Over the coming months, Microsoft will be publishing security updates related to Advisory ADV190023 that will significantly affect how LDAP can be used in a Microsoft Active Directory (AD) environment. In the first round of security patches scheduled for March 2020, logging will be enabled by default for insecure LDAP connections. In the second half of 2020 (so no earlier than July), insecure LDAP communications will be blocked. This will affect all external systems that make use of LDAP to synchronize and authenticate users.
Today a collection of five vulnerabilities affecting Cisco phones and switches has been published. These vulnerabilities, identified collectively as CDPwn by Armis, the security firm that discovered them present a significant risk in many enterprise environments. For most enterprise customers, the vulnerabilities affecting phones (CVE-2020-3111) and switches running NX-OS (CVE-2020-3119 and CVE-2020-3120) are the principle areas of concern.
Topics: CDPwn Vulnerabilities
Businesses cannot afford to stand still if they want to maintain their competitive advantage. Today’s success stories can suddenly become tomorrow’s has-beens if they fail to evolve. That’s why the cloud is so compelling – it provides companies with an ideal platform for change, not just at the operational level but also when it comes to strategy and decision-making.
It’s easy to see the upfront costs of traditional moves, adds, changes in Cisco’s Unified Communication applications. Time X Salary, right? That’s how we measure cost. But like the old story of the iceberg, where we only see 10% above water, 90% remains hidden underwater. There are always hidden costs that can surpass what we traditionally see as costs, and it’s these hidden costs that can sink ships.
On December 19th 2019, all Canadian carriers will have to comply with a new CRTC policy for the “universal blocking of calls with blatantly illegitimate caller identification.” The objective of this policy is to protect the public against unwanted, unsolicited, and illegitimate telecommunications. Since many such calls often display an invalid caller ID, the CRTC expects this measure to at least reduce the number of SPAM calls, although it is clear they will not be completely eliminated.
Industry Giants Join Together to Drive Open and Seamless Collaboration
Collaboration: The act of working with someone to produce or create something.
It’s a word we use all the time. But, have you thought about what it really means? “The act of working with someone to produce or create something.” That statement carries a lot of weight.
Begin with the End in Mind – A Successful Digital Transformation
Today’s large enterprises have invested in on-premises PBXs and VoIP calling systems over the years and expanded through growth or acquisitions. For any given enterprise, these systems now connect multiple PBXs at different sites with multiple PSTN interconnects and multinational deployments.
In the past, we've written about the device inventory techniques. I've spoken about device configuration management. Here's a video of my talk on the subject. Eric Lavoie, another member of our senior staff, spoke to me recently about needing to make a small change on 81 voice gateways. He was shocked by my casual estimate of the amount of time required to write the code to collect, validate, and correct the configuration. He went back to his desk, convinced there was an easier way to make the change, and he found one!
Companies Announce Strategic Partnership and Technology Integration
UnifiedFX a recognized leader in Cisco Telephony Endpoint Management software solutions and Stack8, a leading Cisco Unified Communications (UC) and services and solutions provider, announced today a technology partnership that will enable customers to manage their Cisco Collaboration suites from a single platform.
Customers nowadays tend to be less and less patient when calling in to get answers to their questions or problems. This leads to higher abandon rates during peak hours or times where fewer agents are online. Offering alternatives to waiting on hold for the next available agent will not only improve customer satisfaction but also lead to better SLAs and a better customer interaction for the agent. Let's face it, who doesn't dread taking the call that's been waiting in a queue listening to the same music looping for 30 minutes.
One such alternative is to offer an option for a callback. With this option, a caller can enter the number at which they want to be called and leave a short message which would take their place in the queue, allowing them to hang up and go about their business. Once an agent is available, they'll hear the message left by the customer and the system will call back the number left by the customer.
To gain the best benefits, it is also best offered immediately when entering the queue when specific criteria are met, such as the Estimated Wait Time (EWT) above a certain threshold or a mix of queue position and number of agents present.
In UCCX, the base concept for callback (or voicemail in queue as Cisco calls it) is to have the leading call center application takes the callback information (phone number and the customer's recording) and place a new call to a second call center application which does the actual queueing while the customer is away. It is important to pass along between these two scripts, via session data, any customer information that may have already been collected. For example, if the caller had previously entered an account number and the script had fetched any relevant data in the CRM. This will ensure the agent has the full picture once receiving the callback request and avoid having to ask the customer for details they've already provided.
Another point to take into consideration is the position in the queue. From the point of view of the system, the call placed between the applications is a new one so that the callback would be placed at the back of the queue. This may be desired, as it would give priority to callers remaining on the phone. In some cases, however, you may want to preserve the caller's original position. This depends on how the queues are set. If the callback requests are sent to the same queue as the caller was in, a simple formula can be used to process the call in the correct order. Once the callback's position in the queue reaches the delta between the caller's position when they opted for callback and that callback's starting position, the priority can be bumped up so that it gets handled by the next agent.
I want you to take a minute and think about how much of your day is actually consumed by meetings. Think about how many of those are in person vs. on the phone. How many of the participants are remote or traveling? How many actually involve a conferencing solution for content share or video? Did the meeting start on time? As obnoxious an exercise as this might appear, it’s not in vain and done to simply illustrate just how much of our time is consumed in meetings. While some meetings are better than others - simply put meetings are where we get things done, collaborate with our team, interface with our customers; you get the point.
While Cisco has a mature product portfolio of Unified Communications services and solutions that have been at the forefront of technology for years, they are not a company to rest on their laurels. One of the most exciting things about being a technology partner of Cisco is to see how they are always striving to see how they can best serve their growing customer base. Today, I’m going to introduce you to one of these new and exciting solutions the Cisco Webex Cloud Calling platform. Cisco Webex Calling is a fully hosted UC solution that is globally available, cloud-based alternative to your traditional on-premises PBX.
Topics: cisco webex calling
For months now, Cisco CSR users have been eagerly awaiting the release of Collaboration Systems Release 12.5, with all of the changes within the collaboration spectrum of Cisco’s portfolio of products, version 12.5 promised to take collaboration to new levels. In this blog post, we will spotlight some of the enhancements, changes and new features of CSR 12.5.
Company to Demonstrate Latest UC Automation Innovations and UCaaS offering at Cisco Live – Collaboration Village
Montreal, CANADA, June 06, 2019: Stack8, a leader in Cisco Unified Communications (UC) Services, and Solutions, today announced its planned activities for Cisco Live, scheduled for June 09-13, 2019 at the San Diego Convention Center. Stack8 invites attendees to learn more about its UC Automation innovations as well as its UCaaS offering based on Cisco BroadCloud., and how it can help you on your journey to achieve the Promise of Unified Communications. The Stack8 booth is located in the Collaboration Village.
