Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Security-Basics
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Enterprise web conferencing

from [Dan Lynch] Network Security [Permanent Link]
Subject: Enterprise web conferencing
Date: Thu, 18 Oct 2007 16:26:04 -0700 
Greetings group,

My organization will soon be implementing an appliance-based
tele-conferencing/web-conferencing solution. The intent is to allow
internal users to set up both phone and web conferences among themselves
across operational divisions and across physical locations. These will
include application and desktop sharing, as well as occasional remote
control. There is also the desire to allow outside users (vendors, etc.)
to join in these conferences.

I'm looking for guidance regarding the security issues of these
solutions. I plan on mentioning the accidental disclosure of private
data while sharing screens. I wonder how the lack of adequate logging
might dilute accountability. I'm concerned that inside users must
authenticate through this device against our active directory, but the
device must be internet-accessible on a DMZ to allow outside users
access.

What would you worry about? How would you mitigate your concerns? 

Thanks in advance,

- Dan

Dan Lynch, CISSP
Information Technology Analyst
County of Placer
[More messages with this same subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: IDS-IPS Recommendations, rohnskii
Next by Date:  Re: Re: IDS-IPS Recommendations, rohnskii
Previous by Thread:  IDS-IPS Recommendations, Al Cooper
Next by Thread:  RE: Enterprise web conferencing, Dan Lynch
Indexes:  [Date] [Thread] [Top] [All Lists]