Home page logo

basics logo Security Basics mailing list archives

RE: Enterprise web conferencing
From: "Dan Lynch" <DLynch () placer ca gov>
Date: Wed, 24 Oct 2007 16:36:31 -0700

I'd sure appreciate any thoughts on this subject. Has anyone considered
using Sonexis, RHUB, ConnectConferencing, AlphaLogix, Juniper NetScreen
Secure Meeting appliance or similar? What concerns did you address, or
did you discover after implementation?


- Dan

Dan Lynch, CISSP
Information Technology Analyst
County of Placer
Auburn, CA

-----Original Message-----
From: listbounce () securityfocus com 
[mailto:listbounce () securityfocus com] On Behalf Of Dan Lynch
Sent: Thursday, October 18, 2007 4:26 PM
To: security-basics () securityfocus com
Subject: Enterprise web conferencing

Greetings group,

My organization will soon be implementing an appliance-based 
tele-conferencing/web-conferencing solution. The intent is to 
allow internal users to set up both phone and web conferences 
among themselves across operational divisions and across 
physical locations. These will include application and 
desktop sharing, as well as occasional remote control. There 
is also the desire to allow outside users (vendors, etc.) to 
join in these conferences.

I'm looking for guidance regarding the security issues of 
these solutions. I plan on mentioning the accidental 
disclosure of private data while sharing screens. I wonder 
how the lack of adequate logging might dilute accountability. 
I'm concerned that inside users must authenticate through 
this device against our active directory, but the device must 
be internet-accessible on a DMZ to allow outside users access.

What would you worry about? How would you mitigate your concerns? 

Thanks in advance,

- Dan

Dan Lynch, CISSP
Information Technology Analyst
County of Placer

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]