What can one do to stop peer2peer from accessing the Internet in an office environment?

There are  4 servers, 1 NT, 2 W2K, 1 Win2003.  The server is protected using Netscreen 25.

What is the best way for me to stop users on the network from using peer2peer software?
What is the best way to find which users is using any peer2peer software?

(On this I have asked on how I can use analyse AIDA32 generated csv file here

Have fun !


Who is Participating?
If you don't want to spend money, then it sounds like your left with blocking ports and protocols on your firewall.  My Cisco PIX is able to block specific ports or types of protocols.  You can also set Group Policies to stop specific applications from running.  I use this to block games on my entire network.
Though this isn't a free solution, programs such as WebSense and SurfControl allow you to block, track, and trace users of all kinds of internet applications.  You can find out who is chatting online, visiting playboy.com, using Kazaa, etc.  Then you can tell how long they're using each application, then you can block each application.  There are ways around SurfControl, but WebSense is pretty solid.  If you have average users either programs would work.  If you have a bunch of computer programmers, hackers, crackers, etc on your staff, you may have to get more aggressive.  

You can also configure your firewall to block certain ports and/or protocols, then monitor the log files to see which IP address made the attempted connection.  This solution isn't as clean or easy as the WebSense or SurfControl, and it doesn't generate pretty reports to include in the employee's personnel file when they are reprimanded,  but it will work.
sayhowAuthor Commented:
Thanks fhieber.

A search on Websense thrown up some interting link including this ...
that provides rather dated review on some blocking software.

This warrants further study.

Frankly I have not considered blocking software -- I  doubt I can get the money to spend on them.  So I have approached it via checking on software loaded on user's computer - and may be more agreesive Group Policy control.

If you read the review that you posted above, the version of WebSense that they tested and reviewed was from 2001.  That is 5 year old software.  That equates to about 100 years in Human years.  I found the version from 2004 to be very user friendly and effective.  My superiors made me switch to SurfControl with works, but is not as pleasant to use as WebSense.
sayhowAuthor Commented:
As I have menioned .. "rather dated review"

I have to look at a "cost-less" solution at this time.   As the company is unlikely to invest on any such commercial software at this time.

If it cannot be doen, I would just have to depend on AIDA32 reports to check on software installed, blocks port and so on.



Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.