A better alternative to using a basic firewall is to use a firewall that contains application-level filters. Most modern firewalls include packet filters that can tell what type of traffic is flowing across a port. For example, such a firewall would be able to identify SMTP traffic, even if it were flowing across Port 80, which is normally used for HTTP traffic. Because such firewalls are able to identify actual packet types based on...
their header (not just on their port number), it is possible to block some peer-to-peer applications just by filtering out certain protocols.
Packet filtering by itself is not enough though. If you are serious about blocking peer-to-peer-related network traffic, you need a firewall that does application filtering. Application filtering is kind of like an extension to stateful packet inspection. Stateful packet inspection can determine what type of protocol is being sent over each port, but application-level filters look at what a protocol is being used for. For example, an application-level filter might be able to tell the difference between HTTP traffic used to access a Web page and HTTP traffic used for file sharing, whereas a firewall that is only performing packet filtering would treat all HTTP traffic the same.
If you are thinking of buying a firewall that does application filtering, then be sure to look for one that is specifically designed to block peer-to-peer applications. The firewall manufacturer should also offer periodic updates that allow the firewall to block new file-sharing applications and new versions of existing peer-to-peer applications.
Blocking peer-to-peer applications
Step 1: Blocking peer-to-peer applications
Step 2: Firewalls
Step 3: Application-level filters
Step 4: Software restriction with Group Policy
|ABOUT THE AUTHOR:|
| Brien M. Posey, MCSE, is a Microsoft Most Valuable Professional for his work with Windows 2000 Server and IIS. He has served as CIO for a nationwide chain of hospitals and was once in charge of IT security for Fort Knox. As a freelance technical writer, he has written for Microsoft, TechTarget, CNET, ZDNet, MSD2D, Relevant Technologies and other technology companies. You can visit his personal Web site at www.brienposey.com.
Copyright 2005 TechTarget