First off, I'd like to know how it is that you have managed to keep 2200
users happy through a single T1 :)
Paul made a good point earlier that these issues really are policy issues.
However, acknowledging that you are dealing with college students, rules and
policies aren't their top priority.
I've used a product called 'Little Brother' that does a great job at telling
you who is using what services and how much bandwidth they're using up. it
lists them by top talkers, etc. One of the nicer features is that you can
block access to certain sites, you can block downloading of files (and
specific files, such as .mp3), access to FTP sites, etc. This sits in
promiscuous mode next to the firewall so it offloads this overhead from the
firewall. Since it works in promiscuous mode, it doesn't really introduce
latency, but it may enforce the rule 'after the fact' (the web page may
begin to load before it aborts).
-Jesus
-----Original Message-----
From: Stewart Dean [mailto:[EMAIL PROTECTED]]
Sent: Monday, September 18, 2000 4:00 AM
To: [EMAIL PROTECTED]
Subject: Q2: How to Deal with Bandwidth Abuse
I have responsibilities at a small (approx 2200 user) liberal arts college.
We
have been slowly getting the expenditure to do appropriate upgrades to the
network and IT infrastructure, usually the crisis du jour that finally
makes it
clear to the administration that, yes, they really do have to loosen the
purse
string.
We have been dodging various bullets related to a) having one T1 line and
b)
the students have Napster/Gnutella/Scour. Things have come to a head, and
we are looking better handle what we presume to be student bandwidth abuse.
The students will have their own T1 line, and the faculty and staff another.
Still, we need to get a handle on locating bandwidth abuse offenders and
counseling them.
I'd like hear your experience with this problem. We have a pretty much
all
Cisco environment: a 5500 as a backbone, fiber to 2924s. All connections
are
out of a single switched port, or will be soon after we phase out the last
of our
old IBM hubs.
If there's a better place to ask this question, please suggest.
How do you track bandwidth abusers at the firewall? Can you identify
locations heavily used by abusers? What tactics have you come up with to
deal
with Gnutella and Scour?
to shift access control from router access control lists to a true firewall
in order
to get the benefits of logging, stateful connection handling and the
like.---
// "I build my cars to go, not to stop", Ettore Bugatti
// Stewart Dean Kingston, NY
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
