The $5 Million Trick: How Your Money is Wasted

Author: John Honovich, Published on Feb 25, 2013

Wasting money on unnecessary, gold plated equipment is a common risk, especially among deep pocketed customers. Vendors know this and realize that if they can convince users that certain features are 'mandatory', their sales can increase robustly.

This soon to be classic article titled, "Why a one-room West Virginia library runs a $20,000 Cisco router" is a great case study. You pretty much know where this one is headed and, frankly, it's zero surprise to us.

On the one hand, you have to congratulate them for the skill and resolve to pull this off. On the other, this screws customers, leaving them stuck with far over priced and unnecessary equipment.

The State of West Virginia, the recipient of this equipment, has released a damning and insightful report into the many egregious mistakes made in contracts for Cisco equipment.

The Classic Mandatory / Not Needed Feature

Perhaps the juiciest element was how West Virginia came to select such over priced equipment for one-room rural libraries. Here's the money quote:

"The [Cisco] engineer told the auditor he was simply following the state's instructions, which required him to spec out a proposal using only routers with "internal dual power supplies"—hence the 3945s. As the auditor dug into the story, demanding to know when this exact request was made, the Cisco engineer said it originated with the state Department of Education. But the engineer was "unable to provide the legislative auditor with any e-mails or other documentation" to this effect." [Emphasis Added]

This happens all the time, and it may not even be the vendor's direct cause. Some feature that is a nice to have for such a site, like internal dual power supplies, becomes a mandatory requirement. Even if the vendor did not suggest it, they certainly are not going to object because it often forces selection of a much more expensive product line. Moreover, vendors have every motivation to convince users that additional features should be required.

Cisco and Surveillance

Cisco taking advantage of its customers is not news to the surveillance market. In a classic 2009 public relations gaffe, Cisco's then surveillance spokesman bragged about targeting customers who 'will buy anything with 'Cisco' on the box.'

On the positive side, from what we have seen with the new Cisco video surveillance team, they have a more ernest and positive take on delivering customer value. On the other, their new positioning still makes them very limited to the high end of the market, increasing the risk that Cisco house customers will be pushed overpriced, unnecessary solutions. 

Nonetheless, every user should beware of this risk from any manufacturer or reseller, especially the unnecessary mandatory feature trick that can cause massive, unforeseen, increases in cost.

Comments (17)

Only IPVM PRO Members may comment. Login or Join.

Someone asked about a comparable IP camera example. It would be like specing a 20MP camera or a bullet resistance one. These are features that are sometimes worthwhile but add huge costs and are impossible to justify in such a simple, small application.

I always have this feeling when dealing with ATEX equipment. I mean... €10.000 for a ATEX dome ?

Also, the first large IP project done here on our site was build by Bosch due to our department lacking knowledge. The customer trusted them so much they got talked into buying a core switch (€27k) from Cisco. Even though I had my doubts. Ok, it isn't for a single room but 40 camera's, but still.

Our IT department uses Cisco switches and routers, and our IT department sole-sourced a large quantity of Cisco cameras for a dozen buildings.

The Cisco Video Hardware and Software is terrible, unstable, unreliable, and incompatible with just about anything else. Their software supports very few HD or better cameras. They sell it to you as an appliance on low end hardware at a huge price premium. This also exludes you from using any VM or SAN/NAS.

They spec out a USB port and USB drive at a 100x markup, then deprecate the feature. Cisco also advertised their "Cisco Media API", yet won't give it out.

We are no longer procuring Cisco Video hardware or software.

I've come across this in the past with Pelco with municipal projects - but I'd blame the reseller on this one not the mfg. Its not that they oversold them on a feature but just flat out pushed their margins every year and were never called out on it. The last "incident" i remember was a pelco spectra iii was being charged $9,000 to the municipality. It was just for the camera not any labor. Safe to say they aren't buying any more 9k spectras from that reseller and have been a client of mine for 4+ years.

