[148602] in North American Network Operators' Group
Re: Skype in the Enterprise
daemon@ATHENA.MIT.EDU (Simon Lucy)
Thu Jan 19 11:44:06 2012
Date: Thu, 19 Jan 2012 16:43:05 +0000
From: Simon Lucy <simon.lucy@bbc.co.uk>
To: Mike Gatti <ekim.ittag@gmail.com>
In-Reply-To: <26A04B09-927D-49F2-8E46-185C670F178A@gmail.com>
Cc: NANOG mailing list <nanog@nanog.org>
Errors-To: nanog-bounces+nanog.discuss=bloom-picayune.mit.edu@nanog.org
Mike Gatti wrote:
> Hello Everyone,
>
> I wanted to get the groups opinions/thought on how you would or currently handle users wanting or using Skype in the enterprise.
> Recently what has brought this to light was the fact that our firewalls started to deny/shun users randomly from access to the internet.
> After a couple of dozen packet captures and cross checking software installed on the clients machines we narrowed down the culprit to be Skype, which later we validated in Lab.
> What we saw was in random intervals all skype clients would send a burst of requests to the internet which would trigger the intrusion detection threshold of our security appliances.
> Given that there were no changes to those thresholds I am left to ask what caused this behavior to start, a software update or an update to the skype network (if it can be called that)?
> I am trying to educate myself a little more before facing the lynch mobs when I start advising on a solution.
You can start with the network admin's guide if gives the basic
characteristics of normal Skype network behaviour and how it punches
through NAT, STUN etc.
http://download.skype.com/share/business/guides/skype-it-administrators-guide.pdf
S
>
> Thanks for taking the time,
> --
> Michael Gatti
> main. 949.371.5474
> (UTC -8)
>
>
>
>