Stack8’s latest Cisco provisioning suite cuts agent provisioning times from hours to seconds
Montreal, CANADA, May 30 2019: Stack8, a leader in Cisco Unified Communications (UC) Services, and Solutions, has released the latest version of its flagship SMACS provisioning software, now with powerful agent provisioning. The new feature allows Cisco engineers to easily configure the agent’s skills, call recording options, as well as associate the device to the application user in just seconds, cutting hours from the on-boarding process
On-boarding and provisioning new agents takes too much time. In most call centers, it’s not uncommon for IT to spend 15-20 minutes setting up a new agent’s parameters (ex. IPCC extension, skilling, associating app users, call recording options).
There’s no one-size fits all approach to serving customers. Some people’s requests are more complex than others, some people are better-informed than others, and some are certainly more patient than others. Speed is of the essence, but it’s equally important to match customers to the best possible agent for their needs.
Last month, Cisco introduced a range of new artificial intelligence (AI) features for Webex under the banner of Cognitive Collaboration. Together, these promise to elevate smart meetings to a whole new level.
Montreal, CANADA, May 14, 2019 - Stack8, a leading Cisco Uniﬁed Communications (UC) and services and solutions provider announced today it had expanded its leadership team with the appointment of Jeffrey Liberman as Vice President Sales. Mr. Liberman will be responsible for the strategic leadership of the sales departments within the business and will contribute to the overall growth strategy; helping the company to achieve further success.
Your companies telecommunications are only as good as your voice quality. Without good voice quality... well there's always email.
Sometimes after you've corrected QoS misconfigurations, validated WAN and LAN behavior and validated your fixes you still have user complaints. In this blog post, we dive deep into techniques that allow you to analyze and measure the behavior of the PSTN, beyond your SIP termination points and into the public phone networks. In this specific example even call recordings showed good voice quality. However, we established that the issues were related to call latency. Normally there is no way to measure latency without the use of specialized tooling, but we developed the following technique.
There are a number of factors that contribute to poor voice quality. In this article, we discuss methods to troubleshoot and isolate voice quality issues outside of the network and on the PSTN using packet captures and call recordings. Packet captures are one of the most powerful troubleshooting tools we have.
Planning an upgrade for your Cisco Unified Communications environment? Preparing technology budgets for next year? In addition to getting your favorite Cisco UC experts involved for upgrading your systems to the latest release, Cisco has a surprise in store for long-time customers of their UC platform. Recently, Cisco has announced a large selection of IP phone models which will be deprecated with CUCM release 14.0. The silver lining: version 14 is not planned before 2020, so there is time to prepare for this impending event!
On March 20th, Cisco released a security update for their line of 7800 and 8800 Series Cisco phones.
The vulnerability is in the web-based management interface of Session Initiation Protocol (SIP) Software. This vulnerability could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition or execute arbitrary code.
A high-quality customer experience has always been important for contact centers, but today it is one of your company’s greatest differentiators.
People interact with contact centers through a growing range of channels – phone, email, chatbots, and social media, to name a few – and expect the same standard of service across all these platforms. They also have less patience than ever. According to research from Hubspot, 90% of people say it’s important that they receive an “immediate” response when reaching out to customer service.
After a wave of adoption for cloud-based UC among small and medium businesses, large enterprises are embracing change themselves and ramping up investment in Unified Communications as a Service (UCaaS). Synergy Research Group found that the number of enterprises using UCaaS rose by 57% in 2018. Meanwhile, Gartner recently predicted that 90% of IT leaders will no longer purchase their UC systems on premise.
The advantages of the cloud are hard to ignore, especially with so much noise being made around the technology these days. It’s not just cloud companies generating all this hype either – early adopters have reported lower costs, easier maintenance, and greater agility, to name just a few benefits.
What is the world’s most valuable resource? If you answered oil, you might be stuck in the 1990s! Many economists now argue that data has surpassed oil as the most precious commodity. Indeed, it is the fuel that propelled Alphabet, Amazon, Facebook, Apple and countless other household names to the top of the business world. It is easy to understand how this came to be. The properties of data are unique: Data is constantly being generated, it can be stored and transported/transferred cheaply, and it becomes more valuable the more it is used.
So when you think “automation” what comes to mind? Your thermostat or sprinkler system, maybe your coffee maker or online bill pay? Perhaps something a little more with an industrial feel like robots in a car factory or bottle processing at a beverage plant? Or is it something really sinister like out of control automated artificial intelligence that eliminates all our jobs? Hey, at least we’d all get universal income right? I guess the point is that whether you really think about it or not automation does play some part of your daily life.
The founders of Stack8, Steven Karachinsky, CEO; Eric Losier, CTO; and David Perlis, COO looked back on where they’ve been, where they are and where the company and the industry are going.
This year has been an excellent year for us at Stack8 in that we have been able to participate in a large number of Cisco Connect events as well as Cisco Live where we were asked to be part of the Collaboration Village. Throughout our travels, speaking with clients and the teams from Cisco, the number one subject on the minds of everyone was the Meeting Experience.
In this article, we look at one of the solutions in the meetings experience toolbox, Cisco Webex Edge, and discuss what is new and exciting with this technology.
If you ask any IT person about their servers, they will in most cases tell you that the server will go down in the middle of the night, on weekends, or during the Super Bowl (you know during the fourth quarter when your team is making its final frantic rush.)
For this article, we will look at some of the tools the Stack8 Managed Services team have developed to help ensure our client's networks run at peak performance.
Recently, Rich Tehrani the CEO of Technology Marketing Corporation (TMCnet) sat down with Steven Karachinsky, the CEO of Stack8 to discuss the changing role of Unified Communications for organizations and the role Stack8 is playing in it.
To read the complete interview, please visit the TMCnet site
When it comes to UC, quite often, integrators leave when a system is technically up and running, not when it is optimally running. Stack8 was founded in 2010 to address this gap by bringing enterprise UC systems closer to what they could be doing from what they are doing.
In a previous article, we discussed the changing regulations and compliance issues affecting organizations that process or transmit credit card information.
While most every company that process online credit card payments have placed a lot of effort and time into becoming compliant with the Payment Card Industry Data Security Standard (PCI DSS). Many do not put as much effort into the challenges that they must meet on an annual basis which is to remain compliant.
Of the many compliance requirement challenges one of the most laborious and time-consuming tasks is the quarterly PCI compliance scan.
So you are thinking of moving over to SIP trunking because the person who rides on the bus next to you keeps on telling you how much money his company is saving. While this attribute of SIP trunking is very appealing, the benefits of moving to SIP can be far more than just economic. In this article, we will look at the five key benefits of SIP Trunking for your business communications strategy.
