Firewall Wizards mailing list archives
Re: Blocking Video/Audio Streaming
From: Peter Trembath <trembath.peter () sbcglobal net>
Date: Tue, 23 May 2006 09:16:56 -0700 (PDT)
You absolutely can do this by integrating your PIX with a product like Websense. (Guess who I work for). PIXs natively support integration with Websense. I will keep the commercial to a minimum but yes, Websense is a web security product and can filter/block Video and Audio streaming on a signature and port level. So protocols trying to hide under say port 80 are still going to be detected and stopped. Feel free to call me off list and I can go through our solution quickly for you. I promise that I will NOT give up your name to a sale rep unless you want me to. -- Pete ------------------------------------------ Peter Trembath Systems Engineer - Central Region Websense, Inc. Securing ProductivityTM +1.248.522.7989 Office +1.248.522.7991 Fax +1.248.760.6871 Cell ptrembath () websense com http://www.websense.com ------------------------------------------ PaulM <pmelson () gmail com> wrote: -----Original Message----- Subject: [fw-wiz] Blocking Video/Audio Streaming
Many of the streaming video/audios uses http port 80 as transport, It is
possible to
block this type of traffic on Cisco PIX/IOS FW? a sample config will
really help me. The HTTP fixup doesn't allow you to deny a/v streams or files over HTTP on its own. You may be able to add an additional system (like a content filter or and IDS) that can leverage the PIX to block the connection once it is properly identified. Part of the problem is that you have a pretty big set of detection factors for this stuff inside of the HTTP headers. Maybe MIME type for some things, URL regex for others, and User-Agent for the rest. PIX can't do that on its own. PaulM _______________________________________________ firewall-wizards mailing list firewall-wizards () listserv icsalabs com https://listserv.icsalabs.com/mailman/listinfo/firewall-wizards Peter Trembath New Concepts in IT, LLC 30524 Barlow Farmington Hills, Michigan 48334 Home Phone: 248-851-3672 Personal Cell: 248-760-6871 peter () nci2t com www.nci2t.com _______________________________________________ firewall-wizards mailing list firewall-wizards () listserv icsalabs com https://listserv.icsalabs.com/mailman/listinfo/firewall-wizards
Current thread:
- Blocking Video/Audio Streaming R. Rocky (May 23)
- Re: Blocking Video/Audio Streaming PaulM (May 23)
- Re: Blocking Video/Audio Streaming Peter Trembath (May 24)
- Re: Blocking Video/Audio Streaming R. Rocky (May 24)
- Re: Blocking Video/Audio Streaming Rod Engelsman (May 24)
- Re: Blocking Video/Audio Streaming Mathew Want (May 24)
- <Possible follow-ups>
- Re: Blocking Video/Audio Streaming Horvath, Kevin M. (May 24)
- Re: Blocking Video/Audio Streaming Naveen Gowda (May 25)
- Re: Blocking Video/Audio Streaming PaulM (May 23)