Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
2235
Views
0
Helpful
2
Replies

AIP-SSM-20 and P2P (bittorent) traffic

sjones@techsgi.com
Level 5
Level 5

‎01-18-2011 12:54 PM - edited ‎03-10-2019 05:14 AM

Hello everyone--i'm trying to figure out a way to block bittorent/P2P traffic for an education client, and short of Ironport, i think the IPS/IDS module for the ASA might work but i'm wondering if anyone has had any success in doing this?    Is it an effective fix or is a webfiltering appliance the best route to go.  Bear in mind that aside from the LAN traffic and internal wireless, they also have public wi-fi through out the campus that will need to be addressed for this as well.  Does anyone have any suggestions?  Thanks

Scott J.

Labels:
0 Helpful
2 Replies 2

fadlouni
Level 1
Level 1

‎01-20-2011 01:08 PM

Hi.

With the IPS module you can reduce bittorrent activity by enabling blocking/dropping with bittorrent signature IDs:

1-11020 (and all subsignatures which fire on different types of bittorrent traffic).

2- 11030

3- 11031.

other p2p traffic signatures can be found here:

http://tools.cisco.com/security/center/viewAlert.x?alertId=86

Regards,

Fadi.

Does this Answer your question? if yes, please mark it so.

0 Helpful

network770
Level 1
Level 1
In response to fadlouni

‎08-26-2011 08:58 AM

Blocking p2p traffic can only be done with the aip-ssm module?

what about plain firewall rules and inspections? which is more preferable and productive?

are there specific portst that p2p traffic uses that i can block as incoming traffic on the firweall coming from the outside?

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card