WatchGuard: Apple Sneaks Out Java Updates for OS X

Severity: Medium

25 September, 2008

Summary:

§  This vulnerability affects: OS X 10.4.x (Tiger) and 10.5.x (Leopard)

§  How an attacker exploits it: By enticing your users to a malicious web site

§  Impact: In the worst case, an attacker executes code on your user’s computer, potentially gaining control of it

§  What to do: Install Java for OS X 10.4 Release 7 or Java for OS X 10.5 Update 2 as soon as possible

Exposure:

Amidst all the noise created by Cisco and Mozilla yesterday, Apple quietly issued two alerts [ 1 / 2 ] updating the Java components that ship with OS X 10.4 and 10.5. The alerts describe several vulnerabilities in OS X’s Java components. They describe some of the vulnerabilities in detail, while leaving others unexplained. Despite their technical differences, the worst of these Java vulnerabilities all share the same potential impact: Specifically, an attacker can exploit many of these Java flaws to either execute code or elevate privileges on your users’ OS X computers. In order to exploit these vulnerabilities, the attacker would simply have to lure one of your OS X users into visiting a malicious web page containing specially crafted Java code.

Solution Path:

Apple has issued Java Release 7 for OS X 10.4 and Java for OS X 10.5 Update 2 to correct these flaws. If you manage OS X computers, we recommend you download, test and deploy these updates as soon as possible.

OS X’s Software Update utility automatically detects updates such as this one for OS X and then informs you, so that you can install the update as soon as possible. We recommend that you set up Software Update to check for new updates daily, and allow it to assist you in keeping your Apple software current.

For All WatchGuard Users:

Some of these attacks rely on one of your users visiting a web page containing malicious Java bytecode. The HTTP-Proxy policy that ships with most Firebox models automatically blocks Java bytecode by default. If you manage a Firebox with its default HTTP-Proxy, your users will not be able to download the malicious code needed to trigger some of these vulnerabilities.

Status:

Apple has released Java Release 7 for OS X 10.4 and Java for OS X 10.5 Update 2, which fixes these issues.

References:

§  Apple’s OS X 10.4 Java alert

§  Apple’s OS X 10.5 Java alert

§  Apple software downloads

§  Apple security updates

WatchGuard: Cisco Biannual Patch Day: Eleven IOS Advisories

Severity: High

24 September, 2008

Summary:

§  These vulnerabilities affect: Many devices running Cisco IOS, as well as Cisco’s Unified Call Manager

§  How an attacker exploits them: Multiple vectors of attack; in the most common, the attacker sends specially crafted network packets

§  Impact: Various results; these include mostly Denial of Service (DoS) vulnerabilities, a data leakage vulnerability, and a flaw that allows an attacker to gain complete control of a Cisco uBR10012 device

§  What to do: Administrators who manage Cisco IOS devices should download, test, and deploy the appropriate Cisco updates as soon as possible

Exposure:

Six months ago, Cisco announced plans to implement a regular, twice-yearly patch cycle that would fall on the fourth Wednesday of March and September. Today marks Cisco’s second such patch day, for which they’ve released 12 security advisories. Eleven of these advisories cover security vulnerabilities that affect devices running Cisco’s Internetwork Operating System (IOS) software. IOS is the operating system that runs on most Cisco routers and switches. The two most serious IOS vulnerabilities only affect Cisco’s 10000, uBR10012 and uBR7200 devices, which is typically used only by carriers and ISPs. The one non-IOS vulnerability affects Cisco’s Unified Communication Manager.

While Cisco’s IOS advisories differ in technical ways, almost all of them cover vulnerabilities that attackers could exploit in Denial of Service (DoS) attacks. That said, the worst flaw does allow an attacker to gain complete control of a Cisco device. However, it only affects Cisco’s uBR10012 device, found most commonly in ISPs. Most small to medium business (SMB) administrators will only have to worry about the IOS updates that don’t affect the ISP grade devices, so we will concentrate mostly on those vulnerabilities. We summarize three of the IOS advisories here:

Cisco Document ID 107441: IOS L2TP DoS vulnerability.

