Solved

Best ASA Setup to block most traffic

Posted on 2012-03-31
5
621 Views
Last Modified: 2012-04-23
Hi,

I've attempted to block bit torrents, but it seems a never ending battle. So, i'm thinking of blocking ALL traffic in/out apart from specific ports. Is this a good idea?

Aside from HTTP/HTTPS/SNTP/SMTP/POP3 is there anything else I should open?
0
Comment
Question by:radiosupport
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
5 Comments
 
LVL 2

Expert Comment

by:Sirjacksinurbox
ID: 37790212
Have you tried blocking the individual sites that the users' are getting the information from?

If they can't find the correct seed info, they shouldn't be able to download. Also, if you monitor it closely, you can find out who is doing it and file a disciplinary action.

I'm not sure if this will help, but you may be able to adapt what this article is saying and use it on your ASA: Block the Peer-to-Peer (P2P) and Instant Messaging (IM) Traffic Using MPF Configuration Example

It may take a little bit of work, but it looks like it may solve your problem.

Btw, do you also have a web filter (Barracuda)?
0
 

Author Comment

by:radiosupport
ID: 37790214
Hi,

Thanks. Our issue is with laptop users. They commence the download of the torrent off site, (therefore bypassing any URL filtering), then bring the laptop into work to use our bandwidth!

I "can" go down the disciplinary action, but I'm also after a quick fix...

We don't have a Barracuda, we use the CSC-SSM module.

Is my suggestion of locking down almost everthing not really feasible?
0
 
LVL 2

Expert Comment

by:Sirjacksinurbox
ID: 37790231
Pretty much, I'm pretty sure they can use those ports for torrenting just by switching up their configurations.

In CSC-SSM, have you tried the URL Filtering feature to block P2P?
0
 
LVL 2

Expert Comment

by:Sirjacksinurbox
ID: 37790563
My apologies, I actually realized that p2p traffic (not the site traffic, but the protocols) are layer 7 protocols.

I'm not sure that you would be able to block stuff like that on your network with an ASA. The most you could do would be to block the website.

Unless I'm missing something on the interwebs, your best bet would be to catch them in the act of downloading, and then narrow it down to them and forward it on to HR/Managers. Someone will have an example made of them and then it should stop.

A policy that we used at a place I used to work at was if they were caught using p2p on our networks, we would shut off their port to the outside world, only giving them local access to the network.

Sorry I couldn't be of more help. Good luck.
0
 
LVL 35

Accepted Solution

by:
Ernie Beek earned 500 total points
ID: 37791750
0

Featured Post

Efficient way to get backups off site to Azure

This user guide provides instructions on how to deploy and configure both a StoneFly Scale Out NAS Enterprise Cloud Drive virtual machine and Veeam Cloud Connect in the Microsoft Azure Cloud.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

If you have an ASA5510 then this sort of thing would be better handled with a CSC Module, however on an ASA5505 thats not an option, and if you want to throw in a quick solution to stop your staff going to facebook during work time, then this is the…
For months I had no idea how to 'discover' the IP address of the other end of a link (without asking someone who knows), and it drove me batty. Think about it. You can't use Cisco Discovery Protocol (CDP) because it's not implemented on the ASAs.…
As a trusted technology advisor to your customers you are likely getting the daily question of, ‘should I put this in the cloud?’ As customer demands for cloud services increases, companies will see a shift from traditional buying patterns to new…
Both in life and business – not all partnerships are created equal. Spend 30 short minutes with us to learn:   • Key questions to ask when considering a partnership to accelerate your business into the cloud • Pitfalls and mistakes other partners…

726 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question