Cisco, Duke University and Apple’s iPhone
In early July, Duke University began seeing portions of its wireless network reset and come back online 10-15 minutes later. After a preliminary investigation from Duke’s IT staff, it was determined that Apple iPhones were likely involved with Cisco wireless access points relating to Address Resolution Protocol (ARP) requests. Duke reached out to Cisco and Apple for assistance to help find the root cause and to determine how to mitigate this issue. The specific issue occurs in certain environments when Cisco equipment incorrectly processes ARP frames sent by the iPhone. Because this issue has the potential to cause a denial-of-service (DoS) response from the network, Cisco has prepared a security advisory for its customers and partners. Because there have been numerous reports in both tech and business media, Cisco felt the need to set the record straight. This was done because the majority of coverage to date has been centered on Apple and Duke.Cisco takes interoperability and security issues very seriously. We follow well-established processes to ensure that we address issues in an open and constructive fashion. At this time, the situation at Duke has been resolved. There have been no recurrences since, and we have not seen widespread issues of this nature across our customers’ networks. We’d like to acknowledge Duke for being a tremendous partner and helping in the resolution of the issue. Cisco is 100 percent committed to continually improving the security and reliability of our customers’ and partners’ networks. Cisco has proactively addressed this situation and published a security advisory with full details. There is a software fix available, and customers should follow the instructions on the security advisory for details on downloading and installing fixed software.Duke’s update on this issue.