doubt about the authenticity of the equipment, do not put it in the network. Deploy only when it is verified with 100% certainty that the product is genuine.
6. Report counterfeit equipment to the manufacturer, but be prepared to take a loss. If counterfeit hardware is purchased on the secondary market, the buyer has no recourse. The equipment becomes an expensive paperweight as vendors will not provide a replacement. However, it is important to notify the manufacturer so it can work with its reseller to identify and remove pirated hardware from the channel.

Bottom Line

Counterfeit network equipment is a problem that is not likely to disappear anytime soon. The onus of verifying the authenticity of network hardware lies with the network manager. Purchase and deploy only authentic, genuine network equipment to help ensure the viability and stability of the enterprise network.