How Not To Support Your Customers…

How Not To Support Your Customers

9th February 2016

You learn a lot about companies when things don’t go according to plan. By and large, Cisco’s responsiveness to issues is pretty good – and probably the best in the industry as a whole. However, when they get it wrong, it does leave you wondering…

In the office we use Cisco 8851 handsets. Not cheap, but they have a neat feature whereby you can pair your Bluetooth enabled Smartphone with them and reroute the audio through them like you do with a car kit. Not rocket science, but a nice feature that saves us all from overheating our brains, and having cricks on our necks when we’ve been using them all day.

We recently upgraded the Cisco firmware on our handsets to a slightly later version – to get support for a new feature that had been released. The new feature worked, as did most of the other functions on the handset – but unfortunately the new firmware demolished the Bluetooth audio function. We could hear the caller ok, but all they could hear was the something akin to the sound of a helicopter taking off. We reverted to the old firmware, and the Bluetooth started working again.

Obviously this isn’t a configuration issue, and is something in the new firmware that had been released. So a Cisco TAC case quickly followed – we don’t really need to use the new firmware, however we thought Cisco might want to know they had broken something other people might be using. The response from the TAC engineer was less than helpful (names removed)


“I will check for any known issue , however keep on mind it might be related to some compatibility issue between phone and Bluetooth .

Cisco tries to test as much as possible , to be compatibility with 3 rd party vendors, however at some points there might be issues”.


And then in a second update:


“On all new firmware version , there is changes , to fix known issue , to improve things/process on the phone .

That’s why the behavior might change from one to another”.


And then finally:


“Cisco tries to be compatible with 3 rd party accessories, at some point there might be issues on certain scenarios .
You can contact your account manager about your concern .
I will close the ticket , however I would like to thank you for contacting Cisco Tac”


And that was the limit of the support we got. Not exactly helpful, and in this instance “improve things/process on the phone” basically meant totally breaking a feature that used to work and is clearly down to something in the new firmware. And they are obviously not interested in fixing it and improving their products for their customers.

Cisco support isn’t cheap – however in general for things like their UC products we always keep it up to date. We therefore expect decent support when we need to use it. Masssively disappointing.


Barry Hesk
Intrinsic Network Solutions

Shellshock BASH vulnerability – our take

2nd October 2014

The hot news of the last few days has been the discovery of a major vulnerability in the BASH command shell. The BASH shell is hugely prevalent and is used on a massive number and quantity of operating systems and devices. Pretty much all flavours of Linux, Android, Mac OSX and numerous other systems all use BASH.

So, how serious is this discovered vulnerability? In one word, massively. In two words, worrying massively. The issue that has been uncovered basically allows an attacker to run remote commands on the affected device and potentially get it to do anything they like. For example – restart, format a hard disk, copy some files to an external server. All very, very, very bad news.
In this manner, it is actually worse than the well documented Heartbleed issues of a few months ago. Whilst Heartbleed was also extremely serious the issues it caused allowed data on the impacted device to be accessed, not for commands to be run. Shellshock in this regard, is pretty much as bad as it gets.

The Shellshock issue reaches new levels of seriousness because of the wide variety of platforms that utilise BASH. Web Servers. Infrastructure devices like routers, switches and firewalls. Other platforms that make use of Linux operating systems including telephony servers. Everybody will have at lease one device that is potentially vulnerable. Many large customers will have hundreds or thousands.

So what do we do about it? The simple answer is patch the impacted systems with fixed software. However, this is only half the story. In many instances equipment vendors provide customized versions of operating systems and customers will have to wait for them to provide patches. It is however 100 percent certain that a lot of equipment out there is end of support and vendors will not provide updated software.

It is however worth at this stage pointing out a few additional things. The vast majority of infrastructure devices require authentication before scripts or commands can be run through either their embedded web servers or direct SSH access. This means that to successfully exploit this vulnerability the attacker must have valid credentials on the devices. In many situations devices will only have a single userid / password for administration – so the attacker must have these account details. If they have these, then they have full control of the device regardless of this issue so Shellshock is not massively relevant.

Further, most devices are (or should be) behind a firewall. This means that direct access from the Internet to them is not possible. Again, this to some level mitigates the seriousness of the situation for some people.

Where Shellshock is a massive issue is for public facing web sites. Any web site running on a Linux platform with a vulnerable version of BASH needs to be patched immediately. Exploits of the Shellshock issue are already being observed on the public Internet. Whilst in many cases these are just scans to see if systems are vulnerable, and not being active malicious, it is only a matter of time before this changes. Any other systems (e.g. web cameras, mail servers) that are directly accessible from the Internet should be analysed to see if they are vulnerable, and if so patched.

Shellshock is extremely serious, and it will impact all of us. We all need to look at the systems we are running to see if they are vulnerable and mitigate this issue if they are. The only real solution is by fixing the faulty software however as we have discussed, there are some other mitigation considerations that should be looked at. However, ignoring it is not an option.

Barry Hesk

Is the BYOD revolution over?

Is the BYOD Revolution Over?

26th June 2014

Two to three years ago, Bring Your Own Device (BYOD) was THE hot topic. IT Managers were giving it to their users clamors to use their own devices at work. In many occasions this was the result of Execs wanting to use their iPads and iPhones at work.

All of a sudden a BYOD policy was required to allow all users to use their own devices. FDs thought it would decrease costs – as the company would no longer have to fork out on mobile devices for the employees.

Overlay technology rapidly sprung up to attempt to provide the degrees of control that legacy products such as, cough, Blackberry had delivered. None of these came cheap. Not all of them worked very well. Problems of data security, and data loss prevention started to rear their ugly heads – users were storing sensitive company data on their personal devices.

Slowly, but surely, conversations with our clients have uncovered that the tide seems to be turning. No longer is an assumption that a business NEEDS a BYOD policy automatic. The cost saving myth has been torpedoed. By the time overlay management products and solutions are implemented, the numbers just don’t really look attractive. The security issues are a head ache. Users started losing devices with company data on them – and remotely wiping a user’s iPhone is not something that a business can automatically mandate.

As with all things in IT, sooner or later, the wheel turns full circle. Blackberry won’t be back any time soon (if ever), ┬ábut users having to use company issued devices looks like it is coming back round again.

 

The latest scary stuff about the NSA

This link from DarkReading makes scary and sobering reading.

The fact that vendors are concerned that the NSA have developed malware that targets common products should be an eye opener to us all. The fact that the NSA seem to be able to intercept products on the way from the factor to the customer is almost unbelievable.

If anybody else was doing this, it would be illegal. Where’e the oversight that our US cousins are so keen on?

Barry Hesk
Intrinsic Network Solutions

 

Cisco cuts 4,000 jobs, Sourcefire not impacted

Cisco are apparently “rebalancing” their workforce by some 4,000 (5%) of their global headcount.

Despite relatively strong earnings figures, Cisco are pushing ahead with plans to eliminate a significant quantity of posts across the entire business portfolio. Exactly where the axe is to fall is currently not clear.

A recent Network World article suggests that the recent acquisition of SourceFire will not be impacted by this cull.

Barry Hesk
Intrinsic Network Solutions