Français | Deutsch           
 
LEARN ABOUT
   
CONTACT INFO
India Flag
New Delhi Office:
No. 297, (Terrace)
Vikas Kunj, Vikaspuri,
New Delhi-110018 INDIA
Telefax: +91-11-25616218
Mobile:9899626269
E-mail: info@wcs.co.in
!

Learn About
 

2. Video Conferencing

1. What is video conferencing?
Videoconferencing or video meetings provide a means for efficient communication, collaboration and decision-making even when people cannot be physically present in the same location. It has many of the same advantages as a face-to-face meeting including being able to see each other's facial expressions and body language. It also allows people to share files and data, so that it is easy to hold presentations, review documents and make fast decisions.

2. What components are required for a video conference?

The minimum required components at each endpoint of a videoconference are a microphone, a camera, a codec, a monitor and a speaker. The camera and microphone capture the image and sound, the codec converts the video and audio into a digital signal, encodes it and sends it out. The codec at the other end decodes the signal and distributes the video and audio to the monitor and speaker. Top quality videoconferencing systems can provide additional features which enhance the video meeting and system providers can help tailor-make the system for a particular meeting environment or purpose.


3. What kind of network do I need for a video conference?
You can have a videoconference on almost any type of digital network. ISDN is currently the most common network however IP is quickly becoming wide-spread.

4. What kind of audio and video quality will I receive?
As a general rule, the higher the bandwidth used to connect the systems, the better the audio and video quality. When you have a video meeting, the quality is just like broadcast TV. The people are easy to see and hear and the picture is sharp.

5. Who can I talk to using video conferencing?
You can use your videoconferencing system to collaborate with anyone who has a standards-based videoconferencing system or a telephone, including co-workers, employees, customers and suppliers.

6. How long will it take me to learn to use my videoconferencing system?
Ease of use is essential to videoconferencing. If you can make a call on your mobile telephone, you will be able to set up a call with a videoconferencing system.

7. How quickly will my investment in videoconferencing equipment pay off?
Many companies are experiencing the value of videoconferencing and the quick rate of return they receive due to accelerated decision-making processes, efficient communications, and improved information flow.

8. How can videoconferencing form part of my company's overall communications strategy?
Videoconferencing is increasingly being seen as a mission critical technology and an integral part of companies overall communications strategies.

9. Can I purchase a system in my home country for installation at our company's office in another country?
Yes, now almost all the OEMs are having Global Presence Programs that makes it easy for a company to deliver and implement videoconferencing at its offices around the world.


Return to top



10. Is it safe to discuss confidential matters in a videoconferencing call?
Using encryption, a feature on almost all the videoconferencing systems, the video calls will have a high level of security. The encryption process occurs automatically at the start of a videoconference without the caller having to make any adjustments to the system. Some videoconferencing products are even compatible with external encryption devices.

11. Why is it important to select a standards-based videoconferencing system?
Standards guarantee compatibility between different manufacturers' systems. When you select standards-based equipment you ensure that your systems are interoperable regardless of manufacturer, that they are equipped with the latest technology, and that your investment continues to pay off in the long run. All equipment should adhere to standards laid by the International Telecommunications Union (ITU).

12. What is a CODEC?
CODEC is an acronym for Coder/Decoder. This device encodes (for transmission) and decodes (upon receipt) digital video and analogue audio signals so these signals occupy less bandwidth during transmission.

13. Can I connect a PC to the videoconferencing system?
You can connect a PC to a videoconferencing system in order to share and show files from your PC to the other participants in the videoconference. The connection can be made using a cable between the system and the PC, or using a wireless software connection. The "best" way depends on your personal preference and your choice of videoconferencing system.

14. Can I connect several sites at the same time in a single call?
Yes, connecting several sites at the same time is one of the greatest values of videoconferencing. A videoconferencing system can let you do it easily in various different ways. The first way is through the multi-site feature, which is embedded in many of the videoconferencing systems. Such a feature lets you connect 3 - 5 video and 1 audio sites in a single call with the simple touch of a button. The other alternative is the Multi-site Conferencing Unit often referred by the acronym MCU, which enables the connection of up to 16 video and 16 audio sites.

