SaaS aka why I should pay per month for billing

The topic of paying per user for a billing or management platforms comes up every so often.  I was able to sit down and talk with several vendors at WISPAPALOOZA this year about the value of their customers paying a per-user fee.

The most prevalent thought is about innovation and new features.  SaaS allows the billing vendor to invest development and testing time in rolling out new features to support new equipment, and other software.  LTE platforms are the hot thing in billing integration. New additions to software take people power and hours of testing and tweaking. Without monthly recurring revenue to drive such things billing vendors would have to develop this and then charge to the early adopters as an add-on.  This can be a double-edged sword. The early adopters have to pay a premium in order to get a partial solution because the vendor has to really prioritize how their development resources are used. The Vendor is always chasing the next big thing, which means other additions or fixes tend to get pushed back. They have to finish add-ons they think more folks will want to buy first.

The next thing is plain old hosting. Hosting a software application, whether in the cloud or on your own hardware costs money.  Co-location, software patches on the OS, hardware lifecycles, etc.  This cuts down on the end-user maintenance side of the hardware but pushes it back to the vendor. The peace of mind of knowing the thing that collects your money is running is backed up, and is available as part of the monthly fee you pay.

SaaS also allows for quicker releases of bugs and new features.  Vendors have more resources dedicated to development and changes. This allows for new add-ons to become available quicker.  Take the traditional model where you get bug fixes, but major feature add-ons are either a full point upgrade or major version upgrade. This usually costs money and is a slower process.  Not only does the vendor have to spend resources advertising, but they have to deal with support and other issues. With billing vendors who charge a monthly fee fixes from companies such as Paypal or Authorize.net are almost always rolled out very quickly at no additional charge to the end user ISP.

Some companies such as Basecamp, which is not a billing platform, have taken a hybrid approach to SaaS. Every major revision that comes out is an upgrade. You can choose to upgrade or stay where you are and pay the same amount.  This can leave customers behind but still allows them to use what they are paying for.  They just don’t get new features or bug fixes.

So the next time you are figuring out why you should pay for a billing platform on a monthly, customer, or subscription basis take all of this into account.

For those looking for xISP billing, and mainly WISP billing, here is a partial list:

www.azotel.com
www.visp.net
www.powercode.com
www.sonar.software
www.splynx.com
www.ispbilling.com (Platypus)
www.freeside.biz
www.quickbooks.com

If you have more please add them in the comments.

Did you know Amazon business account…

Did you know if you have an Amazon business account you can get preferred pricing with some vendors who sell Cambium on Amazon? This is not the same pricing you see when you visit amazon.com.  This is pricing that is extended to you from vendors who sell on Amazon.

The way this works is by passing along your business ID, which is public information, to a seller.  this seller then qualifies you for direct pricing, and if accepted you receive an e-mail saying you have been approved for direct pricing.  When you log in and view the Cambium items the updated pricing is reflected.

MTIN is not the seller of these items, but if you are interested we can pass your Business ID along to some vendors who do.

Vulnerability in WPA2

https://arstechnica.com/information-technology/2017/10/severe-flaw-in-wpa2-protocol-leaves-wi-fi-traffic-open-to-eavesdropping/

An air of unease set into the security circles on Sunday as they prepared for the disclosure of high-severity vulnerabilities in the Wi-Fi Protected Access II protocol that make it possible for attackers to eavesdrop Wi-Fi traffic passing between computers and access points.

The proof-of-concept exploit is called KRACK, short for Key Reinstallation Attacks. The research has been a closely guarded secret for weeks ahead of a coordinated disclosure that’s scheduled for 8am Monday, East Coast time. An advisory the US CERT recently distributed to about 100 organizations described the research this way:

US-CERT has become aware of several key management vulnerabilities in the 4-way handshake of the Wi-Fi Protected Access II (WPA2) security protocol. The impact of exploiting these vulnerabilities includes decryption, packet replay, TCP connection hijacking, HTTP content injection, and others. Note that as protocol-level issues, most or all correct implementations of the standard will be affected. The CERT/CC and the reporting researcher KU Leuven, will be publicly disclosing these vulnerabilities on 16 October 2017.

 

From Mikrotik:

On October 16. CERT/CC/ICASI released a public announcement about discovered vulnerabilities in WPA2 handshake protocols that affect most WiFi users and all vendors world wide.
RouterOS v6.39.3, v6.40.4, v6.41rc are not affected!
It is important to note that the vulnerability is discovered in the protocol itself, so even a correct implementation is affected.
These organizations did contact us earlier, so we have already released fixed versions that address the outlined issues. Not all of the discovered vulnerabilities directly impact RouterOS users, or even apply to RouterOS, but we did follow all recommendations and improved the key exchange process according to the guidelines we received from the organizations who discovered the issue.
We released fixed versions last week, so if you upgrade your devices routinely, no further action is required.
CWE-323
CVE-2017-13077
CVE-2017-13078
CVE-2017-13079
CVE-2017-13080
CVE-2017-13081
CVE-2017-13082
CVE-2017-13083
CVE-2017-13084
CVE-2017-13085
CVE-2017-13086
CVE-2017-13087

 

Tower Climber Harnesses

Recently there has been a thread on WISP-Talk about the best tower harness. Rather than going down the road of the best brand I figured I would take a different approach.  I sat down with Lee and Nick from TowerOne Inc. at WISPAPALOOZA 2017 in Las Vegas.

