blocking file-sharing subcategory

Reply
Not applicable

blocking file-sharing subcategory

I would like to block everything in the file-sharing subcategory of the general-internet category. Currently we are allowing this subcategory.

I would like to see what the impact of a policy like this would be, so I setup a policy for this subcategory but set it to allow so I can look at the traffic log for everything that triggers on this rule. I am seeing a lot of traffic hit this policy probably because I had to add so many applications to the rule (like web-browsing & ssl) so that the packets can be broken down further.

Is there a recommended way to block this traffic?

L6 Presenter

Hi...You can run a report on your network to see what apps would match the subcategory.  This will give you an idea of the policy you want to enforce.  The report setting can be:

timeframe: last 7 days

database: Application Statistics

filter:  (subcategory-of-name eq file-sharing)

Typically, most enterprises would block file-sharings that are peer-2-peer like bittorrent & gnutella.  May we suggest that you start with that.  Thanks.

Not applicable

I ran a report on sub-category of file-sharing and it shows me that bittorrent (for example) is being used. Now how do I find out who is using bittorrent?

L6 Presenter

If you have userid configured you should see a username aswell, otherwise at least the srcip.

You can use the same rule in ACC to get this data (dont forget to change timeline otherwise you will watch just last hour or such).

Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!