Feeds

A streaming headache for IT managers

Preserving business bandwidth

Reducing the cost and complexity of web vulnerability management

The long summer of sport draws to a close, and corporate networks draw a breath of relief as multiple streams of video cease to take 90 per cent of available bandwidth from the business. How was it for you? Did the voices from on high make the big statement "stop all streaming media - now!" And what was your response?

The problem is that the use of streaming media is only going to increase as an issue. At the moment, for the majority of organisations, it's just a basic problem - if it's streaming, it needs to be stopped, as there's no corporate case for streaming media.

Increasingly, corporates will find valid uses for streaming media and that will be where the problems start, as we find that basic tools can be used for both "real" and non-allowed functions. So, what can you do to stop unwarranted usage of media streams on your network?

Well, surely it's easy - just block the ports at the firewall. What do you mean, the users use peer-to-peer clients with floating ports? OK, still no problem, there's a Plan B. Let's identify the video streams by packet inspection and kill those. Ah, now the company's new IP-based video conferencing system has stopped working. Being full of cunning plans, let's move to Plan C. Let's label the corporate video using multi-protocol labelling service (MPLS) at source, and then kill anything that doesn't have the correct label. What do you mean that the network doesn't support it, it's only your wide area network provider who can manage that? On to Plan D, let's just kill off the firewall until it's all over and concentrate on the CV for that other job...

It's even worse when rank gets in on the act as well - was the word from above more like "stop all this streaming media - but make sure I can still get it"? Even better - now we have to let the content through the firewall and then try and deal with it. If only there was something that can be done at an individual basis.

How about white-listing applications at users' desktops? Now we're getting somewhere. We're all used to black lists - stopping known things from occurring. However, white lists only let known things occur - a slightly different approach.

SecureWave's Sanctuary product allows you to lock individuals' desktops down so that only registered, allowable applications can be run - that will stop anything like MediaPlayer from running, and will certainly kill anything that is a dodgy downloaded peer-to-peer application.

The powers that be can still watch their summer of sport, as they can be registered as having the need for the requisite application. Everyone else finds that they haven't got the application, and even if they try to install it, it won't run. Trouble is when people need MediaPlayer for some corporate stuff like watching the CEO's latest guff on how downsizing is right for the company, while he/she/it takes another 50 per cent bonus rise.

Overall, it looks like this is the old onion approach - you will need to look at the various layers of a system to ensure that you can stop the bad and allow the good.

However, one final plan - Plan E. How about a different approach; why not allow people to stream the media? Won't this kill the network? Not necessarily. Using proxy servers and real-time caching can make it that instead of multiple streams of the same content clogging up the WAN and the main corporate backbone, single streams can be used to populate proxy caches closer to main points of usage. It still hits the network, but at least it's controllable.

If nothing else works, next time, just bung a TV in the corner, give the remote control to the senior person in the department and watch the arguments. In any case, if you're in the UK, make sure you have a licence.

Copyright © 2006, Quocirca

The next step in data security

More from The Register

next story
Phones 4u slips into administration after EE cuts ties with Brit mobe retailer
More than 5,500 jobs could be axed if rescue mission fails
Driving with an Apple Watch could land you with a £100 FINE
Bad news for tech-addicted fanbois behind the wheel
Phones 4u website DIES as wounded mobe retailer struggles to stay above water
Founder blames 'ruthless network partners' for implosion
Sony says year's losses will be FOUR TIMES DEEPER than thought
Losses of more than $2 BILLION loom over troubled Japanese corp
Radio hams can encrypt, in emergencies, says Ofcom
Consultation promises new spectrum and hints at relaxed licence conditions
Why Oracle CEO Larry Ellison had to go ... Except he hasn't
Silicon Valley's veteran seadog in piratical Putin impression
Big Content Australia just blew a big hole in its credibility
AHEDA's research on average content prices did not expose methodology, so appears less than rigourous
Bono: Apple will sort out monetising music where the labels failed
Remastered so hard it would be difficult or impossible to master it again
prev story

Whitepapers

Secure remote control for conventional and virtual desktops
Balancing user privacy and privileged access, in accordance with compliance frameworks and legislation. Evaluating any potential remote control choice.
WIN a very cool portable ZX Spectrum
Win a one-off portable Spectrum built by legendary hardware hacker Ben Heck
Storage capacity and performance optimization at Mizuno USA
Mizuno USA turn to Tegile storage technology to solve both their SAN and backup issues.
High Performance for All
While HPC is not new, it has traditionally been seen as a specialist area – is it now geared up to meet more mainstream requirements?
The next step in data security
With recent increased privacy concerns and computers becoming more powerful, the chance of hackers being able to crack smaller-sized RSA keys increases.