Re: Blocking p2p traffic

[John Ladwig <John.Ladwig () SO MNSCU EDU>]

I recall that might have been part of our decision to move to Procera gear.

From: The EDUCAUSE Security Constituent Group Listserv [mailto:SECURITY () LISTSERV EDUCAUSE EDU] On Behalf Of 
Santabarbara, Angelo
Sent: Tuesday, May 07, 2013 2:40 PM
To: SECURITY () LISTSERV EDUCAUSE EDU
Subject: Re: [SECURITY] Blocking p2p traffic

FYI, we made the mistake of upgrading our bandwidth license on the Packeteer 10,000 to 1 Gb only to find that it can't 
really handle that bandwidth even though BlueCoat will sell you that license.


Angelo D. Santabarbara
Director of Networks & Systems
Siena College
518-782-6996
ASantabarbara () siena edu<mailto:ASantabarbara () siena edu>

***Siena ITS staff will NEVER ask for your password or other confidential information via email.***

CONFIDENTIALITY NOTICE: This e-mail, including any attachments, is for the sole use of the intended recipient(s) and 
may contain confidential and privileged information. Any unauthorized review, use, disclosure, or distribution is 
prohibited. If you received this e-mail and are not the intended recipient, please inform the sender by e-mail reply 
and destroy all copies of the original message.

On Tue, May 7, 2013 at 2:23 PM, David Curry <david.curry () newschool edu<mailto:david.curry () newschool edu>> wrote:
I did promise a summary once the responses died down, so here it is. The following solutions were mentioned:

  *   Add more bandwidth instead of trying to block
  *   Procera
  *   NetEqualizer
  *   Exinda
  *   TippingPoint IPS
  *   SourceFire IPS
  *   Fortinet
  *   Cisco SCE
Exinda was mentioned by two people; all the others were mentioned by one person each. Everybody seems to be generally 
happy with their solutions; Procera and NetEqualizer received perhaps somewhat more enthusiastic "likes" than the 
others, but that's my subjective reaction.

Thanks to all who responded.


--Dave




--

DAVID A. CURRY, CISSP * DIRECTOR OF INFORMATION SECURITY

THE NEW SCHOOL * 55 W. 13TH STREET * NEW YORK, NY 10011

+1 212 229-5300 x4728 * david.curry () newschool edu<mailto:david.curry () newschool edu>

On Thu, May 2, 2013 at 4:31 PM, David Curry <david.curry () newschool edu<mailto:david.curry () newschool edu>> wrote:

We currently have an aging Packeteer whose sole remaining purpose in life is to "shape" peer-to-peer file sharing 
traffic (BitTorrent and friends) down to zero, thus keeping us from receiving DMCA takedown requests. It's worked well 
at this for several years, but now we're starting to max it out as far as licensed bandwidth goes, and we're not 
inclined to spend more money on such an old device.

So... we're in the market for something new, and thought we'd ask what other schools are using. From a bit of research 
it looks like Procera and Exinda are still in that space; A10 has a product on their website still, but it doesn't look 
like there's much focus on it anymore (maybe we're wrong). Juniper SRX firewalls (which we own) have some capabilities 
in this space via their AppID stuff; we'd be interested in hearing from anyone using them for that purpose. And yes, we 
know that Palo Alto firewalls can do it -- but we don't have Palo Altos and have no plans to purchase them anytime 
soon, so that's not really an option for us.

If you're using something OTHER THAN a Palo Alto firewall to block/limit/reduce peer-to-peer traffic:

  *   What product are you using?
  *   What are you doing with peer-to-peer (blocking, limiting, etc.)
  *   How well is it working?
  *   Do you like it?
After responses taper off, I'll summarize back to the list.

Thanks,
--Dave




--

DAVID A. CURRY, CISSP * DIRECTOR OF INFORMATION SECURITY

THE NEW SCHOOL * 55 W. 13TH STREET * NEW YORK, NY 10011

+1 212 229-5300 x4728 * david.curry () newschool edu<mailto:david.curry () newschool edu>