I asked them what they look for in a good harness and here were their top features.

Both said weight was very important.  This makes sense because you will be spending long amounts of time with the harness attached to you. Another feature was the ability to customize the fit.  Belts with synch type adjustments tend to be more comfortable than belt buckles with holes every 1 inch.

Attachment and gear hooks came in next as a must-have feature. Breathability of the material was another one.  After a hot day on the tower, the ability to whisk away as much sweat as possible is vital to be as comfortable as you can.

TowerOne usually brings several different types of harnesses with them to their training events.  This way folks can try things on.  One that has been discovered is people tend to make how the harness is put on an important decision when buying a harness. Some like to put their harness on like a vest.  Others like stepping into the harness and then pulling it up.

So no matter what harness you go with, look into what feature are important to you and how it feels.

A story about a rotten company

Recently I received an e-mail from a company I haven’t done business with since 2003. They had kept my e-mail all this time and decided now was the time to send me a spam e-mail.  Let me give you a little backstory on Advanced Internet Technologies Inc.

Back in 2001 I went out on my own as an ISP.  Previously, I had worked for a dial-up ISP and they had been acquired by a larger company.  I saw the writing on the wall and decided now was the time to go out on my own.  With some borrowed money I made my first purchase, a white box 1U server. Keep in mind this is 2001.  This server with a pair of 80 gig hard drives and dual 1GHZ Xeon Pentiums cost me $1800. I had talked to a sales guy from AIT, and liked everything about the company. So I had my little server directly shipped to them and the loaded on Redhat Linux 4.  I was able to cobble my way through setting up sendmail, apache, and some other services and my ISP was up and running in a few weeks.  Things were clicking along for a few years.  We were doing dial-up and had a wholesale agreement with DialUpUSA for nationwide dial-up and ISDN.

Now, here is where it gets good.  One night in 2003 I notice my server load going crazy.  Server load was in the 30’s. Anyone who knows Linux knows this is something bad going on. So as I trying to track down what is going on I lose all connection to my server. No pings, nothing.  So, I call the AIT noc and see if they can look into my server.  I am told they would look at it.   Several hours go by and I am calling and calling trying to get an update.  I had suspected I had been compromised in one way or another and my server was doing bad things. 10PM turns into 10AM.  I call my sales guy at AIT basically pleading for him to find out what is going on.  He answers my phone call once, but subsequent phone calls go unanswered and no one returns my calls.  Still no answers.  I am calling every 15 minutes trying to get someone, anyone to give me answers.  This goes on for a few days.  By this time my business is suffering, because e-mail is down, including my own. After 4 days of no answers, I am in full-blown panic mode.  Luckily I was using the DIALUPUSA radius and e-mail and the web-site were the things down. In the meantime, I find FDC Servers in Chicago which had space and cheap bandwidth.  I rented a dedicated server from them and was able to get things back up and going after a week of downtime.

Fast forward about a month I receive my server in a poorly packed box with a note saying my server had been compromised and had taken down their entire network because it was sending out junk.  At this time on their web-site they were advertising a capacity of 45 megs to the Internet.  That was big time for 2003. And included in this note was an invoice for $2700 for work they had to do in order to deal with my server causing an outage on their network. The next day my attorney was sending them a very strongly worded letter with phone records on my attempts to contact them and how we would be pursuing legal action for violation of their SLA, which did include turn around time for trouble resolution. Many letters and calls later we never heard from AIT again. We were sending certified letters on a weekly basis.  My father would have been proud the amount of legal paperwork we sent to try and generate a response.

Anyway, So now 14 years later I get a SPAM e-mail from Byron Briggs, Chief Operating Officer of Advanced Internet Technologies Inc. on their dedicated server special. They kept my information after all these years, even after one of our letters told them to purge all of my information from their databases.

 

Dear Byron Briggs,
Your company is one of the lousiest companies I have ever done business with. Your total lack of response almost ruined my company. I was a loyal, and on-time paying customer every month of me being an AIT customer.  I still have the original server in my house as a reminder of how awful a company can be.  I feel sorry for the server for even having to be in a data center ran by such uncaring and callous people.  The poor Linux box suffered enough in its life.  I see on your Linked in you have only been at AIT since 2008. It would be easy to say that was in the past. However, Charles Briggs was there during my time as a customer. I am assuming you are one of his four children he speaks of.  I remember talking to Charles on the phone on several occasions when the company was small.  I referred business and we talked about the future of things. The lack of response after all of that was just the nail in the coffin.

Justin Wilson

If you are considering any type of co-location with ait.com I would recommend sticking your server in a refrigerator or cardboard box with a box fan hooked to the local Starbucks wifi before trusting this company with your business.

Oh, and don’t take my word for it
https://www.bbb.org/myrtle-beach/pages/business-reviews/internet-services/advanced-internet-technologies-in-fayetteville-nc-11001845/reviews-and-complaints?noskin&clean

http://www.vistainter.com/reviews/A/ait.com/

 

Save bandwidth on Apple updates

Like many networks, you have users using Apple devices. iPhones, Ipads, computers, and other Apple devices are constantly updating apps, downloading updates, and other content.  MTIN can install an OSX Caching server on your network. This low powered server caches software updates, allowing faster downloads, especially for new iPhone IOS updates.

Contact MTIN today and learn about our turnkey solutions for making your Apple users happier.