In brief: Cisco drops suit against Huawei

Plus: IBM snaps up Cyanea; Watchfire to buy Sanctum; NIST wants to delist DES; French ISPs to look out for copyright violations; Microsoft issues IE patch.

Cisco last week dropped its copyright lawsuit against Huawei Technologies after confirming the network vendor stopped sales of disputed products and changed the look of its software and user manuals.

Cisco alleged that Huawei used a replica of Cisco’s command-line interface and pieces of Cisco IOS source code in its products and that it distributed material from Cisco product manuals. The suit was suspended last October when Huawei agreed to stop selling disputed routers and switches, and changed its manuals and software. The suit was dropped after an independent investigation confirmed Huawei had stopped using Cisco intellectual property.

Shortly after the suit was filed, 3Com announced plans to enter a joint partnership with Huawei to resell the company’s routers and switches in the U.S. enterprise market. 3Com has since released two devices based on Huawei technology: a Layer 3 Gigabit Ethernet switch and an enterprise WAN access box.

IBM last week announced it has acquired application monitoring software maker Cyanea Systems for an undisclosed sum. Cyanea will operate as part of IBM’s application management division, and IBM will use Cyanea/One software to round out this new product division, headed up by Cyanea President and CEO James Chong. The technology will be combined with Tivoli Monitoring for Transaction Performance software and the Pathway technology IBM acquired in April with its purchase of Candle. Cyanea will be integrated immediately into the IBM Software Group. IBM says it will announce a product road map emerging from the Cyanea, Candle and Tivoli technology offerings in the next 60 days.

Watchfire last week entered into an agreement to acquire Sanctum, which makes application firewall and scanner products. Terms were not disclosed. Watchfire, which sells the WebXM privacy-monitoring product, said it is acquiring Sanctum to expand its product line into the security arena. Sourcefire also could pursue development of new products that blend the security and privacy capabilities. Watchfire expects to complete the deal within a month.

The National Institute of Standards and Technology is proposing that the Data Encryption Standard, a popular encryption algorithm, lose its certification for use in software products sold to the government. The advent of massively parallel computing has rendered DES inadequate to protect federal government information, NIST says. The institute, part of the U.S. Department of Commerce, is proposing that the government withdraw Federal Information Processing Standard certification for DES, a move that could have ripple effects throughout the technology sector.

NIST is proposing that federal agencies use DES only as a component of the Triple Data Encryption Algorithm, also known as Triple-DES. However, NIST encouraged agencies to implement the stronger and faster Advanced Encryption Standard algorithm instead.

As part of an overall move to stamp out online piracy, French ISPs will collaborate with the music industry to send automatic warnings to any of their subscribers seen illegally sharing copyright-protected files online. The move is one of several contained in a charter for the development of online music distribution in France signed last week by three French ministers and a number of ISPs, music artists and representatives of the music industry.

In addition to sending out the warnings, the ISPs agreed to enforce termination clauses in contracts if subscribers are caught illegally downloading copyrighted materials. In return for this help in cracking down on pirates, the music rights-holders have agreed to make their entire catalogs of digitized works available through all online stores, and music distributors have agreed to double the number of titles available for download to 600,000 by year-end.

Microsoft on Friday issued a much-anticipated patch for three vulnerabilities that have recently caused havoc for users of its Internet Explorer. The critical patch, released out of the normal monthly patch cycle, closes the vulnerabilities in IE that led to the Download.Ject attack and other similar attacks that installed Trojan software and redirected users to malicious Web sites.

Microsoft said the vulnerabilities also could let hackers install programs; view, change or delete data; or create new accounts that have full system privileges.