Pro's & Con's of Skype Over Network

[Superd04]

Hi,
I am contemplating allowing Skype on my network (of a few hunderd users). I am wondering can anyone advise me on the pro's & con's of having skype run on your network, i.e. security risks with ports, Proxy issues etc
Thank you in advance.

 

[burtsbees]

I imagine it has its risks, like being able to fake a call, leaving ports open, its ability to circumvent firewalls, etc. I would not use it myself, but others may be able to inform you of how to resolve security risks, like IDS/IPS, acl's, CBAC, etc.

Burt

 

[lhuegele]

The only problem we have with Skype is what they call a "supernode". As long as you can find a way to keep your Skype users from becoming super nodes, you should be ok to use Skype on your network. It operates over port 80 so you shouldn't have to open any new ports on your firewall.

There are other risks of course - like users using Skype to send files outside the company, and there are more, but the risks aren't any larger than some of the other applications you may already allow on your network.

Good luck.

 

[SandyBain]

Skype port hops, so the port 80 theory is wrong. The only way of ensuring that you do not become a 'Supernode' (which I believe is mentioned in the T&C's) is to employ a solution from the likes of Bluecoat, who as far as I am aware are the only company currently manafacturing a device that secures Skype to any satisfactory level.

 

[lhuegele]

Yes, skype port hops. I didn't mean to imply that it works on port 80 only. I meant to imply that it will use port 80 if no other ports are available, and since most companies have port 80 open anyway, it should be an issue.

Good luck,