Cisco, Avaya respond to our Tester's Challenge on VoIP security tools

06/21/04

In their formal responses printed here, Avaya and Cisco agreed with Mier's assertions in general, but were quick to defend measures they've already taken in these directions. What neither company offered, though, were detailed plans for improving the overall state of VoIP security.

VoIP security tools are lacking

05/31/04

Ours is a two-part challenge to VoIP vendors. Make VoIP security education and VoIP security technical assistance more readily available. And second, we'd like to see better tools and user interfaces, in the long run, that let users more globally set security parameters.

Tester's Challenge update

03/29/04

Network World's most recent Tester's Challenge published two weeks ago called on the major operating system vendors to streamline the process of supplying security update information to customers.

Fix the patch update system

03/15/04

As the major operating system vendors, we throw our Tester's Challenge gauntlet at the feet of Apple, Microsoft, Novell and Red Hat. We challenge you to create an effective, simplified means by which we can get our hands on pertinent patch information pertaining to your products.

Tester's Challenge: Dumb defaults update

12/15/03

Our inaugural Tester's Challenge called on vendors, particularly Cisco, to address why their products still support unsecure access and management protocols - such as earlier versions of Secure Shell, SNMP and HTTP - out of the box.

Dumb defaults

11/17/03

Our first challenge to all vendors mentioned in this column - and Cisco in particular as the 800-pound network gorilla - is to address the dumb security defaults they ship with their products. There are more than a few instances of these dumb defaults, but for the purpose of our discussion, we'll point to some of the more egregious examples.