15. Can I see the presenter and presentation at the same time in a videoconferencing call?
The advantage of videoconferencing compared to other forms of communications technology is that you can see the people you are talking to. Some of the OEMs offer the Duo Video feature through which you can maintain eye contact with a presenter while viewing the presentation on the other screen.

16. What is the future of videoconferencing?
As more and more organizations adopt videoconferencing technology and experience the benefits it brings, systems are being deployed at unprecedented rates. Combined with the advancements in technology, the integration of voice, video and data, and the developments in network infrastructure, videoconferencing is becoming a mission critical tool for enterprises, educational institutions, and healthcare providers.


Return to top


 
3. network security

1) What is a firewall?

A firewall protects networked computers from intentional hostile intrusion that could compromise confidentiality or result in data corruption or denial of service. It may be a hardware device (see Figure 1) or a software program (see Figure 2) running on a secure host computer. In either case, it must have at least two network interfaces, one for the network it is intended to protect, and one for the network it is exposed to. A firewall sits at the junction point or gateway between the two networks, usually a private network and a public network such as the Internet. The earliest firewalls were simply routers. The term firewall comes from the fact that by segmenting a network into different physical subnetworks, they limited the damage that could spread from one subnet to another just like fire doors or firewalls.

Figure 1: Hardware Firewall
Hardware firewall providing protection to a Local Network
Hardware Firewall

Figure 2: Computer with Firewall Software
Computer running firewall software to provide protection
Computer with Firewall Software

2) What does a firewall do?
A firewall examines all traffic routed between the two networks to see if it meets certain criteria. If it does, it is routed between the networks otherwise it is stopped. A firewall filters both inbound and outbound traffic. It can also manage public access to private networked resources such as host applications. It can be used to log all attempts to enter the private network and trigger alarms when hostile or unauthorized entry is attempted. Firewalls can filter packets based on their source and destination addresses and port numbers. This is known as address filtering. Firewalls can also filter specific types of network traffic. This is also known as protocol filtering because the decision to forward or reject traffic is dependant upon the protocol used, for example HTTP, ftp or telnet. Firewalls can also filter traffic by packet attribute or state.

3) What can't a firewall do?
A firewall cannot prevent individual users with modems from dialing into or out of the network, bypassing the firewall altogether. Employee misconduct or carelessness cannot be controlled by firewalls. Policies involving the use and misuse of passwords and user accounts must be strictly enforced. These are management issues that should be raised during the planning of any security policy but that cannot be solved with firewalls alone.

The arrest of the Phonemasters cracker ring brought these security issues to light. Although they were accused of breaking into information systems run by AT&T Corp., British Telecommunications Inc., GTE Corp., MCI WorldCom, Southwestern Bell, and Sprint Corp, the group did not use any high tech methods such as IP spoofing (see question 10). They used a combination of social engineering and dumpster diving. Social engineering involves skills not unlike those of a confidence trickster. People are tricked into revealing sensitive information. Dumpster diving or garbology, as the name suggests, is just plain old looking through company trash. Firewalls cannot be effective against either of these techniques.

4) Who needs a firewall?
Anyone who is responsible for a private network that is connected to a public network needs firewall protection. Furthermore, anyone who connects so much as a single computer to the Internet via modem should have personal firewall software. Many dial-up Internet users believe that anonymity will protect them. They feel that no malicious intruder would be motivated to break into their computer. Dial up users who have been victims of malicious attacks and who have lost entire days of work, perhaps having to reinstall their operating system, know that this is not true. Irresponsible pranksters can use automated robots to scan random IP addresses and attack whenever the opportunity presents itself.

5) How does a firewall work?
There are two access denial methodologies used by firewalls. A firewall may allow all traffic through unless it meets certain criteria, or it may deny all traffic unless it meets certain criteria (see figure 3). The type of criteria used to determine whether traffic should be allowed through varies from one type of firewall to another. Firewalls may be concerned with the type of traffic, or with source or destination addresses and ports. They may also use complex rule bases that analyze the application data to determine if the traffic should be allowed through. How a firewall determines what traffic to let through depends on which network layer it operates at. A discussion on network layers and architecture follows.


