Appendix Network Connection
ViaVideo User’s Guide 74 www.polycom.com
unauthorized access. The need for protection must be balanced
against the need to communicate with the outside world. This is why
most security solutions focus on minimizing the risk until it reaches
an acceptable level.
Opening ports in the firewall might seem at first like an unnecessary
security risk. However, there are in reality so many ports (65535
)
that simply discovering which port might be open is difficult enough.
In addition to the sheer number of ports, protections written into the
operating system make it very difficult to gain unauthorized access
to your network, even if those ports are open. Finally, only port 1720
is open to receive incoming requests. The range of six ports is only
open in your PC during a call.
If “safe enough” isn’t secure enough for you, then setting your
VIaVideo up in a DMZ is safer option. For more information about
DMZs, see the next section.
What’s a DMZ?
Most firewalls provide DMZ configuration as a way to allow high
availability access for web servers and video communications
servers (that’s your PC running ViaVideo) while providing firewall
access for the other devices in the network. A DMZ is not a physical
location, but is instead a way to configure your network so that the
devices that are “in” the DMZ are served by the router, but are
outside the protection of the firewall. Devices in the DMZ then
communicate with the other devices in the internal network through
the firewall.
This solution creates a “safe zone” within your internal network by
effectively placing the video communications server outside of the
firewall’s protection. In this way, no unauthorized connections are
allowed within the firewall-protected zone, and the video
communications server is allowed free access to the internet. Note
that this configuration leaves the video communications server
without protection from external sources.
Setting up your ViaVideo’s computer in a DMZ is the quickest way to
configure your ViaVideo to run while using a firewall. For more
information about configuring your video communications server in
a DMZ, see “Router With Firewall, Using a DMZ,” on page 68.
ViaVideoUG.book Page 74 Thursday, December 7, 2000 2:49 PM