Firewall Wizards mailing list archives
Re: H.323
From: Paul Howell <grue () merit edu>
Date: Thu, 04 Mar 1999 16:06:02 -0500
Intel has a paper about firewalls and H.323 at http://www.intel.com/support/videophone/trial21/h323_wpr.htm The paper starts out: "This document is intended for implementers - both firewall developers planning to implement H.323 support and H.323 application developers planning to add proxy support to their products. With two audiences holding vastly different perspectives and experiences, this paper will often seem to explain the patently obvious (perhaps glossing over some important details). Please accept our apologies up front and bear with us; there is important new information for both groups." < paul "Joseph Pung" writes:
Hi, I am interested in obtaining "lessons learned" from those of you who may have implemented H.323 (especially if you used NetMeeting). Specifically, I am interested in the following: 1. Does your firewall support H.323 via an application proxy? 2. If so, WRT "dynamic port allocation", how exactly does your firewall handle the process? 3. What type of firewall do you have (circuit, stateful filtering, etc)? 4. Any security issues? Note, H.323 v2 has enhanced security to include authentication, integrity, privacy, and non-repudiation, although we may be using NetMeeting... In reviewing last year's thread (Jun-Sep), I saw a concern about the "shared application execution facility enabling remote users to execute unintended program on other participant's workstations" but I never really saw anything specific. 5. Any performance issues (relative to the amount of bandwidth made available for H.323)? 6. What would you have done differently? 7. What did you do that you were glad you did? I will post a summary to the list, so if you reply off-line I will not use your name, unless you specifically grant me permission. Thanks, Joe
Current thread:
- Re: H.323 Paul Howell (Mar 05)
- Re: H.323 Chris Shenton (Mar 11)