• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 8092
  • Last Modified:

How to block Stream Media,Itunes radio,WIndows Media Player radio, real audio readio, itunes radio

we have a T1 and currently have 30 users in it, and we are killing the bandwitdh, what i have found is that some of the users are playing radio, i would like to block all radio or most radio protocols using sonicwall 170 TZ, i know they all come thru port 80 but i cannot block this port because is also being utilize by Web traffic. is there a way i could create a real for port 80 inbound to block certain protocols? please help.

thanks
0
Cholo123
Asked:
Cholo123
1 Solution
 
tkuennenCommented:
To block iTunes your first need to start with the ports iTunes uses:
Port 3689 TCP
Port 5353 UDP
Blocking these ports on the firewall will stop iTunes streaming.

As for blocking all streaming media you will have to block all ports that the Real Time Streaming Protocol (RTSP) uses. To view the background of RTSP you will want to read the original RFC (2326) from the Internet Engineering Task Force.
http://tools.ietf.org/html/rfc2326
To view a list of the common IP ports you will want to review the common port listing from the Internet Assigned Numbers Authority (IANA)
http://www.iana.org/assignments/port-numbers
0
 
ajeabCommented:
you can block the site directly. and/or block known extension.  Also, make it a company policy not allow to stream.  When the users know that their job may be on the line, most will stop.
0
 
VCBoothCommented:
If they are coming through port 80 then you can either block the websites (as ajeab suggests) or, if you have Enhanced O/S and have downloaded the latest firmware then you can create an Application Firewall Rule for HTTP to block it.

Latest version has a wizard that should help you with this.

(With Application Firewall you can even throttle the bandwidth of the stations so that you don't need to block them entirely if it helps you)
0
Managing Security Policy in a Changing Environment

The enterprise network environment is evolving rapidly as companies extend their physical data centers to embrace cloud computing and software-defined networking. This new reality means that the challenge of managing the security policy is much more dynamic and complex.

 
keamoCommented:
With the TZ170 you can block specific ports that use streaming media.  i.e. RTSP 554 UDP/TCP.  But, I would recommend using a product called Surfcontrol(now Websense).  You can get very granular in your control of who/what/when accesses internet destinations.
0
 
Cholo123Author Commented:
would you be able use this software to block most of the radio stations out there? we have a enterprise networking using sonicwalls, about 40 offices.
0
 
keamoCommented:
Correct.  With Surfcontrol, you can block a number of different categories including Streaming Media.

http://www.surfcontrol.com/Default.aspx?id=374
SCwebfilter.pdf
0
 
Cholo123Author Commented:
thx already asked for a quote hopefully is not expensive.
0
 
keamoCommented:
That's the downside.  They're pricey.  But, IMHO, they are the best.  Good Luck!
0
 
Cholo123Author Commented:
one quick question in the tz 170 standard, firmware SonicOS Standard 3.1.5.0-2s, i dont have this protocol RTSP. i only have udp and tcp when creating ports. any tip if i should crate this somewhere else?
0
 
keamoCommented:
You should have an existing default service called "Quicktime" with a TCP port of 554.  Then you can create your own custom service with UDP 554 and call it whatever you want.

http://www.cs.columbia.edu/~hgs/rtsp/
0
 
Cholo123Author Commented:
got it thanks a bunch , i'm also seeing this guy, should i block that port?

RealAudio  7070 TCP  
0
 
keamoCommented:
Yep.  You can block anything you want.  You can also go to Logs, Reports and click on "Start Data Collection" then select "Bandwidth Usage by IP Address" to see where the heavy hitters are. (Let this run for awhile to gather data)
0
 
Cholo123Author Commented:
thanks alot appreciated all the info.
0

Featured Post

Free Tool: ZipGrep

ZipGrep is a utility that can list and search zip (.war, .ear, .jar, etc) archives for text patterns, without the need to extract the archive's contents.

One of a set of tools we're offering as a way to say thank you for being a part of the community.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now