Mike Gatti wrote:
Hello Everyone,
I wanted to get the groups opinions/thought on how you would or currently
handle users wanting or using Skype in the enterprise.
Recently what has brought this to light was the fact that our firewalls started
to deny/shun users randomly from access to the internet.
After a couple of dozen packet captures and cross checking software installed
on the clients machines we narrowed down the culprit to be Skype, which later
we validated in Lab.
What we saw was in random intervals all skype clients would send a burst of
requests to the internet which would trigger the intrusion detection threshold
of our security appliances.
Given that there were no changes to those thresholds I am left to ask what
caused this behavior to start, a software update or an update to the skype
network (if it can be called that)?
I am trying to educate myself a little more before facing the lynch mobs when I
start advising on a solution.
You can start with the network admin's guide if gives the basic
characteristics of normal Skype network behaviour and how it punches
through NAT, STUN etc.
http://download.skype.com/share/business/guides/skype-it-administrators-guide.pdf
S
Thanks for taking the time,
--
Michael Gatti
main. 949.371.5474
(UTC -8)
