> Webex *can* be installed and enabled on "my" network without "my" > approval, because it assumes that any user on my network can give > that approval. About the only tool it leaves me, if local policy > says users don't have that authority, is to make an exception to the > "allow port 80" configuration to block users from connecting to > WebEx's servers.
Generally, yes. However, depending on how locked down your desktop is, this might not be an issue. For example, for some of our sites, we have to ESD a package with WebEx because the desktop is configured to not let them install apps. > WebEx's design is convenient for users. I think the concern here, > though, is that it conveniently lets them bypass some inconvenient > corporate network policies without those responsible for enacting and > monitoring compliance with those policies ever knowing they've been > bypassed. It's convenient for users, but it makes the lives of > responsible admins scarier and more complicated. If the service is completely outlawed by policy, then in the case of detection, I think it would be pretty easy to write a Snort signature or a RealSecure User-Defined signature to detect the usage of WebEx and it should be fairly simple to prevent/block at the firewall or proxy server. On the other hand, detecting authorized usage from unauthorized usage might be difficult to detect. Steve _______________________________________________ Firewalls mailing list [EMAIL PROTECTED] http://lists.gnac.net/mailman/listinfo/firewalls