Maybe I am dating myself, but I remember the days when we would draft all of our meeting ideas on an easel, with a giant pad of white paper. Inevitably one person would be assigned to tear off the paper and store these massive sheets at their desk, only to be forgotten and then thrown out never to be looked at again. Sometimes the good old days were not always the good old days.
A company-wide rollout of any new application including Cisco Jabber can be fraught with challenges that may or may not be readily apparent to the organization. Even small issues can potentially jeopardize the success of an entire project. For this article, we will look at how proper planning and modeling can help eliminate these issues before they become big.
Every day my calendar is filled with meetings. I can take little solace in knowing that I am not unique when it comes to meetings because they take up a substantial chunk of most people’s working lives. In fact, according to a Harris Poll that appeared in The Atlantic, the average employee spends close to 40% of their working days in meetings. And these trends will not change anytime soon; in fact, they will most likely grow.
This original article was written by Michelle Burbick the Associate Editor and blogger for No Jitter. To read the complete article, please visit No Jitter
To get my UC&C fix at last week's Cisco Live customer and partner event, which primarily focused on networking and security, I headed to the "Collaboration Village" on the expo floor. There I caught up with the following four (new to me) companies. Read on for a snapshot of each company and how it differentiates itself...
The proper workspace, or meeting room, is a key requirement to having productive, collaborative work sessions. Users need the right sized space; the right room features and shouldn’t struggle with the logistics of booking these spaces.
We have all been in the situation where we are forced book a smaller room than is needed because there is nothing else available. Then as you make your way to your meeting, you walk past countless meeting rooms where half the seats are empty, any one of which could have easily used your smaller room allowing you to conduct your meeting in a suitably sized space.
As part of its Meeting Solutions portfolio, the Stack8 team has created the Intelligent Booking System using Webex Teams, Proximity, Exchange & Graph. The Intelligent Booking System is designed to ensure optimal utilization of your meeting rooms while facilitating the process of booking them. It’s like having someone proactively overseeing your room bookings to ensure the greatest ROI on your meeting room investments.
Join Stack8 at Cisco Live 2018, Collaboration Village – Pod C:17
Montreal, CANADA, June 06, 2018 - Stack8, a leading provider of managed and professional services and proactive automation solutions for Cisco Unified Communications (UC) applications, today announced its participation at Cisco Live 2018, June 10-14, 2018, at the Orange County Convention Center.
With Cisco Live right around the corner, the Stack8 development team has sprinted to the finish line with the delivery of Stack8 Moves, Adds, and Changes System (SMACS) Version 5 provisioning solution for Cisco UC.
This new release brings together all kinds of automation goodies with Active Directory while keeping the simplicity and user-friendliness SMACS users have come to know and love.
Cisco Spark, the app-centric, cloud-based collaboration, and communications suite is being re-branded as Cisco Webex Teams, while WebEx is to be re-branded as Webex Meetings.
Speaking April 18th at the Cisco Collaboration Summit 2018 show in Phoenix, AZ., Rowan Trollope, Senior Vice President and General Manager of Cisco's Applications announced the name change as part of its new Webex portfolio of products.
Webex will be repositioned as the umbrella name for the company's entire collaboration portfolio consisting of Webex Meetings (formerly WebEx), and Webex Teams (formerly Spark).
Now before we continue, yes it is Webex, not WebEx, the removal of the capitalized “E” is part of the new look and feel.
In this article, we will highlight some of the essential aspects of this re-branding including reasons behind the changes. We will also discuss some of the new features and functionalities of both Webex Meetings and Webex Teams.
If you are a sports fan like me, particularly American football, the number 12 is synonymous with excellence. From Joe Namath, Terry Bradshaw and Jim Kelly to Tom Brady, the number 12 is identified with some of the best players ever to hit the field.
Recently, Cisco released Jabber 12. In this article, we will look at all that is exciting and new in Jabber version 12.0, and see if it lives up to the magic of the number 12.
You have the unenviable task of assembling the bookcase that you bought and have left in the middle of your living room since it was delivered more than a month ago. You quickly realize that the instructions which say that the entire bookcase can be assembled with a single screwdriver is way beyond your mechanical prowess. You go online and start a chat conversation with the customer services department, and when the agent asks which bookcase you are asking about and what your order number is, your mind goes blank, and the only thing you can type is “The #$%$^ one that I cannot assemble.”
Contact Center Solutions like Cisco UCCX are designed to deliver a highly secure, available, virtual, and sophisticated customer interaction management solution for your agents.
However, as with any technology, advancements happen at a rapid pace. This guide of Tips and Insights is designed to assist organizations who are looking at improving adoption and efficiency of their contact center solution.
Update:It has been recently announced that the changes that Apple would make to the iOS notification architecture after iOS 11 will not currently affect Jabber notifications for IM and calls for customers that have not yet upgraded their infrastructure to support Apple Push Notifications (APNs). However, it is still recommended to upgrade.
Push Notifications are required both for Cisco Jabber for iPhone and iPad clients that connect from within the enterprise network as well as for clients that register to an on-premise deployment via Expressway's Mobile and Remote Access (MRA) feature.
Hi, I'm Benoit, one of the new guys on Stack8's Incident Management team. Our team is always looking for new ways to improve our process in an effort to make things better and easier for our customers. Today I will explain how we leveraged the SMACS API to automate deprovisioning requests in Cisco CUCM and Unity.
Although reading long documents and procedures on Cisco.com is always fun (!), we thought we could sum up the configuration of Smart Licensing on a Cisco CSR1000v virtual router in a quick blog post for those of us who simply need to “get things done.”
By now you've almost certainly heard about CVE-2018-0101, an unauthenticated, remote code execution vulnerability affecting Cisco ASAs. If you haven't, you should start planning to apply the update immediately to the ASAs in your environment. This vulnerability affects all ASAs that are configured to handle AnyConnect or clientless VPN connections. Some initial discussion in the security groups suggested that only clientless VPN was affected however this is not the case.
Few people would write up a security vulnerability 19 days after it was announced, but in the case of Spectre and Meltdown (CVE-2017-5753, CVE-2017-5715, CVE-2017-5754) each day that we've waited has brought new developments and additional information for us to consider, consolidate and present to our customers and blog community.
Readers who follow security news are already aware that the Spectre and Meltdown issues are substantial threats that have severe impacts on security. The vulnerabilities allow processes to read memory information that should not be accessible to them. User processes can access information from other processes and the kernel, in a virtualized environment they can also access information on the host and potentially other guests.
