RE: Looking for information regarding the use of Skype in an Enterprise network

["Steve Armstrong" <stevearmstrong () logicallysecure com>]

Sam, 

I think you may struggle, as if you have a good layer 7 firewall you will
not get it out to the internet as it does not follow the correct HTTPS
standards.  

Therefore a good firewall will stop the outgoing connection.  This here is
an excerpt from a Skype Knowledgebase article regarding requirements to pass
Skype through firewalls (located at
http://support.skype.com/index.php?_a=knowledgebase&_j=questiondetails&_i=14
8): 

        "The minimum requirement is that Skype needs unrestricted outgoing
TCP access to all destination ports above 1024 or to ports 80 and 443 (the
former is better, however). If you don't allow either of those, Skype will
not work reliably at all. Voice quality and some other aspects of Skype
functionality will be greatly improved if you also open up outgoing UDP
traffic to all ports above 1024, and allow UDP replies to come back in."

As this is a major security downgrade we have not been able to recommend it
to our clients.

HTH

Steve Armstrong
 
Logically Secure 

Office: 01522 689 799    
Mobile: 07970 929 583    

-----Original Message-----
From: listbounce () securityfocus com [mailto:listbounce () securityfocus com] On
Behalf Of Sam Evans
Sent: 07 January 2009 17:03
To: Security Basics
Subject: Looking for information regarding the use of Skype in an Enterprise
network

All,

I'm looking to find out how many large enterprise's have allowed the
use of Skype on their networks.  We are currently evaluating the use
of Skype as a method to make end to end customer calls and am
concerned with the security aspects of the product.

I'm curious what security policies companies have put into place
regarding the use of Skype.

Thanks,
Sam

The information contained in this e-Mail and any subsequent correspondence is private and is intended solely for the 
intended recipient(s). The information in this communication may be confidential and/or legally privileged. Nothing in 
this e-mail is intended to conclude a contract on behalf of Logically Secure Ltd or make Logically Secure Ltd subject 
to any other legally binding commitments, unless the e-mail contains an express statement to the contrary or 
incorporates a formal Purchase Order.  For persons other than the intended recipient any disclosure, copying, 
distribution, or any action taken or omitted to be taken in reliance on such information is prohibited and may be 
unlawful.

Registered in England and Wales No: 05967368.  Registered Office: 36 Tudor Road, Lincoln, LN6 3LL.

Attachment: smime.p7s
Description: