Aggressive efforts to keep China-based telecom vendor Huawei out of the U.S. market by the Trump administration have thrust a slow-burning debate in the networking space about the security implications of using Chinese-made technology into the limelight over the last two weeks, yet the real-world implications for business users are less than apocalyptic.
The basics of the administration's case against Huawei are simple. The company’s close ties to the Chinese government, coupled with China’s history of industrial and political espionage against the U.S., means that its products can’t be trusted not to slip important information back to Beijing. The current crisis is only two weeks old, but these concerns about Huawei and other China-based tech vendors date back years.
Yet those close government ties aren’t in and of themselves particularly suspicious, according to Glenn O’Donnell, a vice president and research director with Forrester.
“That’s just the way you do business in China – that doesn’t meant that these companies are arms of Chinese-government intelligence agencies,” he said.
It’s also worth remembering that no cut-and-dried proof that Huawei has engaged in any kind of direct espionage on behalf of China’s government has ever been made public, and experts agree that the issue is much more about reputation than fact. Yet most say they’d be uncomfortable letting important packets touch the company’s hardware.
For businesses operating solely in the U.S., this is largely a non-issue. Huawei’s profile in American service-provider networks is small and shrinking fast. Market share research from the Dell’Oro Group shows that the company’s piece of the North American pie amounts to between 1 percent and 2 percent as of 2018, and Gartner senior principal analyst Bill Menezes said that it’s mostly found in small, rural carriers.
“It’s kind of a non-event in the U.S.,” he said, adding that the company’s handsets hadn’t gained much traction in North America, either.
Multi-national companies, however, should worry at least a little. Huawei’s business strategy has been to offer aggressively low prices, making them more attractive to entities trying to build networks in the developing world, where budgets for such projects can be thin. Farpoint Group principal Craig Mathias said that, even before the current regulatory action, U.S. anti-dumping laws (which bar companies from selling products at less than cost, among other things) hamstrung the company’s ability to build a presence in the carrier marketplace.
Anyone designing a network that relies on public mobile networks in countries where Huawei gear may have been used needs to delve into the supply chain for those networks, to discover who’s making the carrier equipment that underpins them.
“Just because you’re using Cisco in your data center doesn’t mean that you’re insulated from the impact of Chinese technology,” said O'Donnell.
Companies will have different levels of risk tolerance, of course, but those faced with the prospect of relying on carrier networks built on technology they don’t quite trust will have a tough decision to make.
Menezes suggests that alternatives like satellite technology have their own headaches, but can be an option to avoid the use of untrusted networks. Language in service provider contracts can bar problematic equipment from being used anywhere in the stack, but businesses need to have a way to verify that those contracts are being followed.
Given the global nature of the technology industry, U.S. pressure seems likely to hit Huawei’s sales hard, particularly as major partners like ARM, Supermicro and even the likes of Google cut ties with the company. Mathias said that, while the company’s technology base is solid and the equipment is priced to move, the controversy is likely to badly damage Huawei’s reputation.
“Huawei’s definitely an innovator, and they definitely know how to build this kind of complex system, but if people in the U.S. are suspicious, nobody’s going to buy them,” he said.