Cary Goldwax brings over 20 years of operational leadership experience to help foster Stack8’s growth initiatives
Montreal, CANADA, January 16, 2018 - Stack8, a leading Cisco Unified Communications (UC) and Networking services and solutions provider announced today it has expanded its leadership team with the appointment of Cary Goldwax as Vice President Operations. Mr. Goldwax will be responsible for capitalizing on operational opportunities and building Stack8’s growing technical services teams, at both strategic and operational levels.
Special thank you to Ben Petroff and the Stack8 Managed Services team for their expertise with Cisco Expressway
Earlier this spring, Cisco had announced a denial of service (DoS) vulnerability affecting CUCM 10.x and 11.x, which we discussed in a previous blog post entitled: Important DoS Vulnerability for CUCM 10.x and 11.x "cisco-sa-20170419-ucm"
Cisco has recently announced that Cisco Expressway and TelePresence Video Communication Server (VCS) are also affected by a similar DoS vulnerability. Advisory ID “cisco-sa-20170816-vcs” (CVE-2017-6790) explains that an unauthenticated, remote attacker could send excessive SIP traffic to the device and cause a complete DoS condition on the targeted system.
In this third article, we will expand upon what we learned in part 1 and part 2 regarding Jabber and how to renew your CA-signed certificates. In this final article, we will examen the certification process within Cisco Expressway.
It is important to note that for Jabber Mobile and Remote Access (MRA) feature as well as for Business to Business calls (B2B), it is mandatory to have a CA-signed certificate on the Expressway-Edge node. On the other hand, there is no such requirement for Expressway-Core. However, Stack8 recommends a CA-signed certificate to be used on both Expressway servers.
Another requirement is to cross upload all Root and Intermediate certificates on both nodes in order for the Secure Traversal Zone to be active and communication between two Expressway nodes to work.
Do not forget to verify, every time you renew your certificates, if there is a change on the Root or any of the Intermediate certificates and Upload all new chain certs in the Trusted Certificates section of the server.
Cisco Jabber gives you and your team the freedom to be productive from anywhere, on any device. Jabber enables you to access presence, instant messaging (IM), voice, video, voice messaging, desktop sharing, and conferencing Instantly.
Offboarding a user in Cisco CUCM can be challenging and time consuming for most organizations. This video will demonstrate multiple methods to easily remove services and offboard a user in less than a minute by using SMACS. (Stack8 Moves, Adds and Changes System).
In a recent consulting engagement, our Professional Services team needed to help build a VPN connection between a series of Cisco Routers and a Google Cloud environment. We were surprised to discover that at the time we completed the project, Google did not provide a configuration guide for this common configuration type and wanted to share our experience building the connection. They have since added documentation for IKEv2 based ASR configurations. Our post highlights some important architectural details as well as the configuration requirements (tunnel mode, phase 2 timers) for the tunnels. It also makes use of an inner VRF, unlike Google's example.
Provisioning users and services within Cisco CUCM can be a challenge. This video offers the viewer an introduction to SMACS (Stack8 Moves, Adds and Changes System) and shows you just how easy to perform moves, adds and changes within Cisco UC applications.
Let’s talk monitoring! Monitoring solutions more often than not end up being one of those install and forget type of technologies that generally leave us wanting more.
Unified Communications Monitoring systems can be so much more than break/fix solutions and should be used in everyday troubleshooting as a way to reduce the amount of effort your resources spend on a wide variety of problems.
Early yesterday morning a collection of major vulnerabilities in most implementations of WPA2 was made public. The impact of this set of attacks, known as KRACK (Key Reinstallation Attack) is severe, allowing decryption of wireless traffic and, in some cases, traffic modification. You can find out more details on this attack at the website created by the discoverer and in the research paper Key Reinstallation Attacks: Forcing Nonce Reuse in WPA2. Cisco is beginning to release updated firmware for their affected products. You can use this CERT page to find security updates from all the different impacted vendors.
Cisco has recently publicly released the latest version of their Collaboration Systems Release (CSR), 12.0. Although not the most innovative release of Cisco’s on-premise Unified Communications (UC) solution (with most R&D efforts going into the cloud-based Cisco Spark platform nowadays), there are still notable new features and changes worth mentioning.
Join Stack8 at Cisco Connect Toronto, Booth #38 at the Toronto Congress Centre
Montreal, CANADA, October 11, 2017 - Stack8, a leading provider of managed and professional services and proactive automation solutions for Cisco Unified Communications (UC), today announced SMACS 4.0, UC provisioning tool at Cisco Connect Toronto October 12th at the Toronto Congress Center.
Faster, more powerful and simpler than ever SMACS 4.0 takes the guesswork out of UC provisioning
Montreal, CANADA, October 05, 2017 - Stack8, a leading provider of managed and professional services and proactive automation solutions for Cisco Unified Communications (UC), today announced the release of SMACS 4.0, a complete redesign of its Stack8 Moves, Adds, and Changes System (SMACS) user provisioning tool.
Faster, more powerful and simpler than ever!
The Stack8 development team has been hard at work on the release of SMACS version 4.0 User Provisioning Software. We are always focused on delivering the latest innovations that our customers need to simplify user provisioning while increasing the speed of deployment.
The look and feel have undergone a massive makeover while maintaining the ease of use which makes SMACS such a powerful UC user provisioning tool today. The new 360º View gives you a quick and convenient view of the various services your users currently have.
Many organizations enforce password policies to protect their user's network & domain accounts. One credential that is often overlooked is the Unity Connection voicemail PIN, which can have costly consequences to your phone bill.
There is already publicly available exploit code for metasploit circulating for this vulnerability (be careful if you use this code, we can't vouch for its security and early release exploit code sometimes targets the user).
Depending on the type of organization you work for, your Unified Communications (UC) systems may be required to be PCI compliant. This is generally the case when credit card transactions are processed on the phone, as is the case in some customer service contact centers. The new release of the Payment Card Industry Data Security Standard (PCI DSS), version 3.2, introduces many significant changes that you should be made aware of. Although the changes in PCI DSS version 3.2 are vast, for this article, we will focus on the new aspects of the standard that directly affect UC systems, namely the migration from Secure Sockets Layer (SSL) and early Transport Layer Security (TLS) versions.
Cisco Unified Communications Manager (CUCM) is an IP-based communications system integrating voice, video, data, and mobility products and other applications. It enables more effective, secure communications and can transform the way in which we communicate.
Introduction by Doug Green, Publisher of TelecomReseller
Based upon the TelecomReseller Podcast
The lights are on; the servers are working. This, according to Steven Karachinsky, is where many end users operate today. The experience is sound and satisfactory. It could be better.
In this article, Steven Karachinsky discusses how to take a network from a B to an A plus experience. We discuss how Stack8 is delivering a simplification of processes and readying customers to leverage Unified Communication technologies through Managed Services into new frontiers.
