We were due to deploy Jabber MFT in our network, but the activation of this feature was interrupted because one constraint that our security division had recommended wasn't able to be satisfied. Among all security recomendations, the unique we haven't found solution was to avoid file transfer using MRA in order to mitigate the risk of strategic information leaking, as generally private devices are used in this scenario. We have observed that ALL new VCS versions (X8.9.x) create automatic rules to allow this feature work over MRA. This is exactly we wouldn't desire it occurs. And we know that is strictly recommended to not keep running an out-of-date VCS/Expressway-e version since it is a vulnerable door in the network. So, there is no action to be done to work out this problem.What we do like is that Cisco allows users to decide whether they want or not exchange files using MRA. Users should decide what suits them best. It really wasn't a good Cisco's strategy to obligate users to use this feature. One simple soution would be to enable ou disable automatic rules in VCS/Expressway-c. That can be done in a short time and it will grant users rights to determine which is the best option for its scenario. This feature was very expected because we know it will become internal information exchange more effective, but the mentioned problem is impeding the progress of its activation. We will apreciatte a prompt solution to it, since all requirements to deploy MFT have already been done. Ricardo ValverdeP.S.: We are a big customer in government sector with a wide variety of Cisco collaboration products in production.
