What Is End-of-Life for Network Hardware?
The vendor stops patching. You stop sleeping.
Last reviewed
End-of-Life (EOL) is the final phase of a network product's lifecycle. The vendor has stopped selling the device, stopped releasing firmware updates, and stopped providing technical support or hardware replacement. If it breaks, you fix it yourself or you replace it. If a vulnerability is discovered, there is no patch coming.
What happens at End-of-Life?
When a network device reaches its last date of support, the vendor shuts down every support channel for that product. No TAC cases, no RMA shipments, no software downloads, no security advisories. The device is operationally orphaned.
This is not a single event — it's the final milestone in a sequence that typically spans 5–8 years. The vendor announces the end-of-sale date, then phases out support in stages: software maintenance ends first, then security/vulnerability patches, then hardware replacement, then all support.
The critical date for most network teams is End of Vulnerability/Security Support — the day the vendor stops issuing security patches. After that date, every new CVE affecting the platform is a permanent, unpatched exposure on your network.
Why does it matter?
EOL hardware is not just old — it is actively dangerous. Threat actors and their automated scanners specifically target devices running unsupported firmware because they know no fix will be released. CISA's Known Exploited Vulnerabilities catalog includes products from every major networking vendor, and many of those products are past their support dates.
Beyond security, EOL devices create compliance exposure. PCI-DSS Requirement 12.3.4, NY DFS §500.13, and CISA BOD 26-02 all reference end-of-support status as a control point. Running unsupported gear doesn't just increase risk — it can make specific regulatory requirements structurally unsatisfiable.
How long does the process take?
Most vendors give 3–5 years of notice between the end-of-sale announcement and the final end-of-support date. Cisco's standard lifecycle is roughly 5 years from end-of-sale to last date of support. Juniper's is typically 5 years. Palo Alto Networks offers 5 years of software support from end-of-sale.
The window varies by vendor and sometimes by product line. Check the vendor support lifecycle guide for a cross-vendor comparison, or see a specific vendor's lifecycle policy page for their published timelines.