Layer 2 Tunneling Protocol (L2TP) is a tunneling protocol used to support Virtual Private Networks (VPN). IOS doesn’t properly parse specially crafted L2TP packets. By sending a malicious L2TP packet, an attacker could exploit this flaw to cause your IOS device to reboot. By repeatedly exploiting this flaw, the attacker could constantly reboot your device, putting it in a Denial of Service (DoS) condition. If your gateway router runs Cisco IOS, an attacker could potentially exploit this flaw to knock your whole network off the Internet.
Average CVSS Score: 7.8 (10 being the most severe)

Cisco Document ID 107617: Multiple IOS SIP DoS vulnerabilities.

The Session Initiation Protocol (SIP) is a standard used commonly for Voice over IP (VoIP) telephony. IOS suffers from multiple flaws involving the way it handles SIP messages. By sending specially crafted SIP messages to an IOS device, an attacker could exploit these vulnerabilities to cause your IOS device to leak memory or to reload, leading to a DoS condition. If you use a Cisco IOS router to get to the Internet, an attacker could repeatedly exploit these vulnerabilities to knock your network offline.
Average CVSS Score: 7.8

Cisco Document ID 107646: MPLS Forwarding Infrastructure DoS vulnerability.

IOS devices configured for Multi Protocol Label Switching (MPLS) Forwarding Infrastructure (MFI) suffer from a DoS vulnerability due to a flaw in how IOS handles specially crafted packets. By sending maliciously crafted packets to your IOS device, an attacker could exploit this vulnerability to cause a unspecified DoS condition, that we assume would knock your IOS device offline. According to Cisco, only the MFI is affected by this vulnerability. The older Label Forwarding Information Base (LFIB) implementation, which was replaced by MFI, is not affected. Also, this vulnerability would only affect interfaces on your IOS device that had MPLS enabled.
Average CVSS Score: 7.8

Many of the remaining nine advisories fix flaws just as severe as the ones described above (some, more severe). For greater detail on all of Cisco’s September vulnerabilities, check out the individual advisories in the References section of this alert; or, refer to Cisco’s bundled security advisory for September 2008.

Solution Path:

Cisco has released patches to fix these vulnerabilities. If you use any Cisco device running IOS software, you should immediately consult the “Software Versions and Fixes” and “Obtaining Fixed Software” section of Cisco’s bundled security advisory for September 2008 to learn which fixes apply to your devices, and how to obtain them. You can also refer to the “Software Versions and Fixes” and “Obtaining Fixed Software” section of each of the individual alerts linked below.

For All WatchGuard Users:

Since these vulnerabilities can affect your router, which is typically in front of your WatchGuard firewall, the solutions above are your primary recourse.

Status:

Cisco has made fixes available.

References:

§  Cisco Bundled September 2008 Security Advisory

§  Cisco Advisory on IOS SSL packet processing vulnerability

§  Cisco Advisory on multiple multicast vulnerabilities in IOS

§  Cisco Advisory on IOS NAT Skinny Call Control Protocol vulnerability

§  Cisco Advisory on IOS Session Initiation Protocol DoS vulnerabilities

§  Cisco Advisory on IOS IPS DoS vulnerability

§  Cisco Advisory on Unified Call Manager Session Initiation Protocol DoS vulnerabilities

§  Cisco Advisory on Cisco uBR10012 SNMP vulnerability

§  Cisco Advisory on IOS MPLS VPN information leak vulnerability

§  Cisco Advisory on IOS MPLS DoS vulnerability

§  Cisco Advisory on Cisco 10000, uBR10012, and uBR7200 IPC vulnerability

§  Cisco Advisory on IOS Software Firewall Application Inspection Control vulnerability

