blocking P2P clients and websites.. what are you using

Smallguy

Hi just wondering what so of you use for blocking web browsing and P2P apps


I know you can block them (P2P apps) using a software restriction policy but we are looking for a software or hardware solution that is easily scalable.

Linux solutions will also be considered as we have a pretty strong linux guy in the office


anyway let me know some of the products your using and how well they work

Megadeth4168

We use Websense where I work... I love it.

RTmarc

I block it directly at the firewall/gateway.

Smallguy

Megadeth4168 wrote:

We use Websense where I work... I love it.

we have looked at it

the prcing we saw was 15.00 ish per user, per year and with over 500 users that get's pricy

I did;nt personally see the pricing but maybe they have better options for larger companies

I really ca'nt see companies of 1000 + paying 15.00 per user there must be a bulk pricing


do you have any idea if the pricing above is accurate

Megadeth4168

Smallguy wrote:

Megadeth4168 wrote:

We use Websense where I work... I love it.

we have looked at it

the prcing we saw was 15.00 ish per user, per year and with over 500 users that get's pricy

I did;nt personally see the pricing but maybe they have better options for larger companies

I really ca'nt see companies of 1000 + paying 15.00 per user there must be a bulk pricing


do you have any idea if the pricing above is accurate

I Can find out when I get back to work tomorrow. We are paying for 150 clients on our Websense, it is worth it. The reporting features are incredible. You might even be able to suggest that the front end costs of Websense are balanced out by the savings in productivity. Not to mention the decrease in users be able to access sites known to harbor malicious content.
I don't mean for this to sound like a sales pitch, I'm just telling you our experience where I work has been 100% positive... At least in the IT department
Some people hate us for not allowing them to go to ESPN to check sports during working hours hehe

sprkymrk

Web Sense and Blue Coat are the two big players in this field, and the most expensive.

Linux solutions usually involve Squid and something like DansGuardian or squidguard.

snadam

RTmarc wrote:

I block it directly at the firewall/gateway.

+1 we have a fairly robust FW.

undomiel

I'll chime in on the firewall combined with squid, that's what we use here with much success. And much to the chagrin of the employees as they have been freaking out over the fact that she actually looks through all of the logs to know exactly what each and every employee is looking at.

hypnotoad

We have 1700 users and we don't own the PCs, nor can we dictate what goes on them. We use a packeteer (a layer 7 gateway) and all the P2P gets dropped. We also drop IRC not only because it is P2P but because it is a common control mechanism for trojans.

Packeteer is probably the de-facto standard in web filtering, at least it used to be. It kind of sucks because if you have a 10 megabit pipe, you have to buy a pretty expensive model...the only affordable ones, in my mind, are the small office models, but they only handle 2 megabits or so throughput.

As far as web site blocking, we don't block any, but I have looked at using NBAR's on our Cisco devices and manually updating the ACLs.

I have also debated blackhole-ing DNS entries for sites (manually), as we own the DNS servers people use. Anyone tried this?

Trailerisf

I go with websense... It works like a charm and is worth every penny...

Besides, I make money on the sale when my clients buy it... They are good to resellers. :P

liven

We use all of these:

websense
blue coat
squid
webwasher

The best....

Hmmm hard to say, they all work.

Squid is the cheapest. But you have not enterprise support. To me that is not a big deal, but lots of the bosses just gotta have a support contract. You know some one to call if something isn't working. To me it is usually not worth the money.

I was very impressed by the flexability of websense. But it is not cheap. Well then again neither was BC or webwasher. However they are did a VERY good job.

I don't think blue coat or webwasher has a per user fee, but I could be wrong. I don't usually buy the stuff, just config and maintain it.

Ahriakin

We filter well known ports at the perimeter firewall (For what they are worth these days since most are dynamic/tunnell through HTTP) but the real protection comes from the integrated IPS set to deny all P2P/Anonymizer traffic and enforce HTTP compliance on port 80, our dedicated webfilter is a Barracuda hardware unit set as bump-in-the-wire inline with the Firewall/IPS also set to block P2P. Last up is similar rules on Snort IDS' within the LAN.