Home About Us Services Sign Up Contact
Welcome Who We Are What We Offer Register With Us Talk To Us
Main Image Readycomm
Participant Login     Moderator Login
Presenter Software
(Download)
Webcasting Security

 Summary
With the growing utilization of streaming media in the internal corporate communications area, more and more companies are becoming concerned with the security of their streaming communications. This document is intended to provide a non-technical overview of the various types and levels of security available to users of the VisualWebcaster system.

Essentially, there are two types of security available…Web Page Security and Stream Security. The levels and types of each are explained below.

Web Page Security
Within the VisualWebcaster platform, the Media Player console is launched from a Listen Page (also called a Launch Page). This can be either a standard, dynamically-generated web page created by the VisualWebcaster system, or can be a static, custom web page created by ReadyComm Corporation (or even one created and hosted by a client or reseller). There are three ways to protect this page against unauthorized access, thereby limiting the ability to reach the Player to those authorized.

  • Common Password Protection: This is a standard, no-charge feature of the VisualWebcaster platform. It is available for selection when the event is ordered, or can be added (or deleted) later via the Edit Basic Event Info page. This allows a client to select one common password which will then be distributed to those invited/authorized to access the webcast. This is the simplest form of Web Page security, but is also the least secure. It can be defeated by brute force (simply guessing likely passwords until one works) or by having authorized users share the password with unauthorized users.

  • Individual User Password Protection: This is the next level of Web Page security, and is typically used for internal employee communications, particularly when some or all of the authorized users will be accessing the webcast via the public Internet (as opposed to an Intranet behind a firewall). To implement this security level, the client provides ReadyComm with a list of authorized User Names and Passwords, usually via an Excel spreadsheet. When an authorized user reaches the Event URL for the first time, they are prompted to enter their unique User Name and Password. On submission, our software authenticates the entry against the authorized list and, if authentic, places a “cookie” on that users computer and allows access to the Listen Page. If the authorized user leaves the page and comes back at a later time, there is no additional prompt for the password again, since that computer has already been authenticated. If another user attempts to use the same User Name and Password on a different computer, they will be denied access, since that User name and Password has already been used once.

    While this method of Web Page security does provide good security control, it can be cumbersome to administer, since someone on the client side must create the list of User Names and Passwords, and then distribute them individually to the authorized users.

    As this level of Web Page security requires a modest amount of custom programming, there is normally a cost incurred, usually less than $1,000.

  • Internal/Intranet Security Application: Most mid-sized to large companies today utilize an Intranet, which is simply a network that exists only behind a company’s firewall. Web Pages hosted on this Intranet can typically be accessed only by users within the network. By combining a URL redirect on the client’s Intranet server with a special security URL containing a hidden password, the VisualWebcaster Listen Page can only be reached from inside the client Intranet. Since the password is hidden, and is removed before the Listen Page opens, the authorized users never see this password, making it impossible for them to share this password with unauthorized users outside of the Intranet. When this security feature is utilized, our Player console will open only from this protected Listen Page.

    As this level of Web Page security requires a modest amount of custom programming, there is normally a cost incurred, usually less than $1,500 for the first time it is used, and less than $500 for each subsequent event for the same client.


    • Stream Security
    Streaming media files, such as Windows Media or Real Media, are typically delivered to the end user from Media Servers operated by a Content Delivery Network (CDN) such as Akamai, Speedera, and others. Since these servers deliver the streaming media files to the end user via the public Internet, it is possible for a computer “hacker” to intercept these streams as they are delivered. It is also possible for a hacker to determine the URL of the stream being delivered by the CDN, even though this URL is not normally visible via the VisualWebcaster player.

    For webcasts intended for internal only audiences (such as employees) who are all able to access a company’s Intranet behind a firewall, additional security is possible through the use of Multicasting or Unicasting. This involves installing a media server (usually a Windows Media Server, rather than a Real Server) on the client’s network behind their firewall. The client’s media server then “pulls” the live stream directly from the VDAT encoder and distributes it within their network. Since this stream does not utilize a CDN, there is no URL for a hacker to discover. The VDAT firewall is configured to allow only the client’s media server to pull the stream, and the client’s firewall is configured to deny access to anyone outside of their firewall. This is generally considered to be a very secure protocol, since no CDN is involved. However, it is theoretically possible to intercept the data stream at the ISP router level, particularly by individuals with administrative access to those routers. Therefore, some client’s may want to implement even greater stream security, as described below.

    There are two additional security measures that can be implemented for stream security. The first involves implementing a Virtual Private Network, or VPN solution. This allows for encryption of the data stream so that, even if it is intercepted at the ISP router level, it will be indecipherable.

    The second method involves the use of dedicated circuits, or Private Lines. In this protocol, a client would actually install one or more circuits (such as T-1’s) between their network and the VDAT network. This allows the streams to be pulled from the VDAT encoder by the client’s media server without ever entering the public Internet.

    ReadyComm is always available to consult with organizations on how to help them achieve their Webcasting security goals. Please contact your ReadyComm representative for more information.

    Info Help Desk (800) 305-5208
    Available 24/7
    New Service 877-988-9090
    sales@readycomm.com
    Rates Readycomm's technology Best Overall.
    Providers evaluated were Microsoft, Webex, IBM, Macromedia, Oracle and Raindance.
    Demo
    Features
    Security
    Overview