June 16th, 2006, 04:03 PM
Disabling streaming on Network
I am in charge of a small office network about 70 PCs and one main Server. I have five Cisco 2950 series switches and a few other Cisco parts. Running a Cyberguard SG565 Firewall Controlling two incoming connections T1/cable. My server is a basic file server and there is no active directory services running.
I am currently running into a little problem with end users streaming online radio stations at their workstations. I know there must be a way to limit this activity or at least allocate a limited ammount of bandwidth for streaming. Is there a set of ports that could be closed and if so will they affect any other services? Is there another way to go about disabling streaming for ceertain machines/IPs? Any help?
June 16th, 2006, 08:26 PM
Had same problem once, until i had a look at the following (copy/pasted form private site) ;
As you might already know, there are a small collection of streaming media protocols in common use today. These include:
At first look it might appear to be easy to block streaming media protocols. Just donít create any rules that allow them. Thatís easy to do for MMS, RTSP and PMN, but its not so easy for HTTP. Obviously, you canít block HTTP, so we have to consider alternate methods to block streaming media moving over an HTTP application layer transport (note that HTTP is not a transport protocol, but we often refer to the application level protocol that carries the data as an application ĒtransportĒ).
There are a few options for controlling streaming media moving over the HTTP trasport. These include:
* Using the HTTP Security Filter to block headers used by the streaming media application
* Blocking connections to known streaming media sites
* Avoiding allow rules for streaming media sites. That is to say, you create allow rules for sites users are allowed to visit, and all other sites are denied
* Blocking the streaming media application using the Firewall client settings
* Blocking the Content Types used by streaming media applications
As you can see, there are a number of methods you can use to control streaming media protocols. However, one thing that doesnít exist is a magic bullet. None of these methods by itself will allow you to block all streaming media connections. However, by using a combination of methods, youíll be able to get the most control.
For those of you who donít have time to figure out all the streaming media sites, or do the research required to use all of these mechanisms to block streaming media, I highly recommend that you look at Websense or SurfControl.
For serial offenders, i throttled there bandwidth (at internal proxy). It was not so much what they where doing, its that they where doing it when the brass was gettin around. (ps. yeah she was a moody bi#ch)...
Comments on this post
June 19th, 2006, 07:57 AM
The simplest one is to put bad IPs in your DNS server for known media servers, then on a cisco router you can use NBAR or get like an asa5500, as stated above the expensive yet proven method is websense or any N2H2 firewall. You will however have trouble blocking it all. the mcafee web shield in bridge mode has shown to break almost everything streaming the programmers here hate me now LOL!