As I've mentioned many times, I serve many masters. In networking, the two areas I focus in most are information security and VoIP, or what is today, unified communications services.

Due to my security background and years in the enterprise network world, P2P technologies present a real challenge. P2P solutions can, and often do, take control of the security of the corporate network out of the hands of the IT staff. The IT security staff are often the best qualified, most knowledgable people about the corporate network in detail.

P2P solutions may put enterprise network security in the hands of sales people, managers, admin staff, and others who don't know even the rudimentary basics of networking security. In short, these are people who will do something that works for them at the peril of your network.

They don't endanger your network purposely. There is no malice aforethought. They just don't realize what they might be doing. They're trying to do their jobs. And in some cases, they're trying to enable personal communications tools at the same time.

I'm going to use Skype as my example, but it's just one example of P2P that's well documented. There's one nice paper on P2P communications by Febeke Okafor here. Okafor's paper provides a solif overview, addressing

• Distributed Peer-to-Peer Overlay approach to VoIP Telephony (Method used by Skype)
• Directed SIP Peer-to-Peer (DSP) technology (Method used by Fusion Telecommunications International)
• Peer-to-Peer Internet Telephony using SIP

He includes some discussion Comparing the Client-Server IP VoIP implementation to Peer-to-Peer VoIP implementation. With a little research, you can find many more.reference papers

The latest 2.5 release of Skype raises some hackles. Here are a couple of examples.

On Turn2VoIP we read -

Skype’s version 2.5 Beta - Network admin Nightmare
The new release of the Skype peer to peer VoIP software is causing trouble in the network administrators world due to the changes the developers have made to the connection set-up procedure. Companies who currently offer anti Skype filters for corporate networks say that Skype are really trying to get into the “company network infrastructure”.

More detail is noted by Jan Geinaert, one of the premier Skype watchers.

Blocking Skype : even more difficult now.
The battle is on : Latest Skype beta more difficult to block. It’s one of the best solutions to bypass firewall without getting noticed. It’s a scary «little» thing. According this article the Skype community runs the world's largest supercomputer. Nice comparison. We are indeed all sharing a bit of our bandwidth and opening our buisness and social network to achieve at lower cost what used to be impossible : calling around the world at a fair rate and if needed make the jump to PSTN/Cellphones. On top of that you get video-chat, christal clear soundquality when you stay on the p2p Skype-cloud. I really don’t get the point on the matter off all these other companies complaining about skype this and that. It is simply better and they did not invent it. They are just protecting their turf of existing customers that are and will slowly make the jump towards «shared telephony» networks.

The article Jan references puts the situation in a very direct perspective -

The recently released Skype 2.5 beta has so far been praised by enthusiasts, but one significant feature is being ignored, it seems – the program is now much more difficult to block.

The development signals another round in the small but fierce war between Skype's designers and the growing band of security companies that sell products to block the software on corporate networks.

Whether the situation truly constitutes a "small but fierce war between Skype's designers and the growing band of security companies" is certainly a subject for debate.  Many businesses are deeply concerned about how to control Skype in the corporate network. Policy control has been the primary method many companies employ, but as we know, policies aren't always strictly followed. In many cases, they aren't ingrained in the corporate culture. When people don't understand, accept and embrace corporate policies, or policies aren't well articulated and explained, they may not be enough.

I recently posted VoIP and Rogue Protocols - One way to secure the corporate network, describing how Network Admission Controls solutions might provide a technological tool to assist in policy enforcement.

We are passing through an evolutionary stage in networking. Most visionaries agree that peer-to-peer technologies bring incredible value to networking tools. Whether it's in collaborative multimedia voice/ video, resource sharing, or distributed computing, it's clear that, over time, we will embrace P2P and incorporate it into everyday network use. But today it still presents an area of concern that warrants close observation.


Technorati Tags: VoIP, Skype, P2P, peer-to-peer