§  Cisco Advisory on IOS L2TP DoS vulnerability

WatchGuard: Firefox Updates Fix Several Critical Vulnerabilities

Severity: Medium

24 September, 2008

Summary:

§  This vulnerability affects: Firefox 2.0.0.16 and 3.01 (and previous versions) for Windows, Linux, and Macintosh

§  How an attacker exploits it: Multiple vectors of attack, including enticing one of your users to visit a malicious web page

§  Impact: Various results; in the worst case, attacker executes code on your user’s computer, gaining complete control of it

§  What to do: Upgrade to Firefox 2.0.0.17 or 3.0.2

Exposure:

Late yesterday, the Mozilla Foundation released Firefox 3.0.2 and Firefox 2.0.0.17, fixing 16 security vulnerabilities (based on CVE-IDs) in the popular web browser. We summarize three of the vulnerabilities below:

§  Memory corruption vulnerabilities (2008-042). Firefox suffers from several crash bugs, which corrupt memory. Most of these memory corruption flaws involve the way Firefox handles images or graphics. Mozilla presumes that, with enough effort, some of these memory corruption flaws could be exploited to run arbitrary code. To exploit these flaws, an attacker would first have to trick one of your users into visiting a maliciously crafted web page. If your user took the bait, the attacker could execute code on that user’s machine, with that user’s privileges. And if the user happened to be a local administrator or had root privileges, the attacker would gain total control of the victim’s computer.
Mozilla Impact rating: Critical

§  Privilege elevation and code execution vulnerabilities (2008-041). Firefox suffers from various vulnerabilities involving the way it handles specially crafted JavaScript. By enticing one of your users to a web page containing malicious JavaScript, an attacker could exploit these flaws to execute arbitrary code with Chrome privileges. Typically, Firefox restricts what JavaScript run from external web sites can do. However, JavaScript running with Chrome privileges has no restrictions, which basically means the attacker could exploit this flaw to gain significant control over your computer.
Mozilla Impact rating: Critical

§  UTF-8 URL buffer overflow vulnerability (2008-037). Firefox suffers from a stack buffer overflow vulnerability having to do with the way it parses specially malformed UTF-8 encoded URLs. By enticing one of your users into clicking a malicious link, an attacker could exploit this vulnerability to execute code on your user’s machine, with your user’s privileges. Depending upon your user’s level of privilege, an attacker could potentially exploit this flaw to gain complete control of that user’s computer. This particular flaw only affects Firefox 2.x.
Mozilla Impact rating: Critical

Solution Path:

Mozilla has updated Firefox 2 and 3, correcting these security vulnerabilities. If you use Firefox in your network, we recommend that you download and deploy version 3.0.2 as soon as possible. Mozilla no longer supports the 1.5.x branch of Firefox; we recommend that 1.5.x users migrate to 3.0.2 now.

§  Windows

§  Linux

§  Mac OS X

If you prefer to stick with Firefox 2, you can get the fixed version here (2.0.0.17).

Note: The latest versions of Firefox 3.0 automatically inform you when a Firefox update is available. We highly recommend you keep this feature enabled so that Firefox receives its updates as soon as Mozilla releases them. To verify that you have Firefox configured to automatically check for updates, click Tools => Options => Advanced tab => Update tab. Make sure that “Firefox” is checked under “Automatically check for updates.” In this menu, you can configure Firefox to always download and install any update; or if you prefer, only to inform the user that an update exists.

For All WatchGuard Users:

Some of these attacks arrive as normal-looking HTTP traffic, which you must allow through your firewall if your network users need to access the World Wide Web. Therefore, the patches above are your best solution.

Status:

The Mozilla Foundation has released Firefox 3.0.2 and 2.0.0.17, fixing these security issues.

