User Community Feedback

Submitted ideas will be evaluated by our product teams for upcoming releases and will be responded to so you know where things stand. For product support, please use the community forums or contact TAC.

NOTE: All Cisco employees & Channel Partners must enter Ideas through this Ideas Portal.

User should decide whether to allow or to deny MFT over MRA

We were due to deploy Jabber MFT in our network, but the activation of this feature was interrupted because one constraint that our security division had recommended wasn't able to be satisfied. Among all security recomendations, the unique we haven't found solution was to avoid file transfer using MRA in order to mitigate the risk of strategic information leaking, as generally private devices are used in this scenario. We have observed that ALL new VCS versions (X8.9.x) create automatic rules to allow this feature work over MRA. This is exactly we wouldn't desire it occurs. And we know that is strictly recommended to not keep running an out-of-date VCS/Expressway-e version since it is a vulnerable door in the network. So, there is no action to be done to work out this problem.What we do like is that Cisco allows users to decide whether they want or not exchange files using MRA. Users should decide what suits them best. It really wasn't a good Cisco's strategy to obligate users to use this feature. One simple soution would be to enable ou disable automatic rules in VCS/Expressway-c. That can be done in a short time and it will grant users rights to determine which is the best option for its scenario. This feature was very expected because we know it will become internal information exchange more effective, but the mentioned problem is impeding the progress of its activation. We will apreciatte a prompt solution to it, since all requirements to deploy MFT have already been done. Ricardo ValverdeP.S.: We are a big customer in government sector with a wide variety of Cisco collaboration products in production.

  • Guest
  • Nov 7 2020
  • Will not implement