Business Phone Systems: VOIP PBX, Hosted PBX, Virtual PBX.

Cisco Systems issued a warning on Wednesday that some of its IP phones could be compromised, allowing unauthorised individuals to bypass security restrictions.

In the warning, Cisco detailed flaws for two sets of products. One warning identified two versions of the Cisco Unified IP Conference Station, a speaker phone specially designed for conference rooms. The products are the 7935 version 3.2(15) and 7936 version 3.3(12).

Cisco said because of a design error in the HTTP interface, which allows the device to be managed remotely, an administrator’s credentials are saved or cached when the device is accessed remotely. So if an unauthorised person tried to access the device at a later time, it would permit access without further authentication.

If an administrator never accesses the device via the HTTP interface, the device is not vulnerable to the authentication bypass attack. Cisco said it’s possible to reset the device by powering it down and turning it back on again.

Cisco also identified flaws in several versions of its Unified IP phones, including the 7906G, 7911G, 7941G, 7961G, 7970G and 7971G. These IP phones contain a default user account and password that is used for debugging purposes. Cisco said that because of an implementation error, the default user account cannot be disabled, removed or have its password changed. This means that it’s possible for an unauthorised person to remotely access a vulnerable IP phone and take complete control of the device, causing it to become unstable and crash.

Cisco suggests on its Web site that network administrators apply access control lists on routers, switches and firewalls that filter traffic to vulnerable conference stations and IP phones so that traffic is only allowed from stations that need to remotely administer the devices. Cisco also said it will make free software available to address the flaws, but did not say when it would be available. Updates will be posted on its Web site.

While attacks on voice over Internet Protocol systems are rare, security flaws could become a growing concern for network administrators, especially as the number of companies using VoIP technology increases.

VoIP allows companies to use their data networks to carry voice traffic as well as company data, such as e-mail. Not only do companies save money by consolidating networks, but the IP network also allows for a slew of new features to be added to the company’s communications. Cisco’s IP telephony business has been growing strong over the past few years as more and more companies upgrade their telephone networks to IP.

Comments(0)

Cisco Systems and Apple said on Wednesday they have settled the trademark-infringement lawsuit over the use of the iPhone name for Apple’s new multimedia phone.

The agreement allows Apple and Cisco to use the iPhone brand on their own products. Also, the companies said that they would explore opportunities for interoperability in the areas of security, consumer and business communications.

The brief announcement made no reference to any financial agreement or specified how the two companies might work together. Representatives for Apple and Cisco declined to comment further, citing confidentiality restrictions.

Cisco sued Apple for trademark infringement in January after Apple unveiled its long-awaited multimedia phone called the iPhone, a name claimed by the network equipment maker. Cisco also charged in its complaint that Apple had attempted to get rights to the iPhone name several times, but after Cisco refused, the company created a front company to try to acquire the rights another way, according to the lawsuit.

Cisco obtained the iPhone trademark in 2000 when it acquired Infogear, a small Californian start-up that developed consumer devices that allowed people to easily access the Internet without a PC. Infogear had actually registered the iPhone trademark in March 1996.

Cisco’s home networking division, Linksys, has been using the iPhone trademark on a new family of voice over IP phones since early last year, Cisco said. In December, Linksys expanded the iPhone family with additional products.

The two companies had been in extended negotiations to settle the lawsuit, and a second extension of the talks was set to expire on Wednesday.

The iPhone, which Steve Jobs unveiled in January at the Macworld Expo, will allow users to listen to music, make phone calls, send text messages and e-mail, surf the Web, and take and upload photos.

Comments(0)

update Telco AT&T has sealed the deal of a lifetime, with American car maker General Motors agreeing to pay almost US$1 billion (AU$1.26 billion) for networking services over the next five years.

It is one of the largest commercial contracts in AT&T’s history, the company said in a statement. GM operations in Australia and New Zealand will benefit from the agreement, an AT&T spokesperson said.

AT&T already runs GM’s global virtual private network solution. The contract, which takes effect on July 2007, is a renewal and expansion of their existing alliance.

Under the new terms, AT&T will provide next-generation telecommunication solutions to the manufacturer. GM will also rely on the telco to manage relationships with key service providers across the globe.