Paul, did they just essentially say, "Hey a Pelco Spectra costs $9,000, sign here." If so, I've seen that type of tactic as well (from various resellers). However, that's a lot harder to execute today when a buyer can simply google "pelco spectra iii" and get numous prices in an instant. In the old days, when such information was scarcer, buyers might simply think that's an honest, realistic number.

yeah the pricing would get "hidden" in invoices but as you said people are focused on cost saving and budget review so they catch this more often by googling pricing but im sure its still going on

A related tactic that might help them / hurt users is relabeling products such that no one else offers that make/model except for the bigger.

John,

I am afraid that many end users just go with what ever is recommended. When I was designing a new video system for my employer, I looked at every popular camera and VMS, including CISCO. CISCO was recommended by our IT folks. Their solution was costly and difficult to use.

The end user needs to educate themselves. I found a lot of great information on the Internet. One was PELCO's internet for Dummies series. I am not sure it is out there.

I saw this happen with computer customers who talked with Dell sales reps. Seems Dell sales reps are trained to focus on keywords you say like "database" to upsell you higher end servers. So some small doctors office with 5 workstations was told to buy a $10,000 server with SCSI drives and dual Xeon CPU's and other stuff not needed. Turned out the software the office was using only needed to access a shared file on the network. A $1000 desktop, including a cartridge backup system, would have worked, and which did eventually replace the $10,000 server and worked fine.

We just replaced a VSOM system in a K12 entity where Cisco and the Cisco reseller had brain washed the IT staff into using IP cameras that were in most cases 2 generations behind current technology.

The state gov't had originally sanctioned CISCO as the network standard. That enabled them to pitch security at every gov't entity they could and pressure this point of standardization.

The door has swung open for my company now because CISCO hasn't kept up with camera handlers or even offers ONVIF as a potential help. Common sense cost of ownership conversations along with best security practices tore the CISCO walls down very easily.

Recently a new recording system was provided at every school plus a new VMS (10 stations) installed for the headend control for less than the annual SSA charged to the end user by CISCO and their reseller! Wow!

You must look at the photo of an actual location using this $20,000 router:

You could double the size of the library building for that money.

Good point, I should have referenced that in the original post!

Reading the posts above make me sick. This should never happen. Does having freedom mean we can abuse our customers?? Should we abuse the lack of knowledge our customers have or should we help to train them with the return of having the customer trust us?? "Us" This industry collectively.

Could not agree more Luis.

The article does mention debarment. And it is an option I hope is pursued.

West Virgina statute for debarment:

Grounds for debarment are: ....

(E) Any other cause of a serious and compelling nature amounting to knowing and willful misconduct of the vendor that demonstrates a wanton indifference to the interests of the public and that caused, or that had a substantial likelihood of causing, serious harm to the public.

I for one believe Cisco's actions to rise to the level of "wanton indifference", and that the opportunity cost of the huge over expenditure is a "serious harm to the public." Getting a court to come to the same conclusions I have are likely far more difficult.

Since it appears federal dollars were used, I would think debarment could be pursued at the national level. This would have an enormous impact on Cisco.

James, I am pretty sure Cisco falls into the 'too big to fail' bucket. I don't mean this literally, of course, but they are the networking equivalent of Bank of America.

Maybe nothing comes out of this legally but the sheer weight of public opinion and awareness this case brings will help buyers overall.

John,

You are undoubtedly right, and I'm sure Cisco knows it too. Unfortuneately, I doubt the "weight of public opinion" will adequately disincentivize similar behavior from Cisco going forward.

Personally, I just swapped out a Cisco SF 302-08P in a bid I've got going out tomorrow. So I just dinged them for $240. TAKE THAT!

I don't know how much it will disincentivize such behavior. However, it will make many customers think twice, either about using Cisco or, at least, carefully checking quotes. If you are the purchasing manager for networking equipment in Florida, Virginia, etc. I have to imagine you are taking notice of this.

