ad info
   personal technology

 custom news
 Headline News brief
 daily almanac
 CNN networks
 CNN programs
 on-air transcripts
 news quiz

CNN Websites
 video on demand
 video archive
 audio on demand
 news email services
 free email accounts
 desktop headlines

 message boards




Veteran protocol lands new role as multimedia star

September 28, 1999
Web posted at: 10:30 a.m. EDT (1430 GMT)

by Carolyn Duffy Marsan

Network World Fusion

(IDG) -- Maybe you can teach an old dog new tricks. The 9-year-old SOCKS protocol - originally developed as a general-purpose proxy - is emerging as one of the best ways to secure multimedia applications across the Internet.

The latest version of SOCKS offers network managers an easier way to run videoconferencing and video and audio streaming through firewalls, which has been difficult and timeconsuming. SOCKS V5 does this by providing a single and powerful method of authenticating users and managing security policies for all Internet applications, including multimedia.

A growing number of products support SOCKS V5, including firewalls from Novell and Milkyway Networks; extranet-oriented virtual private networks (VPN) from Hewlett-Packard and Aventail; and real-time conferencing applications such as Lotus' Sametime. IBM is expected to announce support for SOCKS V5 in its firewall this week.
  Network World Fusion home page
  Free Network World Fusion newsletters
  Managing the flow of streaming media, 08/05/99
  How SOCKS fits, 09/27/99
 Reviews & in-depth info at
 *'s bridges & routers page's hubs & switches page
 *'s network operating systems page's network management software page
  Year 2000 World
  Questions about computers? Let's editors help you
  Subscribe to's free daily newsletter for network experts
  Search in 12 languages
 News Radio
 * Fusion audio primers
 * Computerworld Minute

The role of SOCKS V5 in multimedia security will be discussed at the second annual SOCKS developer's conference this week in Santa Clara, Calif. About 150 developers and enterprise customers are expected to attend.

"These newer streaming protocols are very complex. Securing them is a real challenge," says Saqib Jang, director of marketing at NEC Systems. A leading proponent of SOCKS, NEC licenses its SOCKS V5 server software to Aventail, IBM, HP and others. "SOCKS V5 is really the first workable solution for multimedia across the Internet."

Without SOCKS V5, network managers are running into problems getting multimedia applications to work through their firewalls.

Just ask Ray Lincolnhol, a product specialist with Baan Indirect Channels in Grand Rapids, Mich. Lincolnhol's group uses Microsoft's NetMeeting to conduct videoconferences over the Internet with resellers and customers. However, Baan had to set up a server outside the firewall to host the videoconferences.

"We don't employ a great deal of security right now," Lincolnhol admits, adding that Baan doesn't share any sensitive or proprietary data over the videoconferences, just "generic product demonstrations."

Marketstar, an Ogden, Utah, marketing firm, also set up a server outside its firewall to handle videoconferences over the Internet with resellers. But with this workaround, the company can't use the chat, file transfer, whiteboarding or application-sharing features of its EnVision desktop conferencing system from Sorenson Vision.

"We can communicate with audio and video, but we can't collaborate," says Mark Slater, an account executive for Marketstar. He calls the problem "a big issue that needs to be resolved."

SOCKS V5 resolves that issue by providing user authentication for a host of Internet protocols including H.323 videoconferencing and RealAudio. SOCKS V5 is not only flexible in that it supports multiple protocols, but it's also powerful, giving network managers a great deal of control over traffic.

"What is driving all of the interest in SOCKS is the need to have a much higher degree of intelligence in firewall and border control products," NEC's Jang says. "SOCKS V5 lets you set who can go to the 'Net and use what application and what type of authentication they'll need."

Sorenson Vision, a multimedia vendor in Logan, Utah, received complaints from enterprise customers who wanted to conduct videoconferences over the Internet but ran into problems with their firewalls and network address translation (NAT) devices. So Sorenson Vision embarked on a year-long research project to find a way to secure EnVision traffic over the Internet. The company's engineers found two options: write a proprietary proxy server or use SOCKS V5.

"The best solution was SOCKS," says Mark Fallentine, a security architect with Sorenson Vision. "We can't have a solution for every NAT and firewall. We wanted a solution to work with all of them."

Still, SOCKS V5 is not a panacea for multimedia security. In addition to the SOCKS V5 server software, clients must have SOCKS V5 software installed, and applications must be "socksified." Getting SOCKS V5 to work with emerging Internet applications such as RealAudio isn't as simple as plug and play, developers say.

"Multimedia applications still carry enough proprietary stuff in them that we need to tweak the SOCKS V5 server to support them," says Frederic Martin, the product line manager for Novell's BorderManager firewall, which supports SOCKS V4 and V5.

"SOCKS isn't the right solution for every problem that exists with multimedia," says Marc Van Heyningen, Internet security architect for Aventail, an extranet vendor in Seattle. He says some observers predict that the IP Security standard will eventually replace SOCKS V5 for securing multimedia applications, but he sees a role for both protocols.

For now, SOCKS V5 is good enough for Wireless One, a Jackson, Miss., ISP that uses the SOCKS V5 feature of Novell's BorderManager to grant a handful of top executives the ability to receive RealAudio streams. "We can allow or deny access to just about any protocol or application by user or IP address," says John Cressman, network communications manager for Wireless One.

Meanwhile, HP uses the protocol to support audio streaming on its employee Web site. HP uses its own SOCKS V5-compliant Praesidium Extranet VPN to handle the traffic.

"We just open up one port in the firewall for streaming audio and data," says Narayan Makaram, a senior technical consultant with HP's Internet Security Division. "SOCKS is making that possible."

The great IP crunch of 2010
September 21, 1999
The next best thing to IPv6?
September 21, 1999
"Original" hypertext project delivers -- 30 years later
September 2, 1999

How SOCKS fits
(Network World Fusion)
Managing the flow of streaming media
(Network World Fusion)
New advocacy group to drive next-generation IP protocol
(Network World Fusion)
Interactive content and multimedia could transform the Net
Web multimedia goes mainstream
Web conferencing tool uses streaming media
(PC World Online)
Note: Pages will open in a new browser window
External sites are not endorsed by CNN Interactive.

Welcome to SOCKS
IPSec vs. SOCKS v5 (Aventail white paper)
Note: Pages will open in a new browser window
External sites are not endorsed by CNN Interactive.
Enter keyword(s)   go    help

Back to the top   © 2001 Cable News Network. All Rights Reserved.
Terms under which this service is provided to you.
Read our privacy guidelines.