Educause Security Discussion mailing list archives

Re: IP Videoconferencing

From: Brian Reilly <reillyb () GEORGETOWN EDU>
Date: Wed, 5 Nov 2003 10:03:41 -0500

On Wed, 5 Nov 2003, Walsh, Brian R. (Information Services) wrote:

We have a request from our Instructional Technology group to allow
access through our firewall for a new IP videoconferencing unit.
Allowing this through the firewall seems to be relatively low risk and
I think our firewalls may even be "H.323 aware" which would make this
a little easier to do and perhaps more secure. I am assuming that the
videoconferencing hardware and software take care of other security
like authentication, encryption, etc.

Is there anything specific I should be worried about with this setup?
I don't know much about the protocols or products involved so any
advice would be appreciated. Thanks.


I wouldn't assume that the devices are properly taking care of
authentication, encryption, and other security requirements.  Several
popular videoconferencing devices ship with default passwords, only
support cleartext protocols for management, and may not enable encryption
by default.

--Brian

**********
Participation and subscription information for this EDUCAUSE Discussion Group discussion list can be found at 
http://www.educause.edu/cg/.

Current thread:

IP Videoconferencing Walsh, Brian R. (Information Services) (Nov 05)
- <Possible follow-ups>
- Re: IP Videoconferencing Brian Reilly (Nov 05)
- Re: IP Videoconferencing Davis, Thomas R. (Nov 05)
- Re: IP Videoconferencing Ron Parker (Nov 05)
- Re: IP Videoconferencing Tina Bird (Nov 05)
- Re: IP Videoconferencing Charlie Prothero (Nov 05)
- Re: IP Videoconferencing Jere Retzer (Nov 06)