Feeds

A streaming headache for IT managers

Preserving business bandwidth

Security for virtualized datacentres

The long summer of sport draws to a close, and corporate networks draw a breath of relief as multiple streams of video cease to take 90 per cent of available bandwidth from the business. How was it for you? Did the voices from on high make the big statement "stop all streaming media - now!" And what was your response?

The problem is that the use of streaming media is only going to increase as an issue. At the moment, for the majority of organisations, it's just a basic problem - if it's streaming, it needs to be stopped, as there's no corporate case for streaming media.

Increasingly, corporates will find valid uses for streaming media and that will be where the problems start, as we find that basic tools can be used for both "real" and non-allowed functions. So, what can you do to stop unwarranted usage of media streams on your network?

Well, surely it's easy - just block the ports at the firewall. What do you mean, the users use peer-to-peer clients with floating ports? OK, still no problem, there's a Plan B. Let's identify the video streams by packet inspection and kill those. Ah, now the company's new IP-based video conferencing system has stopped working. Being full of cunning plans, let's move to Plan C. Let's label the corporate video using multi-protocol labelling service (MPLS) at source, and then kill anything that doesn't have the correct label. What do you mean that the network doesn't support it, it's only your wide area network provider who can manage that? On to Plan D, let's just kill off the firewall until it's all over and concentrate on the CV for that other job...

It's even worse when rank gets in on the act as well - was the word from above more like "stop all this streaming media - but make sure I can still get it"? Even better - now we have to let the content through the firewall and then try and deal with it. If only there was something that can be done at an individual basis.

How about white-listing applications at users' desktops? Now we're getting somewhere. We're all used to black lists - stopping known things from occurring. However, white lists only let known things occur - a slightly different approach.

SecureWave's Sanctuary product allows you to lock individuals' desktops down so that only registered, allowable applications can be run - that will stop anything like MediaPlayer from running, and will certainly kill anything that is a dodgy downloaded peer-to-peer application.

The powers that be can still watch their summer of sport, as they can be registered as having the need for the requisite application. Everyone else finds that they haven't got the application, and even if they try to install it, it won't run. Trouble is when people need MediaPlayer for some corporate stuff like watching the CEO's latest guff on how downsizing is right for the company, while he/she/it takes another 50 per cent bonus rise.

Overall, it looks like this is the old onion approach - you will need to look at the various layers of a system to ensure that you can stop the bad and allow the good.

However, one final plan - Plan E. How about a different approach; why not allow people to stream the media? Won't this kill the network? Not necessarily. Using proxy servers and real-time caching can make it that instead of multiple streams of the same content clogging up the WAN and the main corporate backbone, single streams can be used to populate proxy caches closer to main points of usage. It still hits the network, but at least it's controllable.

If nothing else works, next time, just bung a TV in the corner, give the remote control to the senior person in the department and watch the arguments. In any case, if you're in the UK, make sure you have a licence.

Copyright © 2006, Quocirca

Beginner's guide to SSL certificates

More from The Register

next story
The 'fun-nification' of computer education – good idea?
Compulsory code schools, luvvies love it, but what about Maths and Physics?
Facebook, Apple: LADIES! Why not FREEZE your EGGS? It's on the company!
No biological clockwatching when you work in Silicon Valley
Lords take revenge on REVENGE PORN publishers
Jilted Johns and Jennies with busy fingers face two years inside
Yes, yes, Steve Jobs. Look what I'VE done for you lately – Tim Cook
New iPhone biz baron points to Apple's (his) greatest successes
Happiness economics is bollocks. Oh, UK.gov just adopted it? Er ...
Opportunity doesn't knock; it costs us instead
Ex-US Navy fighter pilot MIT prof: Drones beat humans - I should know
'Missy' Cummings on UAVs, smartcars and dying from boredom
Sysadmin with EBOLA? Gartner's issued advice to debug your biz
Start hoarding cleaning supplies, analyst firm says, and assume your team will scatter
Edward who? GCHQ boss dodges Snowden topic during last speech
UK spies would rather 'walk' than do 'mass surveillance'
prev story

Whitepapers

Forging a new future with identity relationship management
Learn about ForgeRock's next generation IRM platform and how it is designed to empower CEOS's and enterprises to engage with consumers.
Why and how to choose the right cloud vendor
The benefits of cloud-based storage in your processes. Eliminate onsite, disk-based backup and archiving in favor of cloud-based data protection.
Three 1TB solid state scorchers up for grabs
Big SSDs can be expensive but think big and think free because you could be the lucky winner of one of three 1TB Samsung SSD 840 EVO drives that we’re giving away worth over £300 apiece.
Reg Reader Research: SaaS based Email and Office Productivity Tools
Read this Reg reader report which provides advice and guidance for SMBs towards the use of SaaS based email and Office productivity tools.
Security for virtualized datacentres
Legacy security solutions are inefficient due to the architectural differences between physical and virtual environments.