My two cents worth... The biggest problem with T.120 and H.323 is that you open up a given system completely. A friend of mine wrote a paper on this, and I wish it were still online so I could refer you to it. Basically he summed it up by saying that there was no inherent way to secure the applications themselves. You could "trust" people not to put their machines at risk (by not using Collaborate or other similar functions) or you could trust people not to go against company policies. HA! To my knowledge, there is still no firewall which proxies for these applications both because of complexity and because of lack of standardization. I guess you have to ask yourself, "Is it bad that a remote user (or someone who is pretending to be that user) can save, edit, delete files on my user's machine?" or "Is it bad that a remote user can take over applications on one of my internal systems?" I think you'll have your answers....DP > -----Original Message----- > From: Bard, Heather [SMTP:[EMAIL PROTECTED]] > Sent: Tuesday, March 16, 1999 1:01 PM > To: 'Tammy Torbert'; [EMAIL PROTECTED] > Subject: RE: T.120 Conferencing through a firewall > > > >I will be implementing a firewall solution in a few weeks. I was > wondering > what > >type of security issues allowing T.120 conferencing presents. My > conferencing > >system needs port 1503 dynamically opened. Does anyone have any > information > >about the risks I may be opening up by having this port opened? > > I am interested in this as well. We are doing H.323 and T.120 > implementation testing in our lab (for a very transient system - routers > shutting down and whole subnets moving), and as of yet have not found any > firewalls that support T.120 dynamically, thus we are having to statically > open, through acls with a wide range of IPs, port 1503. So please cc: me > on > any information. > > Thanks > Heather Bard > > > - > [To unsubscribe, send mail to [EMAIL PROTECTED] with > "unsubscribe firewalls" in the body of the message.] - [To unsubscribe, send mail to [EMAIL PROTECTED] with "unsubscribe firewalls" in the body of the message.]
RE: T.120 Conferencing through a firewall
Pavlichek, Doris (GEIS, GE Capital Consulting) Tue, 16 Mar 1999 15:30:53 -0500
- T.120 Conferencing through ... Tammy Torbert
- RE: T.120 Conferencing... Bard, Heather
- RE: T.120 Conferencing... Pavlichek, Doris (GEIS, GE Capital Consulting)
- RE: T.120 Conferen... Jason Axley
- RE: T.120 Conf... Larry Cannell
- Re: T.120 ... Chris Shenton
- RE: T.120 Conf... Larry Cannell
- RE: T.120 Conf... Larry Cannell
- Re: T.120 ... Chris Shenton
- Re: T.120 Conf... Chris Shenton
- RE: T.120 Conferencing... Pavlichek, Doris (GEIS, GE Capital Consulting)
- RE: T.120 Conferencing... Bard, Heather
- RE: T.120 Conferen... Jason Axley
