SurfControl Enables Detection and Control Over Unauthorized Skype Implementations21 March 2006
SurfControl (LSE: SRF), the world leader in Internet content protection, today announced its ability to detect and control unauthorized Skype usage on the corporate network.
Skype is a subscription-based Internet client that enables users to make calls anywhere in the world at the cost of a local call. An amorphous application, Skype uses indiscernible encryption and is capable of working through virtually any network address translation (NAT)-based firewall. Due to its transient nature it is highly difficult to detect at the exit point. Calls are set up on dynamically changing, random port numbers using randomized communication protocols -- either UDP or TCP -- in varying packet sizes ranging anywhere from 115 to 190 bytes per packet.
To make matters more complex, users that install Skype agree to become Supernodes -- a communication node that other call nodes can route through. The nodes involved in call setup are obscured by a blast of traffic that occurs in the second or so that a Skype call is established. Tests have established that nearly a dozen nodes are contacted on the outset of the call and are dispersed all over the world. These Supernodes, when activated by other external Skype users, are providing company bandwidth to outsiders free of charge.
Though temporary in nature, Skype VoIP streams are encrypted in such a way as to render all information above the IP level unreadable. Skype file transfers and IM are likewise encrypted.
"Though the application itself does not pose a threat to the corporate network, its use introduces unnecessary risk and vulnerability that could easily cripple an organization," said Patricia Sueltz, SurfControl Chief Executive Officer. "Think of it this way: Skype is an unmonitored, largely anonymous P2P protocol service, meaning that the person you're calling, or receiving calls from, can introduce threats -- such as worms and viruses -- into the network and no one would know. You may say, 'we have anti-virus to handle that' but that's only one part of the overall problem. Skype also allows undetectable file sharing and IM, greatly facilitating the ease at which the transfer of company confidential information and intellectual property can leave the organization. No anti-virus product on the market is capable of monitoring user behavior."
Unprecedented Management and Control
Until now, there was nothing on the market that enabled a company to detect and control Skype software installation or use, short of running daily scans on all company PC's -- imposing an unreasonable burden on both financial and IT resources. Even with daily scans, the nature of Skype makes it possible for a user to install and uninstall the application repeatedly to avoid detection.
SurfControl Enterprise Threat Shield (ETS) has the capability to target and remove the Skype application when found on the company network as well as prevent its installation and use within a restricted company environment.
ETS contains the unique signature for the Skype application which enables organizations to customize network policies to limit its use to authorized employees and only during authorized times of day. ETS also can control the use and duration of a Skype-based call, and/or prevent Skype use altogether. Further, if a user attempts to access Skype for media file sharing, ETS can be customized to deny the file transfers, providing an additional safeguard against intentional and unintentional user-created threats, and limiting an organization's legal exposure.
"Effective risk mitigation means not only actively enforcing Internet acceptable use policies, but managing internal threats as proactively and aggressively as external threats," explains Sueltz, "Any instance of vulnerability introduced by the user community is one more that the IT department must defend against. By detecting and preventing the use of programs like Skype on the internal network, companies are strengthening their overall security infrastructure with little to no impact to their already overwhelmed resources."
About SurfControl
SurfControl plc is the leading provider of threat protection that shields organizations from known and emerging Internet dangers through Layered Threat Protection(SM). The Company has redefined traditional "filtering" into a unified set of Web, e-mail and messaging security solutions that continuously filter inbound and outbound Internet traffic to eliminate spam, spyware, phishing and Web and e-mail abuse. SurfControl provides Adaptive Threat Intelligence(SM) from its Global Threat Experts(SM) to respond quickly with automatic, proactive security updates to protect customers. Customers avoid significant business downtime that impacts productivity and the bottom line while limiting legal liability and enforcing regulatory compliance and confidentiality. SurfControl has more than 20,000 customers worldwide, and employs more than 500 people in offices across the United States, Europe and Asia/Pacific. For further information and news on SurfControl, please visit http://www.surfcontrol.com .
Source: prnewswire
All trademarks and copyrighted information contained herein are the property of their respective owners.
Related Voip Articles
|