References:

§  Firefox 3.0.2 Release Notes

§  Vulnerabilities Fixed in Firefox 3.0.2

§  Firefox 2.0.0.17 Release Notes

§  Vulnerabilities Fixed in Firefox 2.0.0.17

Comcast High-Speed Internet — Update to Acceptable Use Policy

Dear Comcast High-Speed Internet Customer,

We appreciate your business and strive to provide you with the best online experience possible. One of the ways we do this is through our Acceptable Use Policy (AUP). The AUP outlines acceptable use of our service as well as steps we take to protect our customers from things that can negatively impact their experience online. This policy has been in place for many years and we update it periodically to keep it current with our customers’ use of our service.

On October 1, 2008, we will post an updated AUP that will go into effect at that time.

In the updated AUP, we clarify that monthly data (or bandwidth) usage of more than 250 Gigabytes (GB) is the specific threshold that defines excessive use of our service. We have an excessive use policy because a fraction of one percent of our customers use such a disproportionate amount of bandwidth every month that they may degrade the online experience of other customers.

250 GB/month is an extremely large amount of bandwidth and it’s very likely that your monthly data usage doesn’t even come close to that amount. In fact, the threshold is approximately 100 times greater than the typical or median residential customer usage, which is 2 to 3 GB/month. To put it in perspective, to reach 250 GB of data usage in one month a customer would have to do any one of the following:

* Send more than 50 million plain text emails (at 5 KB/email);
* Download 62,500 songs (at 4 MB/song); or
* Download 125 standard definition movies (at 2 GB/movie).

And online gamers should know that even the heaviest multi- or single-player gaming activity would not typically come close to this threshold over the course of a month.

In addition to modifying the excessive use policy, the updated AUP contains other clarifications of terms concerning reporting violations, newsgroups, and network management. To read some helpful FAQs, please visit http://help.comcast.net/content/faq/Frequently-Asked-Questions-about-Excessive-Use.

Thank you again for choosing Comcast as your high-speed Internet provider.

Northwest Erectors, Inc. of Ambler, Pennsylvania is now contracted with Bardissi Enterprises, LLC for all Managed Information Technology Solutions

September, 2008

Northwest Erectors, LLC of Ambler has secured the services of Bardissi Enterprises, LLC for all its Information Technology needs. The company has completely ungraded its network infrastructure to include the upgrade of its IT hardware as well.

With the numerous upgrades that the company has made, they have created an technological environment that will make their inner office operations run smoother and give them new and increased functionality that will provide a competitive edge which will advance their ability to grasp a greater market share in their  field of expertise, stated George Bardissi, President of Bardissi Enterprises, LLC.

We are pleased to be providing our particular technical skills to assist  Northwest Erectors in the development and support of its Information Technology Systems and we look forward to helping them move forward, in the future, to even greater developments and changes in the ever evolving world of Information Technology and its applications for their particular business agenda, stated Andino R. Ward, VP of Marketing and Operations for Bardissi Enterprises, LLC. 

Bardissi Enterprises is a Managed Information Technology Solutions Company providing service to small and medium sized companies and homes in Hatfield, Montgomery County, Bucks County, Philadelphia and the Tri-State area.

Excel Homes of Camphill, Pennsylvania has contracted with Bardissi Enterprises, LLC for the provision of TomTom Work GPS Navigation & Tracking Technology

September, 2008

Excel Homes of Camphill, Pennsylvania, the leaders in modular home design creation, building and installation has secured the services of Bardissi Enterprises, LLC to provide and install the newest TomTom GPS Navigation & Tracking technology for all their service vehicles.

With the addition of the new TomTom Works GPS Navigation Technology, Excel Homes has taken their vehicle fleet to the next generation of fast and efficient, directional accuracy with added functionality which cannot be found in most over the counter GPS systems.

Bardissi Enterprises, LLC along with TomTom Works is proud to have been selected, by Excel Homes, to be the catalyst for their new GPS Technology as well as the company that is providing the service and support for their technology as well.

