“Do I Make You Horny?”

Pity the House Ethics committee tracking down the unsavory history of Mark Foley’s X-rated online communications. The committee’s job might be easier if the government invested in one of San Diego-based Akonix’ security appliances to control, log and archive electronic messages.

Plenty have noticed that Skype presents the same security risks for organizations as instant messaging. It’s an easy conduit for malware to enter the network or the company’s business plan to leave, as well as another avenue for time wasting and sexual harassment – as “family-values” loving Republicans have learned to their dismay.

So it’s logical that a company that made its name in IM security would turn its hand to Skype. This week Akonix announced its L7 Skype Manager, which monitors and manages Skype use over corporate networks.

Just as IM entered the workplace from the bottom up when employees started using AIM at home, Skype is also coming to work as more and more people join the Skype family. And this has IT managers are worried.

The problems lie in Skype’s opacity.

“Skype’s been very forthcoming in assisting the security community,” says Akonix VP of Marketing Don Montgomery. “But there are still questions about Skype’s protocol [which is proprietary and closed] and how it routes through the Internet and through the firewall. The issue is that IT professionals who are paid to know, don’t know. And anything they don’t know is a potential risk and liability to the corporation. There’s no way an IT guy can see who initiates a [Skype] call, where it went, or who sent files.”

Akonix gives IT departments a tool for enforcing policies about Skype use. They can choose to block Skype completely or allow its use in certain parts of the network. For example, companies might allow Skype use in branch sales offices but not, say, from the manufacturing plant or accounting department. The appliance also logs Skype traffic by IP address and flags blocked attempts as well and can block file transfers and Skype instant messages.

But how does Akonix pull it off? After all, identifying Skype traffic is notoriously difficult because the packets are encrypted and designed to slip under the security radar – often looking like a secure Web session.

Akonix does it by reading the first few packets and doing a “signature-based” recognition, Montgomery says. “We look at the packets themselves, the port they’re trying to traverse and balance that against anything that should be coming through.”

While Akonix’ other products can monitor Skype use, the impetus for a single-purpose Skype box came from customers.

“Customers were asking for a single purpose appliance for simplicity,” Montgomery says. “There’s no need to worry about policy management for email or portals. The appliance concept is simplicity. Messaging appliances are third generation. They’re now a preferable means of securing IM, email and now VoIP.”

Be Sociable, Share!