Blocking Streaming Media

I have a network of about 30 users and a lot are starting to use Media players to stream Music, sports, etc. We have blown our data useage buy a long shot for the past 2 months and I want to put a stop to it.

Can anyone tell me how to block both Windows Media and Real Player Streams.

If it helps, I have a Netscreen 25 Firewall.

Thanks

Andrew
LVL 4
andrewharrisAsked:
Who is Participating?

[Webinar] Streamline your web hosting managementRegister Today

x
 
Yan_westConnect With a Mentor Commented:
Oh, and btw, people will  still be able to stream through port 80.. and you need it. Check in for firewall appliance if you can block  Mimes types.. (audio, etc..)

if you cannot, see if somewhere in your firewall config, you can block file extensions.. then you will be able to block all type of audio/video file (*.ram, *.wmv, *.wma, etc..)
0
 
Yan_westCommented:
You have to block all outgoing traffic to port 1755
Real Media: Port 554

Actually, I would block all port by default, only opening the needed one... 80 for Http, etc.. deny everything first, and open up as needed, this is the better approach.
0
 
andrewharrisAuthor Commented:
Hmmm. As I thought...Port 80...The $%^&*( :-)

Gonna leave it open for a while longer to see if there is any other ideas (I doubt it, but just in case).

Andrew
0
Firewall Management 201 with Professor Wool

In this whiteboard video, Professor Wool highlights the challenges, benefits and trade-offs of utilizing zero-touch automation for security policy change management. Watch and Learn!

 
grbladesCommented:
Hi andrewharris,
Does the netscreen support redirecting or validating URL's against a proxy server or blacklist There are various protocols for this such as WCCP.

If it does then you could setup a simple proxy server and configure it to allow/deny particular file types. You could also add on a blacklist to deny sites which only provide video files etc...

Even if it does not provide this functionality you could configure every browser to use the proxy and then only allow the proxy to access the web.
0
 
andrewharrisAuthor Commented:
grblades,

Not as far as I know. Thanks anyway

Andrew
0
 
amkesslerCommented:
Sonicwall has a Feature called IPS (intrusion Protection Services) that does that and more. It will do reporting and bocking of ay predefind or custom service.  


I know you have a Netscreen, but if you are considering a trade up,  I think Sonicwall has a tradeup program still in effect, I know they did for a while in the spring.  The cost of a 25 user sonicwall Tz 170 with the necessary bells and whistles should be no more that $1700.  The newist firmware even does external wireless AP's and guest services.  A very good thing to look at.
0
 
andrewharrisAuthor Commented:
OK,

Well no one seems interested. Thanks all.

Andrew
0
All Courses

From novice to tech pro — start learning today.