[Last Call] Learn how to a build a cloud-first strategyRegister Now

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 146
  • Last Modified:

Control VPN User on the total download

Experts:

We are in process of purchasing new hardware for VPN.  We have few requirements that we would like to implement.

1.  Give access to user to shared folders though control them on how much they can download or upload when they are working from remote site.  User cannot copy, let say 15MB, files to desktop or from desktop to network through VPN.

2.  Have the very good security.

3.  Currenlty we have Watchgaurd SOHO, we are looking into Watchguard X700.

Please provide feedback and input on how to implement. The major thing is controlling user on how much they can copy or delete or past through VPN connection.
0
Ankit_J_P
Asked:
Ankit_J_P
  • 2
1 Solution
 
Rich RumbleSecurity SamuraiCommented:
I've not seen this feature in a VPN solution yet, you can limit the bandwidth speed in most vpn's but not the total amount of up/downloads... it'd be very tough for a VPN to seperate the totals... VPN's use keep-alives and they add to the BW, and if your users are checking mail etc... that'd be tough for the client or the vpn concentrator to differntiate.
And looking over the specs and whitepapers this is also the case with the Watchguard equipment, and it's the same for cisco, you can limit BW (up or down) but you cannot limit a protocol's BW, such as ftp or smb.

An added benefit of most VPN's is the "Split-Tunneling" feature, where traffic that can be routed over the internet is routed over the internet, and traffic destined for the LAN is sent via the VPN. So if split-tunneling was enabled, if a user went to google.com that traffic would go out thier cable modem or dsl line, and if they accessed the company Intranet that would go over the vpn.

You can monitor useage, and be alerted when a certai threshold has been reached... but I know of no way to limit a protocol's BW totals...
You can set quota's on M$ file-systems or folders... but they don't allow you to increment them automatically, they just let you set a "hard" limit, like 15meg's for the desktop folder...

I hope another expert will have something more to offer...
-rich
0
 
Ankit_J_PAuthor Commented:
Thanks Rich.

How about in AD for specific user.  Can we limit on the server side that how much a user can download or upload?

thanks
0
 
Rich RumbleSecurity SamuraiCommented:
Here is a product that may do what your asking...
http://www.softperfect.com/products/bandwidth/manual/quotas.htm
http://www.softperfect.com/products/bandwidth/

Product                                                         Single user(One computer)       Small business(Up to 10 computers)       Unlimited(Site)
SoftPerfect Bandwidth Manager                               $99.00 US                                   $250.00 US                                          $800.00 US

Everything else I've found only does traffic shaping, which is rate BW limiting... i'll keep looking
-rich
0

Featured Post

Free Tool: SSL Checker

Scans your site and returns information about your SSL implementation and certificate. Helpful for debugging and validating your SSL configuration.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now