cancel
Showing results for 
Search instead for 
Did you mean: 
Highlighted
mardes
Level 7

New infos for Skype detection with MWG7 proxy?

Hello!

I wonder if there are new infos concerning  Skype detection in a MWG7 proxy based internet connection.

We need a solution for allowing  Skype through MWG (V7.2.0.8)  proxy   for some users.

Because Skype has some typical network behaviour even in proxy environment and

since most network based (NG-) firewalls can detect skype traffic I think it should be possible to solve this.

In the moment we use a very simple SSL-Scanner ruleset part for Skype separation:

Skype-Rule.bmp

Membership of group PowerUsers comes from  NTLM authentication.

Of course, this disables SSL scanning for more than just Skype connections.

Is there a better solution?

Best regards,

Michael Ardes

0 Kudos
3 Replies
McAfee Employee

Re: New infos for Skype detection with MWG7 proxy?

Hi Michael,

Making the assertion that any request made by IP address is skype is not a good idea. This is especially true in transparent setups.

In the past I have posted about this previously, but the cleanest way to know if a request is coming from skype is to direct it to a separate proxy port.

Here is an example ruleset I have offered:

ftp://ftp.support.securecomputing.com/outgoing/skype-proxy.zip

As far as detecting the traffic, at the moment MWG cannot differentiate between skype SSL and normal SSL. Skype SSL is a broken version of normal SSL (from what I understand).

Best,

Jon

feickholt
Level 10

Re: New infos for Skype detection with MWG7 proxy?

How prevent this solution the use of the Skype port by normal https traffice which is manual entered in internet options?

0 Kudos
McAfee Employee

Re: New infos for Skype detection with MWG7 proxy?

As FTP link become invalid I've reupload this rule set to ftp://ftp.webwasher.com/pub/MWG/skype-proxy.zip

-Sergej

0 Kudos