Re: Skype in the production environment

[John Hoffoss <John.Hoffoss () CSU MNSCU EDU>]

> > > On Wed, Jun 11, 2008 at  9:00 AM, Patrick P Murphy <pmurphy () NRAO EDU> wrote: 
> I used to, but I gave it up for these reasons:

Follow the link at the bottom of this page:

>    4) http://safecomputing.umn.edu/safepractices/skype.html

You can modify a registry entry to prevent Skype from becoming a supernode. This is a simple and effective tactic to 
moderate the usage of bandwidth while a computer is your University's network. I do not know if this violate's the 
Skype EULA. (Also note the University of Minnesota does not prohibit the use of Skype.)

> Technically, the Skype EULA and supernode capability are in direct
> conflict with our adopted Computing Security Policy.

I can't speak to that as I am not a lawyer, but I think the benefits of allowing Skype are enormous compared to the 
[controllable] risk that a Skype user's workstation is promoted to a supernode. The voice and video quality is hard to 
beat domestically, let a lone internationally. Apart from the volume of international students that study at each of 
our institutions, the popularity of Skype means collaborating and communicating with other staff and faculty becomes 
significantly more productive and easier at the same time.

One potential solution to both problems is to utilize QOS or packet-shaping to restrict the amount of bandwidth 
consumed by Skype traffic to something that would reasonably handle a multi-endpoint video conference, but not so much 
that an .edu Skype user becomes a juicy target for promotion to a supernode.

-jth


John T. Hoffoss, CISSP, GCIH
Information Security Specialist
Minnesota State Colleges and Universities
30 7th Street East, Suite 350
St. Paul, MN 55101
Email: john.hoffoss () csu mnscu edu
Office: 651.201.1453
Mobile: 612.867.1432