Return to top



Figure 3: Basic Firewall Operation
Basic Firewall Operation

6) What are the OSI and TCP/IP Network models?
Firewalls operate at different layers to use different criteria to restrict traffic. The lowest layer at which a firewall can work is layer three. In the OSI model this is the network layer. In TCP/IP it is the Internet Protocol layer. This layer is concerned with routing packets to their destination. At this layer a firewall can determine whether a packet is from a trusted source, but cannot be concerned with what it contains or what other packets it is associated with. Firewalls that operate at the transport layer know a little more about a packet, and are able to grant or deny access depending on more sophisticated criteria. At the application level, firewalls know a great deal about what is going on and can be very selective in granting access.

Figure 4: The OSI and TCP/IP models
The OSI and TCP/IP models

It would appear then, that firewalls functioning at a higher level in the stack must be superior in every respect. This is not necessarily the case. The lower in the stack the packet is intercepted, the more secure the firewall. If the intruder cannot get past level three, it is impossible to gain control of the operating system.

Figure 5: Professional Firewalls Have Their Own IP Layer

The OSI and TCP/IP models
Professional firewall products catch each network packet before the operating system does, thus, there is no direct path from the Internet to the operating system's TCP/IP stack. It is therefore very difficult for an intruder to gain control of the firewall host computer then "open the doors" from the inside.


Return to top



7) What different types of firewalls are there?
Firewalls fall into four broad categories: packet filters, circuit level gateways, application level gateways and stateful multilayer inspection firewalls.

Packet Filtering Firewall
Packet Filtering Firewall

Circuit level Gateway
Packet Filtering Firewall

Application level Gateway
Application level Gateway

Stateful Multilayer Inspection Firewall
Stateful Multilayer Inspection Firewall

8) Is a firewall sufficient to secure my network or do I need anything else?
The firewall is an integral part of any security program, but it is not a security program in and of itself. Security involves data integrity (has it been modified?), service or application integrity (is the service available, and is it performing to spec?), data confidentiality (has anyone seen it?) and authentication (are they really who they say they are?). Firewalls only address the issues of data integrity, confidentiality and authentication of data that is behind the firewall. Any data that transits outside the firewall is subject to factors out of the control of the firewall. It is therefore necessary for an organization to have a well-planned and strictly implemented security program that includes but is not limited to firewall protection.

9) What is IP spoofing?
Many firewalls examine the source IP addresses of packets to determine if they are legitimate. A firewall may be instructed to allow traffic through if it comes from a specific trusted host. A malicious cracker would then try to gain entry by "spoofing" the source IP address of packets sent to the firewall. If the firewall thought that the packets originated from a trusted host, it may let them through unless other criteria failed to be met. Of course the cracker would need to know a good deal about the firewall's rule base to exploit this kind of weakness. This reinforces the principle that technology alone will not solve all security problems. Responsible management of information is essential. One of Courtney's laws sums it up: "There are management solutions to technical problems, but no technical solutions to management problems".

An effective measure against IP spoofing is the use of a Virtual Private Network (VPN) protocol such as IPSec. This methodology involves encryption of the data in the packet as well as the source address. The VPN software or firmware decrypts the packet and the source address and performs a checksum. If either the data or the source address has been tampered with, the packet will be dropped. Without access to the encryption keys, a potential intruder would be unable to penetrate the firewall.

10) Firewall related problems
Firewalls introduce problems of their own. Information security involves constraints, and users don't like this. It reminds them that Bad Things can and do happen. Firewalls restrict access to certain services. The vendors of information technology are constantly telling us "anything, anywhere, any time", and we believe them naively. Of course they forget to tell us we need to log in and out, to memorize our 27 different passwords, not to write them down on a sticky note on our computer screen and so on.

Firewalls can also constitute a traffic bottleneck. They concentrate security in one spot, aggravating the single point of failure phenomenon. The alternatives however are either no Internet access, or no security, neither of which are acceptable in most organizations.

11) Benefits of a firewall.
Firewalls protect private local area networks from hostile intrusion from the Internet. Consequently, many LANs are now connected to the Internet where Internet connectivity would otherwise have been too great a risk.

Firewalls allow network administrators to offer access to specific types of Internet services to selected LAN users. This selectivity is an essential part of any information management program, and involves not only protecting private information assets, but also knowing who has access to what. Privileges can be granted according to job description and need rather than on an all-or-nothing basis.
 
Return to top


 
Home | About Us | Products | Support | Clientle | Careers | Other Businesses | Contact Us | Site Map