Related Reports on Classic

Vulnerability Directory For Access Control Cards on Aug 14, 2017
Knowing which access credentials are insecure can be unclear, especially because most look and feel the same. Even the most insecure 125 kHz types...
Hack Your Access Control With This $30 HID 125kHz Card Copier on May 01, 2017
You might have heard the stories or seen the YouTube videos of random people hacking electronic access control systems. The tools that claim to do...
Dahua Backdoor Uncovered on Mar 06, 2017
A major cyber security vulnerability across many Dahua products has been discovered by an independent researcher, reported on IPVM, verified by...
20 Manufacturer Favorability Ranked on Feb 28, 2017
20 security industry organizations' favorability was ranked based on direct feedback from over 100 integrators. In-depth comments revealed insights...
'Dirty': Hikvision Attacks Genetec on Feb 20, 2017
Hikvision is angry at the growing public awareness that Hikvision is owned by the Chinese government. They took aim at Genetec,...
Hikvision Removed From US Embassy on Nov 22, 2016
Hikvision cameras have been removed from the US Embassy Afghanistan and a procurement for more Hikvision cameras has been cancelled, after IPVM's...
Genetec Expels Hikvision on Nov 08, 2016
Genetec has removed support for Hikvision devices, deeming them 'untrustworthy', citing customer concerns about Chinese government ownership /...
Axis Releases Access Credentials - Insecure But Convenient on Nov 02, 2016
Axis continues to build out their own end-to-end 'solution'. The company recently announced a series of credential cards, but instead of a...
Hikvision CEO Admits Hikvision China State-Owned Company on Oct 06, 2016
Hikvision's CEO admitted that Hikvision is a China state-owned company, during a 2015 visit to Hikvision from Xi Jinping, the General Secretary of...
How To Become an 'Expert' In An Hour on Sep 02, 2016
If you want to be perceived as an expert in your market, speak at every event possible... the math is simple: when someone stands in front of an...

Most Recent Industry Reports

Panasonic Unified Surveillance Strategy Analyzed on Nov 17, 2017
Panasonic is now a "Unified Surveillance" offering, as their ASIS 2017 booth proclaimed: Looking to make a comeback in the security industry,...
Amazon Cloud Cam Is Poor (Tested) on Nov 17, 2017
Retail behemoth Amazon has entered the surveillance market with the Amazon Cloud Cam, the eyes of its just-announced Amazon Key delivery...
Nest Secure Alarm System Tested on Nov 16, 2017
Google's expansion continues, this time into home security with their Nest subsidiary's move into alarm systems. They paid more than a...
Dahua Forbes 'Next Web Crisis' Vulnerability Dispute on Nov 16, 2017
The buffer overflow vulnerability in Dahua products is not in dispute, in fact we covered it when it was first published. What is in dispute is...
Isonas Cofounders Split, Launch Partner/Competitor on Nov 16, 2017
Breaking up is hard to do, especially when door access security is at stake. But that is exactly what has happened at Isonas. Senior employees...
Hikvision China Criticizes The WSJ on Nov 15, 2017
Hikvision, through the Chinese government's authoritative news service, has criticized the WSJ investigation into Hikvision. In this...
Axis Commits To Long-Term Firmware Support on Nov 15, 2017
With the rise of cyber security awareness, and a general increase in hardware reliability, "software warranties" may prove more valuable than...
Hikvision NVR 4.0 Improvements Tested on Nov 14, 2017
Hikvision has released firmware version 4.0 for select NVRs, touting two years of research and development, and claiming "the new generation GUI...
Vivotek Remote Stack Overflow Vulnerability on Nov 14, 2017
A stack overflow vulnerability in Vivotek cameras has been discovered by bashis, the security researcher who has also found vulnerabilities in...

The world's leading video surveillance information source, IPVM provides the best reporting, testing and training for 10,000+ members globally. Dedicated to independent and objective information, we uniquely refuse any and all advertisements, sponsorship and consulting from manufacturers.

About | FAQ | Contact