cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
254
Views
0
Helpful
2
Replies

Using NBAR to block IM

danielj
Level 1
Level 1

I found an article about using NBAR to block P2P on Cisco Routers, but is it possible to block IM using the same features?

I have a PIX 525 connected to a 2610XM as my headend router.

TIA,

Daniel Jimenez

2 Replies 2

umedryk
Level 5
Level 5

Find out the port number used in that particular application ( As far as I know, IM is a chat application ), and block that port on PIX.

I'm interested as well.

As far as I know you can block IM in the following ways:

1) block the TCP port it uses, but this is problematic because they can and frequently do use port 80

2) block the login servers for the IM program - difficult to maintain

3) Use some sort of application aware mechanism like NBAR or Packeteer that can distinguish an application regardless of the layer4 port (like looking a layer7)

Can NBAR do this for IM?