Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
566
Views
0
Helpful
1
Replies

using nbar to block peer 2 peer traffic

dhalevi
Level 1
Level 1

‎11-15-2010 09:08 AM - edited ‎03-04-2019 10:28 AM

hi all,

I had a discussion in the "Other Security Subjects" forum, and the answer I received was that NBAR is not good at blocking peer to peer traffic.

Here is the discussion, https://supportforums.cisco.com/message/3226205 .

Can someone else please weigh in on this?  Is NBAR not good for blocking peer 2 peer traffic?

thanks in advance!

Labels:
0 Helpful
1 Reply 1

stephen.stack
Level 4
Level 4

‎11-15-2010 02:24 PM

Hi There,

This paticular config has worked really well for me in the past.

But as with all apps, P2P progesses, and finds ways to circumvent

these types of application level inspection mechanisms.

My own opinion is to use a reliable proxy server, websense or bluecoat or similar.

Perhpas consider locking down outbound traffic to specific ports i.e. 80, 53, 443, 25, 110 etc..

Even at that a lot of P2P apps use port 80 now.

HTH

Stephen

========================== http://www.rconfig.com A free, open source network device configuration management tool, customizable to your needs! - Always vote on an answer if you found it helpful
0 Helpful
Customers Also Viewed These Support Documents