Montreal, CANADA, July 13, 2017 - Stack8, a leading provider of Managed Services and proactive Automation Solutions for Cisco Unified Communications (UC), today announced that Gartner had listed Stack8 as an Independent UC Managed Services (UCMS) Provider in the June 2017 report “Make Better Choices for Unified Communications Managed and Professional Services.”
The full report is available on the Gartner website.
According to Gartner, “Because Managed and Professional UC Services include such a wide range of providers and approaches to delivering and running UC environments, enterprise IT buyers are often challenged with identifying and selecting appropriate providers.”
Today’s blog post is a special one for us at Stack8. We are honored to be presenting a post written by a fellow UC expert Abhijit Bhowmick who graciously reached out and told us that he wanted to create the following article for everyone to read.
The Unified Communications (UC) landscape had been changing quite fast, as the interoperability of multiple standards has become more confusing. This poses serious business and technical decisions for the customer as to which way to move forward. Which vendor to go for, which type of solution to deploy?
With all of the concern this week regarding "WannaCry" ransomware, we decided to deviate from our standard Tips and Insights to explain what is happening and our view on the situation and it's root causes.
“WannaCry” is the security story of the moment, and, hopefully, the year. There's a lot of the year left, but this worm has already caused an impressive amount of damage. Thankfully, due to the quick actions of a malware researcher in the UK registering a kill switch domain, the worm was shut down just as it was getting started. Were it not for those quick actions combined with limited exposure of SMB shares directly to the Internet this attack could have taken off like “code red” or “slammer.”
Diagnosing problems in your Cisco unified communications dial plan can be difficult as there are a large variety of ways in which it can be broken and generally, to identify these, a solid base understanding of the underlying features is required. With that said, let’s look at the base of your UC dial plan and a few problems that could arise at this level.
At its base, Cisco Unified Communications Manager (CUCM) is built upon Partitions and Calling Search Spaces. We need to understand how these interact before we can hope to solve any issues with our dial plan.
An important vulnerability, ID “cisco-sa-20170419-ucm”, "CVE-2017-3808" has been announced this week for Cisco Unified Communications Manager. This vulnerability in the SIP UDP throttling process of CUCM could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition. Such an attack could have a severe impact on an organization’s ability to make or receive calls since CUCM is at the core of any Cisco Unified Communications infrastructure.
One of the pain-points most contact centers experience is abandon rates - callers who simply get tired of waiting for an available agent to service their call, and disconnect. The result is that the customer is dissatisfied with the experience, and the contact center experiences an abandoned call - calls that drop from the queue. The caller's intention was never satisfied, and the caller may, or may never call back.
Traditionally, enterprise dial plans for organizations running Cisco Unified Communications Manager (CUCM) were structured in a simple fashion. Each user would get assigned with an internal extension (aka Directory Number), usually 4 to 6 digits long. Users would also get assigned with an externally reachable phone number (aka DID, or Direct Inward Dial).
If you sync your Cisco Unified Communications Manager (CUCM) to an enterprise directory, such as Microsoft Active Directory, and the phone format is entered in a fancy “human-friendly” way, users with SIP-based phones will have some issues to dial.
Two weeks ago WikiLeaks released Vault 7, a large collection of documents that they claim were taken from the CIA. While the CIA has not confirmed this release, there's little question that the leaked information comes from a nation state level intelligence service and contains extensive details regarding exploits and tradecraft targeting a wide variety of service providers, vendors, and equipment. Wikileaks has thus far attempted to redact detailed exploit information and has announced their intention to work with the impacted parties to address these vulnerabilities.
Jabber gives you and your team the freedom to be productive from anywhere, on any device. Cisco Jabber enables you to access presence, instant messaging (IM), voice, video, voice messaging, desktop sharing, and conferencing Instantly.
But Jabber can also be challenging. That’s why we’ve created this guide to help you get the most out of this tool.
By now you have likely heard about the "Clock Signaling Component" issue affecting a broad range of Cisco products. If you haven't a number of Cisco products are affected by an issue that will cause them to fail during normal operation, once they fail they will stop functioning completely and can not be powered back on. You can learn more about the affected devices on the notice page.
Your business uses Cisco Unified Communications Manager (CUCM) and has integrated Cisco Jabber for your team. How can you get more out of your Jabber tool? This post highlights several interesting features that are not widely used but will enhance your experience using Cisco Jabber.
Compiled by Steven Mulherron & Nathalie Bechbache Stack8 Project Management and Governance Office
For Engineering, Procurement and Construction (EPC) services firms, failure to maintain communication control is not an option.
Complex operations and data requirements, coupled with highly collaborative work processes, often between multiple on-site and off-site locations rely upon robust telecommunications and collaboration tools. These communication challenges are further compounded by the scope of deliverables, schedules, and price sets.
Inability to meet prescribed performance guarantees can put the future of the project at risk. In addition, performance and scheduled liquidated damages increase costs which can potentially eliminate or negatively impact profitability.
Apple is scheduled to introduce in its next major iOS release (after iOS 10 anticipated September 2017), a significant change that removes APIs that are required for handling calls and IM’s when the application is running in the background. What this means is that if Jabber is not opened in the foreground, the user will not be notified of incoming calls and IM messages.
On January 24, 2017, Cisco announced the next steps in their plan to reshape collaboration with their Cisco Spark platform. The event focused on two aspects: first, the unveiling of the new Cisco Spark Board and second, the (re-)launch of Cisco Spark Meetings as well as enhancements to the Cisco Spark application on all platforms.
Do not miss out receive expert tips and insights straight to your inbox!
There is a severe bug in the WebEx extensions for Chrome, Firefox and Internet Explorer (CVE-2017-3823) that enables an attacker to execute arbitrary code on a machine if a user with the plugin installed visits a hostile website. A trusted website may also contain a hostile ad or XSS vulnerability that can be leveraged in this attack. This plugin is installed on approximately 10 - 20 million user machines.
The Cisco Unity Provisioning Interface (CUPI) allows a UC Administrator to programmatically perform moves, adds, and changes to various entries in Cisco Unity (users, contacts, distribution lists, and call handlers) through a simple REST API.
The following article will provide instructions on how to perform a request to the CUPI API using Postman.
In part one, Doug Green publisher of TelecomReseller and Steven Karachinsky CEO of Stack8 discussed the role Stack8 plays in providing UC managed services. In part 2 they discuss alternatives to Cloud and hosted services, as well as what to expect from Stack8 in 2017.
