On the same day that Cisco's selection to provide software
for the U.S. military in space was announced, the networking company tried to plug security
leaks back on Earth in its wireless networking technology.
Intelsat General announced Thursday that Cisco will provide the software for an on-board router in a space project it is conducting for the U.S. Department of Defense. The Internet routing in space (IRIS) project "allows direct IP routing over satellite," said Intelsat General Vice President Don Brown in a statement, "eliminating the need for routing via a ground-based teleport, thereby dramatically increasing the efficiency and flexibility of the satellite communications link."
"IRIS is to the future of satellite-based communications what ARPANET was to the creation of the Internet in the 1960s," he added. ARPANET was the military's predecessor to the current Internet.
The project may lead to a completely space-based Internet. Internet traffic between satellites or space vehicles is currently routed through a remote terminal on Earth. IRIS will allow space-to-space Internet traffic to avoid traveling back to Earth, unless it needs to be finally delivered here. It's possible the project could lead to a faster global IP network, since traffic could travel in space and only come back for delivery.
Intelsat said that, while IRIS is initially being developed for the military, it is expected that the technology will eventually be available for commercial use.
In the meantime, back on the aforementioned Earth, it seems that Cisco had some fences to mend this week.
On Thursday, Cisco released two advisories and related sets of patches to counter multiple vulnerabilities in its Wireless Control System (WCS) networking software and Wireless LAN Controller (WLC).
The WCS vulnerabilities, according to the company's advisory, could lead to information disclosure, privilege escalation and unauthorized access. The patches apply to versions prior to 18.104.22.168, and are available through links in the advisory.
In another advisory,
Cisco sent an alert about vulnerabilities in the WLC, Catalyst series switches and the 1000-series and 1500-series models of the Aironet access points. These vulnerabilities could result in unauthorized administrative access, information disclosure and access control list changes, as well as opportunities for denial-of-service attacks. The company said that, with the available software patches, workarounds will "mitigate the effects of these vulnerabilities."
It assigned VSSS base scores ranging from 3.3 to 10 for the seven vulnerabilities of the WLC. The four vulnerabilities for the WCS were assigned CVSS base scores ranging from 2.3 to 10.
Symantec, a leading computer security vendor, issued a related Deepsight Threat Management System bulletin on Thursday. It assigned severity ratings of 10 out 10 to both sets of vulnerabilities.