I wonder if there are new infos concerning Skype detection in a MWG7 proxy based internet connection.
We need a solution for allowing Skype through MWG (V126.96.36.199) proxy for some users.
Because Skype has some typical network behaviour even in proxy environment and
since most network based (NG-) firewalls can detect skype traffic I think it should be possible to solve this.
In the moment we use a very simple SSL-Scanner ruleset part for Skype separation:
Membership of group PowerUsers comes from NTLM authentication.
Of course, this disables SSL scanning for more than just Skype connections.
Is there a better solution?
Making the assertion that any request made by IP address is skype is not a good idea. This is especially true in transparent setups.
In the past I have posted about this previously, but the cleanest way to know if a request is coming from skype is to direct it to a separate proxy port.
Here is an example ruleset I have offered:
As far as detecting the traffic, at the moment MWG cannot differentiate between skype SSL and normal SSL. Skype SSL is a broken version of normal SSL (from what I understand).