Introduction by Doug Green publisher of TelecomReseller:
Based upon the TelecomReseller Podcast
Steven Karachinsky, Stack8’s CEO, thinks that there are ways to manage your enterprises Cisco resources to gain more productivity and to trim costs. Stack8 offers an extensive line of managed services, professional services and software solutions for Cisco Unified Communications, including Stack8’s portfolio of UC Managed Services.
Stack8’s approach includes proactive support for an enterprise’s entire UC infrastructure and its integrated applications.
Stack8 Technologies views itself as “a new breed of Cisco Solutions Partner.” The company’s founding partners wanted to create a business that would customize services to the needs of each customer. The company’s name reflects the idea of people, the people of Stack8, being the 8th layer of the OSI stack.
Montreal, CANADA, December 01, 2016 - Stack8, a leading provider of services and solutions for Cisco Unified Communications (UC), today announced its participation at Cisco Connect Montreal 2016, taking place December 7, 2016, booth #20 Palais des congrès de Montréal.
At this year's event, Stack8 will showcase its extensive line of managed services, professional services and software solutions for Cisco Unified Communications, including a sneak peek of its new UC Managed Services for Cisco Unified Communications.
Topics: Trade shows
The largest complaints callers have with regards to call centers is waiting on hold for an excessive period of time or navigating through an endless phone menu with hard-to-follow/lengthy prompts. In fact, social media is filled with sites that consumers can voice their criticisms: On hold with.
This problem is further compounded by organizations who have IVR (Interactive Voice Response) and ACD (Automated Call Distribution) technologies but only use the ACD component in combination with simple rules to route calls to agents. These shortcuts are often because of the costs or challenges associated with deploying.
Inevitably delivering the bare minimum queuing with no self-service results in overloaded agents, angry consumers and excessive queue times.
In today’s business environment, one thing is certain: all companies need to get the most out of their investments. And that includes investments made in technology. What happens when the time and resources required to manage your technology precludes you from progressing and getting value from your investments?
It’s a question that many companies face, and previously, not one that was easily answered.
But to get to the answer, we need to start with the problem. And without a doubt, one of the biggest problems facing businesses I speak with is finding the time to invest in and get the most out of their Unified Communications (UC) solutions. Why? They simply don’t have the staff or the bandwidth to turn on the full functionality of these vast systems. The multiple daily tasks that need to be done in order to keep things up and running prevent their highly trained/certified resources from delivering more value from their technology investments. Sound familiar?
Your company is a Cisco Unified Communications environment and you are having issues with registering phones to your environment. You verify the configuration on the Cisco Unified Communications Manager CUCM and everything seems okay, what are the possible issues preventing registration? How can I diagnose the issue?
Your Cisco phone is not registering to Cisco Unified Communications Manager CUCM.
In this blog post, we will explore 3 possible solutions to troubleshoot in order to identify and resolve the issue.
If you already have Cisco Expressway MRA and SIP URI dialing activated in your Cisco Unified Communications environment, then you should seriously begin to think about activating another very key feature within Cisco Expressway: Business-to-Business dialing.
This feature will bring your collaboration with your partners and customers to whole new level; allowing you to have audio and video calls with them as seamlessly as you do with your coworkers.
A big part of the configuration process for B2B calls is deploying public DNS SRV records that will allow your partners and clients to call you using your corporate domain.
Assuming you have all necessary ports on the firewall already opened. The following will take you through the steps required to effectively configure the B2B SIP URI dialing feature within Expressway.
Our support team received a call from a customer complaining that their next generation firewall (NGFW) was intermittently blocking access to their new voting website. As we were in the process of making firewall changes inside their environment and are responsible for the management of their network they turned to us for help.
The website was a vanity domain hosted at GoDaddy that redirected users to a deep link within another website. We accessed the site and confirmed that it was working properly and sending a 301 redirect as expected, it worked properly both inside their and our environment. We reviewed the firewall logs and found no indications that traffic was blocked by any firewall or IPS. The customer insisted that there was an intermittent problem accessing the website that seemed to affect some users at random.
In case you have not yet heard: Cisco Collaboration Systems Release (CSR) v11.5 applications are now available on Cisco.com: CUCM, CUC and IM&P 11.5 and have been posted.
One Important Note: CUCM 11.5 will no longer support the following 12+ years old phones:
Like most Cisco Unified Communications customers with the need to support some form of contact center within their organizations, you may have most likely deployed Cisco Unified Contact Center Express (UCCX), or perhaps its big brothers Packaged Contact Center Enterprise (PCCE) or Unified Contact Center Enterprise (UCCE). And again, like most Cisco contact center deployments, you have most likely initially focused on the essentials: getting your agents to answer customer calls! Now that this is out of the way, it’s time to take a deeper look under the hood of your Cisco contact center platform and realize its true potential: it can completely transform how you interact with your customers.
Although PCCE and UCCE platforms are great, this article will focus on UCCX. With the capacity to support 400 agents and as many concurrent IVR ports, UCCX fits most small and medium-sized organizations. At its core, it consists of four main modules all within the same box: an Interactive Voice Response (IVR) system, an Automatic Call Distribution (ACD) engine, a set of applications for Computer Telephony Integration (CTI), and a Reporting platform. At first glance, this may all seem relatively standard. However, what sets UCCX apart is its flexibility; at Stack8, we consider UCCX to be closer to a Telephony Application Development platform than a contact center product.
"The Future of Cisco UC: The URI Advantage" was a recent post that explained URI and the advantages of using it in your Unified Communications Environment. A directory URI is the abbreviation of Uniform Resource Identifier and its directory format is similar to an email address (username@host) where the host portion is an IPv4 address or a fully qualified domain name. One of the main advantages that was outlined in the above article was that by adding SIP URI integration in your dial plan or at least a URI directory adds significant flexibility. .
The following post, we take you through the step-by-step to setting up and activating URI dialing within a Cisco UC environment from mapping the Directory URI address to an email address to modifying display preferences.
Ransomware, as its name suggests is a malware that infects a system and locks the user out of their data unless a ransom is paid. The victim of such an attack is left powerless to recover their data as only a unique key can unlock the infected system. The user has a pre-set deadline to pay the ransom or risk permanently losing access to their data. This type of attack has seen a rise in occurrence since its rise to prominence in 2005. The field of Crytomalaware is in constant evolution because of the extremely profitable nature of these activities, the largest threat currently is Cryptowall 3.0 /Cryptolocker which usually spreads through phishing emails. The user clicks on a link, a Trojan is installed on the system which then delivers its payload by encrypting user data and displaying a locked out message.These attacks are now so prevalent that they account for $18 million in yearly revenue in the US alone and some estimates go up to $350 million worldwide according to a research done by The Cyber Threat Alliance (CTA). In the following sections, we will review some mitigation techniques about how to stay ahead of the curve to prevent this unfortunate scenario.