Bardissi Enterprises, LLC is a Managed Information Technology Solutions Company specializing in all areas of IT service and support for small to medium sized businesses and homes throughout the Hatfield, Montgomery County, Bucks County, Philadelphia and Tri-State areas.

Double-Take® Software Bridges Gap Between Backup, Restore and Failover Technologies with Livewire™

New Offering Slashes Recovery Time by Leveraging Virtualization

Download PDF

SOUTHBOROUGH, MA. – September 15, 2008 – Double-Take® Software (NASDAQ: DBTK), a leading infrastructure software company, today announced the release of Livewire™, which provides continuous full system image backup to a centralized disk based recovery server that can be local or at a remote site. Because it is a full system image, everything on the protected server including data, applications, operating system and configuration information is continuously replicated to the repository server allowing that entire server to be easily restored to its most recent state or to a previous point in time snapshot. Livewire can restore server images to dissimilar physical hardware or can automatically provision a virtual machine and restore a server image into it with a few simple steps.

Double-Take Software designed Livewire specifically to protect servers assigned to lower tiers of the disaster recovery plan. These servers and the data on them are still important to the business, but they are not the first priority to recover in a time of disaster. Traditionally, the lower recovery priority on these servers has relegated them to tape back-up, which requires a lengthy and manual tape restoration process, including the loss of any changes made since the last backup. Servers protected by Livewire are kept up to date on disk and ready to recover to any physical or virtual machine in just hours – or less, depending on the size of the server to recover.

“Livewire from Double-Take Software offers a solution to a key but underserved segment of the Disaster Recovery marketplace as identified by IDC – protecting and recovering those servers which are “next” in importance to the organization. Once the Tier One servers have been recovered, those “next” in line can be recovered within an hour or two, so that most of the IT infrastructure is back to pre-disaster levels of service,” said James Baker, IDC Research Manager for Storage Software. “Livewire works in physical, virtual, or mixed physical and virtual environments letting the user select the most optimal recovery point, time, and location for the organization.”

Double-Take Software is offering Livewire as an affordable, feature-rich recovery product for secondary servers that automatically protect both physical and virtual servers with real-time replication and on-demand recovery by:

• Providing continuous, full-server byte-level replication for both physical and virtual environments.
• Lowering the total cost of operation with many-to-one configurations where many production systems can be protected to a single image server reducing the hardware required.
• Integrating with industry-leading virtualization platforms like VMware® ESX server to automatically provision virtual machines for on-demand recovery.
• Leveraging customers’ prior technology investments and existing infrastructure by not requiring specialized server or storage solutions to provide protection.
• Offering an Enterprise Management Console interface designed to simplify protection and recovery management for hundreds or even thousands of production systems.
• Offering an option for mass-scale physical to virtual (P to V) and physical to physical (P to P) migrations while providing the ability to repurpose the Livewire licenses after migration for ongoing protection.

 

“Much like our flagship product Double-Take®, Livewire provides continuous full system replication to eliminate data loss, but without the added expense of dedicated standby servers required to support immediate failover,” said Bob Roudebush, director of solutions engineering, Double-Take Software. “Additionally, because Livewire is hardware independent, it can restore server images to dissimilar physical hardware as well as automatically provision a virtual machine (VM) and restore a server image into the new VM with just a few simple steps.”

For more information on Livewire, please visit www.doubletake.com.

About Double-Take® Software
Headquartered in Southborough, Massachusetts, Double-Take® Software (Nasdaq: DBTK) is a leading provider of affordable software for recoverability, including continuous data replication, application availability and system state protection. Double-Take Software products and services enable customers to protect and recover business-critical data and applications such as Microsoft Exchange, SQL, and SharePoint in both physical and virtual environments. With its unparalleled partner programs, technical support, and professional services, Double-Take Software is the solution of choice for more than ten thousand customers worldwide, from SMEs to the Fortune 500. Information about Double-Take Software’s products and services can be found at www.doubletake.com.

