[148601] in North American Network Operators' Group
Skype in the Enterprise
daemon@ATHENA.MIT.EDU (Mike Gatti)
Thu Jan 19 11:33:54 2012
From: Mike Gatti <ekim.ittag@gmail.com>
Date: Thu, 19 Jan 2012 08:32:54 -0800
To: NANOG mailing list <nanog@nanog.org>
Errors-To: nanog-bounces+nanog.discuss=bloom-picayune.mit.edu@nanog.org
Hello Everyone,=20
I wanted to get the groups opinions/thought on how you would or =
currently handle users wanting or using Skype in the enterprise.=20
Recently what has brought this to light was the fact that our firewalls =
started to deny/shun users randomly from access to the internet.=20
After a couple of dozen packet captures and cross checking software =
installed on the clients machines we narrowed down the culprit to be =
Skype, which later we validated in Lab.
What we saw was in random intervals all skype clients would send a burst =
of requests to the internet which would trigger the intrusion detection =
threshold of our security appliances.=20
Given that there were no changes to those thresholds I am left to ask =
what caused this behavior to start, a software update or an update to =
the skype network (if it can be called that)?
I am trying to educate myself a little more before facing the lynch mobs =
when I start advising on a solution.=20
Thanks for taking the time,=20
--
Michael Gatti =20
main. 949.371.5474
(UTC -8)