In an effort to standardise operations around the world, a Multiprotocol Label Switching-based (MPLS) network will be in play, giving GM a single, streamlined Internet protocol-based communications platform.

“AT&T’s networking expertise and global reach make it uniquely qualified to meet our needs,” Ralph Szygenda, GM group vice president and chief information officer, said.

Meanwhile, in a recent interview with ZDNet Australia, AT&T’s Australia/New Zealand managing director Jeyan Jeevaratnam claimed IP/MPLS-based networks were more efficient in the long term compared with legacy technologies (such as frame relay or ATM).

He attributed the increased ease of administration or greater “plug and play”, and the ability to run multiple services such as voice and video alongside data as contributing factors.

Jeyan Jeevaratnam

The US had initially held off jumping on the IP telephony technology bangdwagon, he said, but now had a change of heart. And Australia isn’t far behind.

Most networking vendors are currently plugging a full stack of unified communications technology (including voice, video, instant message, and e-mail), but Jeevaratnam said enterprises were leaving the more advanced features for the future.

“I think people are looking for a long-term perspective that they want to have an infrastructure that can handle the messaging, and the unified communications and all that part.

“What they are implementing is I think purely a data network first, with IP capability, and then they’re going to VoIP and testing that out, and they’re really doing a step by step approach,” Jeevaratnam said.

For example, Jeevaratnam said even though many companies had replaced their old analogue handsets with VoIP equivalents, most people weren’t using the additional functionality on offer. Part of the problem was a lack of corporate IT resources.

Comments(0)

in brief Internet service provider TPG will take a 70 percent controlling stake in competitor Chariot Internet.

Chariot has acquired several companies over the years and launched innovative products but it has been struggling. Recent legal action against the company and its directors on the part of regulators and other companies has resulted in fines, in addition to the August loss of Chariot’s managing director Robert Horlin-Smith.

Chariot will use some of the capital raised through today’s deal — initially worth AU$561,000 — to repay some debtors. It told the Australian Stock Exchange: “TPG provides Chariot with the potential for good growth and improved margins”.

Comments(0)

Cisco Systems said on Wednesday it will spend US$135 million in cash and options to buy Reactivity, a small company that makes equipment to help route XML Internet traffic.

Reactivity’s equipment is designed to help companies more easily and quickly deploy XML (Extensible Markup Language), a standard for Web documents. The company, which is based in California, was founded in 1998 and has 56 employees. Cisco said it expects the deal to close in its fiscal third quarter, which ends April 28.

Cisco is the No. 1 provider of infrastructure equipment to companies large and small. The company’s bread and butter has been the sale of Ethernet switches and IP routers, which are used to shuttle Internet traffic throughout corporate networks and across the open Internet.

But in recent years, Cisco has been expanding its product portfolio in several different areas. It bought Scientific-Atlanta last year to beef up sales to large services providers by offering them video and cable infrastructure gear. It purchased Linksys in 2003 to enter the home networking market. And now the company is beefing up its Web services business to sell more “intelligent” equipment to its corporate customer accounts.

The technology and products Cisco gets with the purchase of Reactivity apparently fit well into its existing Application-Oriented Networking (AON) business unit. AON was created almost two years ago to develop products that offer more sophistication to Cisco’s current networking hardware line. The AON products are “application aware,” which means that they can inspect information that’s being transmitted and route messages based on predefined policies.

The Reactivity product is a specialised piece of hardware that combines software to help companies deploy, control and increase the amount of XML traffic they have throughout their network. The Reactivity XML Gateway software helps companies support and provision new XML-based Web services, and the Reactivity XML Manager software provides real-time visibility and analysis for companies using XML services, according to Reactivity’s Web site.

Cisco isn’t the only company buying up XML appliance start-ups. A year and a half ago, IBM, a longtime Cisco partner, bought a small company called DataPower, which also makes appliances to help companies deploy and manage XML Web services. Computer chipmaker Intel is also in this business with a company it bought in 2005 called Servaga.

One of the reasons that specialised XML network appliances have emerged is because of the growing use of XML and XML-based Web services protocols. These standards are designed to allow for better interoperability between systems, but they also bring about performance problems from processing XML documents. Dedicated appliances can help alleviate those issues.

Comments(0)