I use a Palo Alto firewall & a Procera Networks packet shaper to block P2P on our guest network. The Procera box also rate limits (rate & #cons) P2P on our student networks w/o blocking it entirely. This setup works very well for our shop.
We have an unwritten "thou shall not touch the student's computer" so I decided against using NAC agents for this purpose. Derek Johnson | Data Communications Coordinator FORT HAYS STATE UNIVERSITY 415 Lyman Dr. TH 101, Hays, KS 67601 (785) 628 - 5688 | [email protected] From: "Summers, William" <[email protected]> To: "Enterasys Customer Mailing List" <[email protected]>, Date: 09/13/2012 08:19 AM Subject: RE: [enterasys] Blocking bittorrent and P2P Many L7/deep inspection products claim they can block Bittorrent and P2P apps. In my experience/testing most have weaknesses. Enterasys has a new formed relationship with Palo Alto Networks. In my experience and testing the Palo Alto products do the job and integrate with NAC. Where the budget is short, consider inline snort with nfqueue. http://www.enterasys.com/company/literature/palo-alto-networks-sab.pdf http://media.paloaltonetworks.com/documents/enterasys.pdf William Summers Network Administrator Deerfield Academy --- To unsubscribe from enterasys, send email to [email protected] with the body: unsubscribe enterasys [email protected] --- To unsubscribe from enterasys, send email to [email protected] with the body: unsubscribe enterasys [email protected]