Why are we still talking about something that has been around since Call Manager 7.x? Why is a dial plan built around URI not more common place? Why is it still something most people only think about in reference to video?
At the outset, the purpose of the URI is exactly what the name states, a Universal Resource Identifier. For those unfamiliar with URI or SIP URI, it is basically an alphanumeric ID that is reachable across the web. It seems like a perfect fit with Cisco’s vision of an all-encompassing communication platform, and in large part it is. In concept, the goal is to have a single address at which to contact someone regardless of the medium you choose. In other words, firstname.lastname@example.org becomes my e-mail address, my instant messaging ID, my video call number, and yes even my phone number. Isn’t this what IP telephony and UC were built for?
Do you experience intermittent performance problems, particularly at branch offices? Do some applications “not work” and then self-resolve before you can address them? Limitations in path MTU may be the cause of your problems!
In today's networking environment, you may encounter situations where your traffic passes through a path with an MTU that is lower than the standard 1500 bytes, for example if you are using a PPPoE DSL or an IPSec VPN. If you are aware of a limitation in the MTU along a path you should use the IP MTU command on the interface facing this path to limit the MTU. This should be done as close as possible to the traffic source so that messages are sent back immediately informing the client of the limitations while reducing the chances of them being lost of ignored.
These network settings will result in packet fragmentation. Since TCP is a stream oriented protocol which handles packet re-ordering, as well as, the retransmission of lost packets, it should not suffer packet loss directly tied to fragmentation but will suffer a performance degradation.
However, on the other hand, UDP being a message oriented protocol, it does not have a built-in reordering or retransmitting mechanism, so fragmentation should be avoided. Further, when your traffic flows through devices that you have no control over nor visibility on such as sending traffic over the internet, then this should be avoided at all cost.
Your company is a Cisco Unified Communications environment and you are trying to identify an inbound call flow in order to diagnose an issue with hard facts. You ask yourself: "How can I find the call flow that is being accessed at the time of my issue?" This guide will help you diagnose two use cases:
- Erroneous call flows in Cisco Unity
- Toll Fraud.
Although we are focusing on these two particular cases these solutions can be used to diagnose a variety of issues .
You are unable to figure out what the inbound caller is dialing before and after they access your system (Unity, UCCX).
The Cloud Services Router 1000v (CSR) is one of Cisco's best kept secrets in the routing and security space. The CSR is an incredibly powerful product that's flexible, adaptable and offers almost limitless functionality at a very low price point. In some cases, this router will cost less to license than the ongoing support costs of the traditional router that they could replace. While infrequently positioned in these roles by VARs and account teams the CSR is surprisingly capable. In this blog post, we will review the advantages and limitations of the CSR in our experience using it on the routing and security side of the business although it's also starting to be used for some Unified Communications related roles.
Drive to 9… Drive to Collab… Refresh to Collab… If these terms are familiar to you it is probably because you have been contacted by your Cisco account team or your Cisco reseller to upgrade your Cisco Unified Communications (UC) environment. Cisco has facilitated the upgrade process by creating these promotions to reduce the cost of doing an upgrade. In the past, the cost may have been a prohibitive decision criterion in the upgrade process; although cost is always a consideration, in the case of a Cisco UC upgrade, it may be better as a secondary consideration if only because making the wrong upgrade decision could in fact be even more costly.
So what should be considered? Why should you upgrade? Why should you not upgrade?
There are really five criteria that should be considered when making the decision:
- manufacturer support,
- application bug fixes, and
- features and functionalities.
Your company is an avid Cisco Unified Communications user and you recently successfully integrated a fax server using H323. The fax server is configured and working fine, however, you see an issue when sending a fax to a specific destination. Why are other fax destinations working, but not this one? How can I identify the source of the problem? What can I do to fix the issue?
Often our first impression is to think that the issue resides with the destination. However, through investigation, when this issue came up with many of our customers, we often found that not to be the case; the issue actually resided at the origin and not the destination. We will explore the most probably causes to the problem and outline steps to resolving them.
Unable to fax to an isolated destination number; the other fax answers, but the transmission does not complete.
Many organisations today face a challenge in securing enterprise networks that were designed prior to internal segmentation and security becoming a primary concern. It is very difficult to retrofit security into a network design, especially when you want to avoid changing server configurations, minimize downtime and impact, maintain performance within existing network segments, and progressively phase in security rules. In this blog post, we'll discuss an approach we have developed and used for both new network deployments, as well as, retrofits.
Retrofitting security into a network design while avoiding server configuration changes, downtime and performance issues.
Your company is using Cisco Unified Communications and all is running smoothly until you suddenly receive a call from the receptionist that Emergency Services has just arrived at your front door following up on a 911 call that was made from someone inside the company and you need to find out who dialed the number. Or maybe you just received the monthly invoice from your Telco provider and you need to find out who has been repeatedly calling overseas to a country that you do not do business with. Does one of these situations sound familiar?
So what is the best way to find the answer to these questions? In both cases, the solution is to open Cisco Unified CM CDR Analysis and Reporting tool, export the raw data into an excel table then begin your forensic search for that needle in the haystack. The CDR extract is useful when you need to troubleshoot failed calls, find all long-distance calls or simply list all calls made by a specific individual for an HR related request. However, it is raw data and not formatted in a user friendly way; to make things even more challenging, Cisco Unified Communications Manager 10.5(2) or higher now includes 120 fields for each call, making a simple search request quite complex. So where do we begin?
Our challenge is to forensically identify specific search criteria in a simple and easy way without combing through massive amounts of data.
Once you have completed part 1 (Integrate any 3rd party provisioning application with your CUCM using Cisco AXL) and part 2 (Sending AXL Requests to Cisco CUCM with Postman), part 3 takes it one step further with direct access to the CUCM database with Cisco AXL.
Executing SQL queries against CUCM with Cisco AXL is the third and final part of our 3-part series on taking you through the steps to get the most from your CUCM using the Cisco AXL API. Once you have completed part 1 and part 2, part 3 takes it one step further with direct access to the CUCM database with Cisco AXL. Perhaps two of the most powerful things about the Cisco AXL API are the
executeSQLQueryReq and the
executeSQLUpdateReq functions. These features allow you to create, update and delete directly in the CUCM database.
For a complete view of the database schema, please consult the CUCM Database Dictionary.
To demonstrate this, we will show you the steps to query CUCM to find all the Directory Numbers that are inactive.
Sending AXL requests to Cisco CUCM with Postman is part 2 of 3 in our series taking you through the steps to get the most from your Cisco CUCM using the AXL API. This article assumes your CUCM has the AXL Service Enabled and that you have credentials for an Application User account with Standard AXL Access. Please read our part 1 post on integrating any 3rd party provisioning applications with your CUCM using Cisco AXL, if you require instructions on how to set that up before proceeding with part 2.
