Hello,
We use two FortiGate 3700D (HA cluster) running FortiOS v5.2.3 build670 (GA), managed from FortiManager v5.2.2-build0706 150415.
We'd like to allow Skype audio and video communications, but block other services as files transfer and apps sharing (share a desktop or application screen).
We plan to create a new Application Sensor to filter Skype.
Inside Fortiguard, and Application Filter, there are Skype and Lync Application Filter.
If I don't make a mistake, Microsoft merge Lync and Skype.
Thus, could we filter Skype via Microsoft.Lync_* Application Filter?
Do you know if Lync is now Skype for business only, and not "generic" Skype?
If yes, we should block "Skype" Application Filter, force our users to use Skype for business (formely Lync), and filter these communications via Microsoft.Lync_* Application Filter?
Block: Skype (and/or Skype_Communication), Microsoft.Lync_Apps.Sharing, Microsoft.Lync_File.Transfer
Monitor: Microsoft.Lync_Audio, Microsoft.Lync_Video
What is your opinion on that?
Regards,
Chris
Nominating a forum post submits a request to create a new Knowledge Article based on the forum post topic. Please ensure your nomination includes a solution within the reply.
Hi, we use both Skype and SkypeForBusiness (formerly Lync) in our company. The two products are different meaning that they use a different set of ports. Moreover SkypeforBusinss ports can be customized (and this is good as far as the standard implementation use a common port range for several services). You have to set application filterss and rules separately for each software and, probably, to customize S4B ports in order to block/allow single services. We spent almost a day analyzing and fixing this (mainly to apply QoS and traffic shapers to different service).
Bye
Gianluca
FGT: 50E,100D, 200D, 600D
FMG: VM64
FAZ: VM64
Gianluca is correct. It shows as lync/skype for business. Best practice in my personal opinion would be to standardize the ports and apply accordingly.
General skype is just desktop skype for regular users.
Mike Pruett
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1696 | |
1091 | |
752 | |
446 | |
228 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.