I'd sure appreciate any thoughts on this subject. Has anyone considered
using Sonexis, RHUB, ConnectConferencing, AlphaLogix, Juniper NetScreen
Secure Meeting appliance or similar? What concerns did you address, or
did you discover after implementation?
Thanks,
- Dan
Dan Lynch, CISSP
Information Technology Analyst
County of Placer
Auburn, CA
-----Original Message-----
From: listbounce@securityfocus.com
[mailto:listbounce@securityfocus.com] On Behalf Of Dan Lynch
Sent: Thursday, October 18, 2007 4:26 PM
To: security-basics@securityfocus.com
Subject: Enterprise web conferencing
Greetings group,
My organization will soon be implementing an appliance-based
tele-conferencing/web-conferencing solution. The intent is to
allow internal users to set up both phone and web conferences
among themselves across operational divisions and across
physical locations. These will include application and
desktop sharing, as well as occasional remote control. There
is also the desire to allow outside users (vendors, etc.) to
join in these conferences.
I'm looking for guidance regarding the security issues of
these solutions. I plan on mentioning the accidental
disclosure of private data while sharing screens. I wonder
how the lack of adequate logging might dilute accountability.
I'm concerned that inside users must authenticate through
this device against our active directory, but the device must
be internet-accessible on a DMZ to allow outside users access.
What would you worry about? How would you mitigate your concerns?
Thanks in advance,
- Dan
Dan Lynch, CISSP
Information Technology Analyst
County of Placer
