Educause Security Discussion mailing list archives

Previous By Date Next
Previous By Thread Next

Re: classifying P2P traffic

From: "Lutzen, Karl F." <kfl () MST EDU>
Date: Tue, 29 Jan 2008 11:11:01 -0600
We use the Cisco SCE (Service Control Engine). It matches most P2P's and
has another match that looks at behavioral P2P. If a person attempts to
use encrypted P2P, the engine will match it (after a little while) as a
behavioral P2P and the proper controls are applied.  Very complex box,
but it works extremely well. 

We have the complaints to prove it :-). 

Karl F. Lutzen, CISSP
Systems Security Analyst - Principal
Missouri University of Science & Technology
Information Systems Security
kfl () mst edu 

Formerly University of Missouri-Rolla (UMR)

----Original Message-----
From: Youngquist, Jason R. [mailto:jryoungquist () CCIS EDU] 
Sent: Tuesday, January 29, 2008 8:50 AM
To: SECURITY () LISTSERV EDUCAUSE EDU
Subject: [SECURITY] classifying P2P traffic

What devices are you using to monitor P2P traffic and how well are they
working for you?  Is there some P2P traffic that you believe your
monitoring software isn't catching?  Ie. encrypted traffic, outdated P2P
definitions from the vendor, etc.


Thanks.
Jason Youngquist
jryoungquist () ccis edu
Previous By Date Next
Previous By Thread Next

Current thread: