To make a simple call, it's almost as if Skype sets up 10-plus proxy servers to make its own virtual telephone...
network. Is it safe to have that many connections?
A telephone company or VoIP provider uses its own centralized servers, and the company is then responsible for keeping the servers up and running. To keep a connection alive, it's sufficient to establish a single connection to the business-managed server.
Skype, however, is a peer-to-peer service that uses a distributed network of "supernodes" to facilitate communication throughout the world.
Skype's supernodes are simply other Skype users that have public IP addresses. When they connect to Skype, the network chooses them to be a supernode and then takes advantage of their bandwidth and computing resources to serve other Skype users. This "volunteerism" is allowed under the terms of the Skype user agreement. Using volunteer systems introduces reliability concerns. The owner of such a system may turn it off or disconnect it from the network at any time. Therefore, you may need to connect to more than one supernode to facilitate your communication. There's also the possibility that your system has been "volunteered" as a supernode, an action that could cause your system to begin routing calls for other Skype users on the Internet.
I've loaded my response with "maybes" and "possibilities" because Skype is a proprietary, closed-source tool, and its creators do not publish the technical details of their protocol. This is one of my biggest problems with Skype; I simply don't like the idea of accepting an agreement that allows someone else to use my computer, but does not disclose the precise details of what's happening. For a detailed look at the potential security risks that applications like Skype pose to both the client and the enterprise, I recommend reading my tip, Skype: Its dangers and how to protect against them.
- Learn what the recent Skype outage revealed about VoIP security.
- Check out SearchSecurity.com's VoIP Security Learning Guide.
Dig Deeper on Network Device Management
Related Q&A from Mike Chapple
Cloud compliance issues are no reason for enterprises not to move to the cloud. Expert Mike Chapple explains why, as well as what to keep in mind ...continue reading
The GAO reported on SEC cybersecurity weaknesses, even though the SEC regulates cybersecurity. Expert Mike Chapple discusses the effects of this ...continue reading
Enterprise compliance can be a burden to manage, which is where a PCI ISA can be helpful. Expert Mike Chapple explains how a PCI Internal Security ...continue reading
Have a question for an expert?
Please add a title for your question
Get answers from a TechTarget expert on whatever's puzzling you.