This release includes forward-looking statements intended to qualify for the safe harbor from liability established by the Private Securities Litigation Reform Act of 1995. These forward-looking statements generally can be identified by phrases that say Double-Take or its management “believes,” “expects,” “anticipates,” “foresees,” “forecasts,” “estimates” or other words or phrases of similar import. Similarly, statements in this release that describe the Company’s business strategy, outlook, objectives, plans, intentions or goals also are forward-looking statements. All forward-looking statements are inherently speculative, and are subject to risks and uncertainties that could cause actual results to differ materially from those anticipated in forward-looking statements. These risks and uncertainties include those set forth from time to time in our filings with the Securities and Exchange Commission. We are under no obligation, and do not undertake any duty, to update these forward looking statements at any time.

© Double-Take Software, Inc. All rights reserved. Double-Take, GeoCluster, Double-Take for Virtual Systems, TimeData, netBoot/i, winBoot/i, Double-Take Cargo, sanFly, NSI, Balance, Double-Take ShadowCaster, Livewire and associated logos are registered trademarks or trademarks of Double-Take Software, Inc. and/or its subsidiaries in the United States and/or other countries. Microsoft, Windows, and the Windows logo are trademarks or registered trademarks of Microsoft Corporation in the United States and/or other countries. VMware is a registered trademark of VMware. All other trademarks are the property of their respective companies.

WatchGuard Live Security: Malicious Images Help Attackers Hack OS X

Severity: High

15 September, 2008

Summary:

§  These vulnerabilities affect: OS X 10.4.x (Tiger) and OS X 10.5.x (Leopard), both client and server versions

§  How an attacker exploits them: Multiple vectors of attack, including enticing one of your users into downloading and viewing malicious images, documents, or email

§  Impact: Various results; in the worst case, attacker executes code on your user’s computer, potentially gaining full control of it

§  What to do: OS X administrators should download, test and install Security Update 2008-006 or the OS X 10.5.5 update

Exposure:

Today, Apple released a security update to fix vulnerabilities in OS X. The update fixes around 35 (number based on CVE-IDs) security issues in many software packages that ship as part of OS X, including BIND, Finder, and Time Machine. Some of these vulnerabilities allow attackers to execute code on your OS X machines, so we rate this update Critical. Apply it as soon as you can. Three of the fixed vulnerabilities include:

§  Apple Type Service buffer overflow vulnerability. The Apple Type Service (ATS) helps OS X machines handle fonts. ATS suffers from a buffer overflow vulnerability having to do with the way it handles PostScript font names. By tricking one of your users into downloading and viewing a malicious document containing a specially crafted font, an attacker can exploit this flaw to execute code on that user’s computer. By default, the attacker would only execute code with that user’s privileges.

§  Multiple ClamAV vulnerabilities. Apple’s OS X update fixes nine unspecified vulnerabilities in ClamAV, the open source antivirus package that ships with OS X Server. According to Apple, the most serious of these vulnerabilities allows an attacker to execute arbitrary code on your OS X server. We assume an attacker would exploit this flaw by sending one of your users a specially crafted email, or more specifically, an email with a maliciously crafted attachment.

§  Multiple ImageIO vulnerabilities. ImageIO is one of the OS X framework components that helps the operating system handle images. ImageIO suffers from three memory corruption vulnerabilities involving the way it handles both TIFF and JPEG images. By enticing one of your users to view a maliciously crafted image, an attacker can exploit any of these flaws to execute code on that user’s computer, with that user’s privileges. Since OS X separates the user account from the root (administrator) account, the attacker would only gain the privileges of that user.

Apple’s alert includes many more flaws, including other code execution flaws in addition to those described above. The remaining vulnerabilities also include Denial of Service (DoS) flaws, information disclosure flaws and crash vulnerabilities, plus others. The update also corrects some performance issues. Components patched by this security update include:

ATS	BIND
ClamAV	Directory Services
Finder	ImageIO
Kernel	libresolv
Login Window	mDNSResponder
OpenSSH	QuickDraw Manager
Ruby	SearchKit
System Configuration	System Preferences
Time Machine	Video Conference
Wiki Server

Please refer to Apple’s OS X alert for more details.

