Block Amazon Fire TV Stick with SonicWall

Would like to know how to block the use of Amazon Fire TV Stick our SonicWall NSA 2600.  
It was brought to my attention that a few of these have been seen lingering around the company and management has decreed that watching TV and movies while at your desk is not acceptable.
moletechAsked:
Who is Participating?

[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More

x
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

bbaoIT ConsultantCommented:
per my google search on Amazon Fire TV Stick, it seems the streaming service just uses HTTP and HTTPS over port 80 and 443, which means you can't simply block HTTP/HTTPS traffic anyway.

however, a simply traffic analysis on your firewall logs may tell you the host name(s) and IP(s) for the Amazon streaming services, then you may simply block the IPs or subnets accordingly.

be aware that on SonicWALL devices you need to define both NAT policy and firewall rules against the Amazon IPs (and ports if necessary). you may also run its wizard to simplify defining the rules.

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
Benjamin Van DitmarsSr Network EngineerCommented:
This sound more an Human Resources job. to make this anounched to the employees.
because this kinda devices have alot of peers from where the traffic comes.

and other option is to use the mac address of the devices and block all mac's with the first 3 blocks of the mac address. the vendor part.

this makes it inposible for the devices to even get an ip address from youre dhcp server.
or if you use NPS or Radius. they dont even get an active port.
moletechAuthor Commented:
You are absolutely correct that this is an HR issue.  The company has made it clear that they don't want anyone bringing Laptops or other personal entertainment devices into the workplace.  But there's always someone who feels the rules don't apply to them and then try to justify it when they get busted.  
My plan for now is to ask to borrow one from an employee and plug it in to my USB port and watch the traffic, then act accordingly.
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Hardware Firewalls

From novice to tech pro — start learning today.