The Administrative XML Web Service (AXL) is an XML/SOAP based API that enables remote provisioning of Cisco Unified Communications Manager (CUCM) using any modern (and even not so modern!) programming language. We will be looking at how to quickly test your AXL API calls using Postman. This Google Chrome App is a great tool for developers or anyone who wants an easy way for testing any web APIs (including Cisco's AXL API). Now let's review the steps required to set up and install Postman then to send an AXL request to Cisco CUCM with Postman.
Cisco Unified Communication Manager gives you a set of essential tools that allow you to do most of the things you need to do with your system. However, there are times where these tools may not be the most effective or efficient to provision your CUCM. The following post is the first of a 3 part series that will take you through the steps to get the most from your CUCM using the Cisco AXL API.
This first one is on how to enable Cisco AXL service on your Cisco Unified Communications Manager (CUCM) System allowing you to integrate any 3rd party provisioning application such as SMACS.
The second article takes it a step further and shows you how to send your own AXL request to CUCM with the help of postman.
And the third of this series, for those who want to push even further and shows you how to execute SQL queries against CUCM through AXL.
More and more companies these days have mobile workforces: teams that work on the road or who have the ability to work from home. To help maximize efficiency and to make this mobility seamless to the individuals and the rest of the team Mobile and Remote Access (MRA) via Cisco Expressway is the key. Being able to use Cisco Jabber and IM&P help bring mobile collaboration to another level. However, there are times when this seamless mobility runs into a snag and an error occurs; one of the most common errors while using Jabber in MRA mode via Cisco Expressway is "cannot communicate with the server". Today's tip is about how to effectively troubleshoot this problem.
Cisco Jabber login error when trying to communicate using Mobile and Remote Access via Cisco Expressway: "cannot communicate with the server".
Many are those who have deployed Cisco Unified Communications (UC) within their organizations: IP phones, Unified Messaging, Jabber for instant messaging and presence, softphone capabilities, and much more. There is no shortage of great benefits to implementing UC… However, communication with the outside world is still limited to sub-par audio calls through the Public Switched Telephone Network (PSTN) and the use of UC applications such as Jabber are still mostly constrained within the company’s walls (or firewall) unless you run one of those cumbersome VPNs. Enter Cisco’s Collaboration Edge Architecture with, at its core, a single solution that does it all: Cisco Expressway.
On Tuesday, February 16th, Google's security team announced a significant vulnerability in glibc . The vulnerability relates to the handling of DNS packets, and many Cisco systems are vulnerable to it if an attacker can cause an affected device to perform a DNS lookup against an attacker-controlled DNS server. As many services (ssh, some web servers, mail servers) do perform these requests in an externally controllable fashion, the risk and exposure of this vulnerability are extremely significant.
Cisco released their advisory for this issue on the 18th. Because of the extensive use of Linux in newer switching and routing products, UC servers, and security and management appliances, the potential scope of the issue is vast. Cisco is presently still in the process of qualifying products to determine if and how they are affected.
Managing Cisco Unified Communications from a user-focused perspective is like building a house then managing the people in it. How you ask?
First, let us start by putting aside the technical complexity of Cisco Unified Communications (UC) environments, there is little doubt that managing these environments once they are in place, presents a significant challenge. What years of involvement in Cisco managed services has taught me is, if you thought getting Cisco applications implemented was the hard part, then you have got another thing coming. Think of it as building a house; step one, putting up the structure. With the right expertise, this is a usually a one time job and one that is handed off to properly skilled individuals to complete. Next is the ongoing maintenance and needs management of the people who live in the house; this is a completely different challenge altogether. Cisco UC is exactly the same; you can always engage a skilled Cisco services partner to deploy Unified Communications Manager, Unity Connection, Jabber, UCCX, UCCE and the underlying network infrastructure. Once the components of the UC environment are in place, that is when the real job starts. What happens with employee turnover? What happens with dial plan changes? Services Changes? Upgrades? Hardware changes? Provider integrations? On a positive note, it is never a bad time to begin thinking about your management approach. Lets go through some of the things you need to think about and answer in planning your user focused Unified Communications management approach.
CISCO CVE-2016-1287 VULNERABILITY PROBLEM
Yesterday Cisco released an out of band patch for an ASA vulnerability (CVE-2016-1287) that permits remote code execution for any ASA device enabled for IKE / IPSec.
You can validate if your configuration is affected using the following command:
show run crypto map | include interface
The Cisco advisory indicates that there is no way to mitigate this threat. There are a large number of vulnerable ASA firmware versions that have not and will not receive fixes. Customers should be aware of the difficulty in migrating from 8.2 to newer versions because of the complete restructuring of NAT rules.
Do you keep dropping calls in your Cisco Unified Communications System and can't figure out why? You are not alone. This is a problem I often troubleshoot for many of our clients. The first and most challenging step to resolving this issue is obtaining a log of the issue when it arrives to help you troubleshoot.
Some people may opt to use a syslog server in Cisco IOS, however, messages are carried over UDP so you can lose some of them or the rate limiting feature may not send all the information you need.
In my case, many of our clients do not have a syslog infrastructure and as we are managing multiple clients, I could not keep my computer connected to one specific client all day waiting for this intermittent failed call to reoccur.
I needed a simple and efficient way to identify the issue and capture all the log information to allow me to effectively troubleshoot the cause and fix the problem.
Obtaining a log of an intermittent failed call to the PSTN.
With the surge of emerging technologies, many companies are prone to getting the latest hardware and software they can get their hands on to improve their overall productivity and reduce costs.
However, one thing that is often neglected in this fast paced environment and that should be considered one of the most crucial aspect of a network's infrastructure is its security. Being aware of technology vulnerabilities is the first step in avoiding the infiltration of any unwelcome and malicious intruders that could lead to a devastating aftermath.
This leads us to this very important topic: how to mitigate the risk of attacks on Cisco IOS SIP gateways.
In this post, we will review the following:
- How intruders would go about doing reconnaissance on a network in planning an attack,
- How to check if your device is prone to fingerprinting, and
- How to implement corrective measures to tighten-up these weak spots, making your Cisco network more secure.
Your company is a Cisco Unified Communications environment and you have integrated Jabber for your internal Instant Messaging and Presence needs (IM&P). Someone at your company is trying to get in touch with you, but your Jabber status show as " Offline" even though you are logged in. How can I identify the source of the problem? What can I do to fix this issue?
This issue is usually a scattered occurrence and one that not everyone is able to observe, making troubleshooting a challenge.
Jabber status shows as "Offline" to others, even though you are logged in.