Skype in the Enterprise

Simon Lucy simon.lucy at
Thu Jan 19 16:43:05 UTC 2012

Mike Gatti wrote:

> Hello Everyone,
> I wanted to get the groups opinions/thought on how you would or currently handle users wanting or using Skype in the enterprise.
> Recently what has brought this to light was the fact that our firewalls started to deny/shun users randomly from access to the internet.
> After a couple of dozen packet captures and cross checking software installed on the clients machines we narrowed down the culprit to be Skype, which later we validated in Lab.
> What we saw was in random intervals all skype clients would send a burst of requests to the internet which would trigger the  intrusion detection threshold of our security appliances.
> Given that there were no changes to those thresholds I am left to ask what caused this behavior to start, a software update or an update to the skype network (if it can be called that)?
> I am trying to educate myself a little more before facing the lynch mobs when I start advising on a solution.

You can start with the network admin's guide if gives the basic 
characteristics of normal Skype network behaviour and how it punches 
through NAT, STUN etc.


> Thanks for taking the time,
> --
> Michael Gatti
> main. 949.371.5474
> (UTC -8)

More information about the NANOG mailing list