Solution Path:

Apple has released OS X Security Update 2008-006 and OS X 10.5.5 to fix these security issues. OS X administrators should download, test, and deploy the corresponding update as soon as they can.

§  Security Update 2008-006 (PPC)

§  Security Update 2008-006 (Intel)

§  Security Update 2008-006 Server (PPC)

§  Security Update 2008-006 Server (Universal)

§  Security Update OS X 10.5.5

§  Security Update OS X 10.5.5 Combo Update

§  Security Update OS X Server 10.5.5

§  Security Update OS X Server 10.5.5 Combo Update

 

Note: If you have trouble figuring out which of these patches corresponds to your version of OS X and Safari, we recommend that you let OS X’s Software Update utility pick the correct updates for you automatically.

For All Users:

These flaws enable many diverse exploitation methods. Some of the exploits are local, meaning that your perimeter firewall never encounters the attack (unless you use firewalls internally between departments). Installing these updates, therefore, is the most secure course of action.

Status:

Apple has released updates to fix these issues.

References:

Apple’s September OS X Advisory

Bardissi Enterprises, LLC now offers VOIP (Voice Over Internet Protocol) Phone Solutions Hosting For Small To Medium Size Company’s.

September, 2008

Bardissi Enterprises has now added VOIP Phone Hosting Solutions to its already extensive portfolio of services.  

With the addition of VOIP Phone Hosting, Bardissi Enterprises will now be able to offer small and medium size businesses the ability to have A hosted phone solution that will give their business that corporate feel without the large, upfront expense of a phone system at their location.

Small and Medium size companies will not only have the ability to make incoming & outgoing calls but they will have many of the features, like Auto Attendants, Extensions for all employees, the ability to record phone conversations, automatic call routing to cell phones and voicemail sent to email and more, which are functions that larger businesses and corporations rely on to get the job done today and it’s all internet based so It’s as simple as plugging your phone into a broadband internet connection anywhere whether it’s your office, home, overseas – log in and you will be LIVE, states Andino R. Ward, VP of Marketing and Operations for Bardissi Enterprises.

The response to this new addition in our portfolio of services has been tremendous and the many small to medium size businesses that have switched over to VOIP Hosting are reporting it to be a tremendous asset to their business agenda, states George Bardissi, President of Bardissi Enterprises.

Nationwide Insurance, Willie Manley Agency of Philadelphia Contracts with Bardissi Enterprises, LLC for the provision of AltiGen VOIP Phone Solutions.

September, 2008

The Nationwide Insurance, Willie Manley Agency of Philadelphia has contracted with Bardissi Enterprises, LLC for the provision of a new VOIP Phone system. The agency has seen an increase in business and felt it needed a better phone system that would provide greater functionality that would allow their existing client base to have a quicker response time when calling in for services and afford perspective new clients the ability to reach their agents where ever they may be at the time, which will help them sign new business faster.

“By having this new phone technology, and the expert technical guidance of Bardissi Enterprises, my agency has seen a continued increase in business because my agents are accessible at all times and able to resolve client concerns faster, with greater accuracy as well as signing new business quicker as well”, stated Willie Manley, owner of the agency. 

“We have successfully taken the agency to the next level of business in that it now has a definite competitive edge over other agencies of its kind, because of the increased connective capabilities that VOIP Phone Solutions offer  and the agency has and will continue to see a drastic increase in business and a reduction in its phone service costs because the technology is all internet and network based”. “So it is a win – win situation for the Willie Manley Agency and we are pleased that the agency has contracted with us to provide all their Information Technology needs”, stated George Bardissi, President of Bardissi Enterprises, LLC.