ad info




CNN.com
 MAIN PAGE
 WORLD
 ASIANOW
 U.S.
 LOCAL
 POLITICS
 WEATHER
 BUSINESS
 SPORTS
 TECHNOLOGY
   computing
   personal technology
   space
 NATURE
 ENTERTAINMENT
 BOOKS
 TRAVEL
 FOOD
 HEALTH
 STYLE
 IN-DEPTH

 custom news
 Headline News brief
 daily almanac
 CNN networks
 CNN programs
 on-air transcripts
 news quiz

  CNN WEB SITES:
CNN Websites
 TIME INC. SITES:
 MORE SERVICES:
 video on demand
 video archive
 audio on demand
 news email services
 free email accounts
 desktop headlines
 pointcast
 pagenet

 DISCUSSION:
 message boards
 chat
 feedback

 SITE GUIDES:
 help
 contents
 search

 FASTER ACCESS:
 europe
 japan

 WEB SERVICES:
COMPUTING

Veteran protocol lands new role as multimedia star

September 28, 1999
Web posted at: 10:30 a.m. EDT (1430 GMT)

by Carolyn Duffy Marsan

From...
Network World Fusion

(IDG) -- Maybe you can teach an old dog new tricks. The 9-year-old SOCKS protocol - originally developed as a general-purpose proxy - is emerging as one of the best ways to secure multimedia applications across the Internet.

The latest version of SOCKS offers network managers an easier way to run videoconferencing and video and audio streaming through firewalls, which has been difficult and timeconsuming. SOCKS V5 does this by providing a single and powerful method of authenticating users and managing security policies for all Internet applications, including multimedia.

A growing number of products support SOCKS V5, including firewalls from Novell and Milkyway Networks; extranet-oriented virtual private networks (VPN) from Hewlett-Packard and Aventail; and real-time conferencing applications such as Lotus' Sametime. IBM is expected to announce support for SOCKS V5 in its firewall this week.
MORE COMPUTING INTELLIGENCE
IDG.net   IDG.net home page
  Network World Fusion home page
  Free Network World Fusion newsletters
  Managing the flow of streaming media, 08/05/99
  How SOCKS fits, 09/27/99
 Reviews & in-depth info at IDG.net
 *   IDG.net's bridges & routers page
  IDG.net's hubs & switches page
 *   IDG.net's network operating systems page
  IDG.net's network management software page
  Year 2000 World
  Questions about computers? Let IDG.net's editors help you
  Subscribe to IDG.net's free daily newsletter for network experts
  Search IDG.net in 12 languages
 News Radio
 * Fusion audio primers
 * Computerworld Minute
   

The role of SOCKS V5 in multimedia security will be discussed at the second annual SOCKS developer's conference this week in Santa Clara, Calif. About 150 developers and enterprise customers are expected to attend.

"These newer streaming protocols are very complex. Securing them is a real challenge," says Saqib Jang, director of marketing at NEC Systems. A leading proponent of SOCKS, NEC licenses its SOCKS V5 server software to Aventail, IBM, HP and others. "SOCKS V5 is really the first workable solution for multimedia across the Internet."

Without SOCKS V5, network managers are running into problems getting multimedia applications to work through their firewalls.

Just ask Ray Lincolnhol, a product specialist with Baan Indirect Channels in Grand Rapids, Mich. Lincolnhol's group uses Microsoft's NetMeeting to conduct videoconferences over the Internet with resellers and customers. However, Baan had to set up a server outside the firewall to host the videoconferences.

"We don't employ a great deal of security right now," Lincolnhol admits, adding that Baan doesn't share any sensitive or proprietary data over the videoconferences, just "generic product demonstrations."

Marketstar, an Ogden, Utah, marketing firm, also set up a server outside its firewall to handle videoconferences over the Internet with resellers. But with this workaround, the company can't use the chat, file transfer, whiteboarding or application-sharing features of its EnVision desktop conferencing system from Sorenson Vision.

"We can communicate with audio and video, but we can't collaborate," says Mark Slater, an account executive for Marketstar. He calls the problem "a big issue that needs to be resolved."

SOCKS V5 resolves that issue by providing user authentication for a host of Internet protocols including H.323 videoconferencing and RealAudio. SOCKS V5 is not only flexible in that it supports multiple protocols, but it's also powerful, giving network managers a great deal of control over traffic.

"What is driving all of the interest in SOCKS is the need to have a much higher degree of intelligence in firewall and border control products," NEC's Jang says. "SOCKS V5 lets you set who can go to the 'Net and use what application and what type of authentication they'll need."

Sorenson Vision, a multimedia vendor in Logan, Utah, received complaints from enterprise customers who wanted to conduct videoconferences over the Internet but ran into problems with their firewalls and network address translation (NAT) devices. So Sorenson Vision embarked on a year-long research project to find a way to secure EnVision traffic over the Internet. The company's engineers found two options: write a proprietary proxy server or use SOCKS V5.

"The best solution was SOCKS," says Mark Fallentine, a security architect with Sorenson Vision. "We can't have a solution for every NAT and firewall. We wanted a solution to work with all of them."

Still, SOCKS V5 is not a panacea for multimedia security. In addition to the SOCKS V5 server software, clients must have SOCKS V5 software installed, and applications must be "socksified." Getting SOCKS V5 to work with emerging Internet applications such as RealAudio isn't as simple as plug and play, developers say.

"Multimedia applications still carry enough proprietary stuff in them that we need to tweak the SOCKS V5 server to support them," says Frederic Martin, the product line manager for Novell's BorderManager firewall, which supports SOCKS V4 and V5.

"SOCKS isn't the right solution for every problem that exists with multimedia," says Marc Van Heyningen, Internet security architect for Aventail, an extranet vendor in Seattle. He says some observers predict that the IP Security standard will eventually replace SOCKS V5 for securing multimedia applications, but he sees a role for both protocols.

For now, SOCKS V5 is good enough for Wireless One, a Jackson, Miss., ISP that uses the SOCKS V5 feature of Novell's BorderManager to grant a handful of top executives the ability to receive RealAudio streams. "We can allow or deny access to just about any protocol or application by user or IP address," says John Cressman, network communications manager for Wireless One.

Meanwhile, HP uses the protocol to support audio streaming on its employee Web site. HP uses its own SOCKS V5-compliant Praesidium Extranet VPN to handle the traffic.

"We just open up one port in the firewall for streaming audio and data," says Narayan Makaram, a senior technical consultant with HP's Internet Security Division. "SOCKS is making that possible."


RELATED STORIES:
The great IP crunch of 2010
September 21, 1999
The next best thing to IPv6?
September 21, 1999
"Original" hypertext project delivers -- 30 years later
September 2, 1999

RELATED IDG.net STORIES:
How SOCKS fits
(Network World Fusion)
Managing the flow of streaming media
(Network World Fusion)
New advocacy group to drive next-generation IP protocol
(Network World Fusion)
Interactive content and multimedia could transform the Net
(Infoworld.com)
Web multimedia goes mainstream
(Infoworld.com)
Web conferencing tool uses streaming media
(PC World Online)
Note: Pages will open in a new browser window
External sites are not endorsed by CNN Interactive.

RELATED SITES:
Welcome to SOCKS
IPSec vs. SOCKS v5 (Aventail white paper)
Note: Pages will open in a new browser window
External sites are not endorsed by CNN Interactive.
 LATEST HEADLINES:
SEARCH CNN.com
Enter keyword(s)   go    help

Back to the top   © 2001 Cable News Network. All Rights Reserved.
Terms under which this service is provided to you.
Read our privacy guidelines.