Juniper's NetScreen Secure Meeting appliance

If you're experimenting with Web conferencing, first look at a hosted service, such as WebEx or Microsoft Live Office. But the costs can add up quickly, especially if you have many users across your company engaging in Web conferencing. We found Juniper's NetScreen Secure Meeting appliance (SM-3000) makes both performance and economic sense for midsize to large firms looking to add Web conferencing abilities.

Simple setup

The SM-3000 is a 1U, rack-mounted appliance that connects quickly and easily into your network infrastructure. A serial console connection is used briefly to configure the basics: network configuration, choosing an administrator name/ password and setting the host name.

The first time you connect, you will need to set the time zone and feed it your license key. From that point on, you use an SSL  connection to drive the comprehensive and customizable Web-based dashboard that provides an excellent summary of what the SM-3000 is doing and how it's performing.

You can create and manage all your users in the locally stored database. The SM-3000 can authenticate users against several external directory services. We pointed the SM-3000 to a Microsoft Active Directory server and a Novell eDirectory server, but the SM-3000 also can authenticate against generic Lightweight Directory Access Protocol, RADIUS and other directory services (see How we did it). You are free to define numerous roles within the SM-3000, defining who can simply participate and who can create new meetings.

The SM-3000 is flexible and lets you modify scores of settings to provide the level of security  you need. On an internal deployment, you can relax browser cookie requirements and allow roaming addresses. But if you want the outside world to access the SM-3000, you might want to tighten things up, such as mandating longer SSL key lengths and not using persistent browser cookies.

Getting the users ready

Users can participate in the Web conference with a browser equipped with a Java Virtual Machine (JVM).

Meeting participants fall into two categories: authenticated or guests. Authenticated participants will authenticate to the SM-3000, locally or through one of your directory services. Once authenticated, users are greeted with a schedule of the day's meetings to which they are invited. If they have rights to create new meetings, buttons appear that can schedule meetings or launch an instant meeting.

Invitations are sent to external users (clients and customers) via e-mail. A link in the e-mail takes them to a sign-in screen for that meeting. The meeting number is encoded in the URL, and the participant must provide the generated password for the meeting and his name.

It is interesting that security must be relaxed from the defaults to allow guest users. The defaults specify that only authenticated users can participate in meetings, and only people who are invited can join. You first must let unauthenticated guests connect and then let meetings be joined with a password. For example, if you wanted a client to join a meeting, he would receive an e-mail invitation to the meeting and how to link to it. He would connect as an unauthenticated guest and would only be allowed to join if he could supply the meeting password.