The blades functionality uses outgoing ssh connections, not
incoming FTP connections. Also, those connections are from
a-na28-5.tin.it and ANantes-101-1-1-70.abo.wanadoo.fr, neither
of which are related to Mitel.
That said, it's not uncommon for "script kiddies" to scan
entire blocks of addresses looking for vulnerable systems;
it's normal to see *some* spurious connection attempts to
well-known services like FTP and HTTP.
Hope this helps,
-Rich