blocking P2P clients and websites.. what are you using

SmallguySmallguy Member Posts: 597
Hi just wondering what so of you use for blocking web browsing and P2P apps


I know you can block them (P2P apps) using a software restriction policy but we are looking for a software or hardware solution that is easily scalable.

Linux solutions will also be considered as we have a pretty strong linux guy in the office


anyway let me know some of the products your using and how well they work

Comments

  • Megadeth4168Megadeth4168 Member Posts: 2,157
    We use Websense where I work... I love it.
  • RTmarcRTmarc Member Posts: 1,082 ■■■□□□□□□□
    I block it directly at the firewall/gateway.
  • SmallguySmallguy Member Posts: 597
    We use Websense where I work... I love it.

    we have looked at it

    the prcing we saw was 15.00 ish per user, per year and with over 500 users that get's pricy

    I did;nt personally see the pricing but maybe they have better options for larger companies

    I really ca'nt see companies of 1000 + paying 15.00 per user there must be a bulk pricing


    do you have any idea if the pricing above is accurate
  • Megadeth4168Megadeth4168 Member Posts: 2,157
    Smallguy wrote:
    We use Websense where I work... I love it.

    we have looked at it

    the prcing we saw was 15.00 ish per user, per year and with over 500 users that get's pricy

    I did;nt personally see the pricing but maybe they have better options for larger companies

    I really ca'nt see companies of 1000 + paying 15.00 per user there must be a bulk pricing


    do you have any idea if the pricing above is accurate

    I Can find out when I get back to work tomorrow. We are paying for 150 clients on our Websense, it is worth it. The reporting features are incredible. You might even be able to suggest that the front end costs of Websense are balanced out by the savings in productivity. Not to mention the decrease in users be able to access sites known to harbor malicious content.
    I don't mean for this to sound like a sales pitch, I'm just telling you our experience where I work has been 100% positive... At least in the IT department icon_lol.gif
    Some people hate us for not allowing them to go to ESPN to check sports during working hours hehe icon_twisted.gif
  • sprkymrksprkymrk Member Posts: 4,884 ■■■□□□□□□□
    Web Sense and Blue Coat are the two big players in this field, and the most expensive.

    Linux solutions usually involve Squid and something like DansGuardian or squidguard.
    All things are possible, only believe.
  • snadamsnadam Member Posts: 2,234 ■■■■□□□□□□
    RTmarc wrote:
    I block it directly at the firewall/gateway.

    +1 we have a fairly robust FW.
    **** ARE FOR CHUMPS! Don't be a chump! Validate your material with certguard.com search engine

    :study: Current 2015 Goals: JNCIP-SEC JNCIS-ENT CCNA-Security
  • undomielundomiel Member Posts: 2,818
    I'll chime in on the firewall combined with squid, that's what we use here with much success. And much to the chagrin of the employees as they have been freaking out over the fact that she actually looks through all of the logs to know exactly what each and every employee is looking at.
    Jumping on the IT blogging band wagon -- http://www.jefferyland.com/
  • hypnotoadhypnotoad Banned Posts: 915
    We have 1700 users and we don't own the PCs, nor can we dictate what goes on them. We use a packeteer (a layer 7 gateway) and all the P2P gets dropped. We also drop IRC not only because it is P2P but because it is a common control mechanism for trojans.

    Packeteer is probably the de-facto standard in web filtering, at least it used to be. It kind of sucks because if you have a 10 megabit pipe, you have to buy a pretty expensive model...the only affordable ones, in my mind, are the small office models, but they only handle 2 megabits or so throughput.

    As far as web site blocking, we don't block any, but I have looked at using NBAR's on our Cisco devices and manually updating the ACLs.

    I have also debated blackhole-ing DNS entries for sites (manually), as we own the DNS servers people use. Anyone tried this?
  • TrailerisfTrailerisf Member Posts: 455
    I go with websense... It works like a charm and is worth every penny...

    Besides, I make money on the sale when my clients buy it... They are good to resellers. :P
    On the road to Cisco. Will I hunt it, or will it hunt me?
  • livenliven Member Posts: 918
    We use all of these:

    websense
    blue coat
    squid
    webwasher

    The best....

    Hmmm hard to say, they all work.

    Squid is the cheapest. But you have not enterprise support. To me that is not a big deal, but lots of the bosses just gotta have a support contract. You know some one to call if something isn't working. To me it is usually not worth the money.

    I was very impressed by the flexability of websense. But it is not cheap. Well then again neither was BC or webwasher. However they are did a VERY good job.

    I don't think blue coat or webwasher has a per user fee, but I could be wrong. I don't usually buy the stuff, just config and maintain it.
    encrypt the encryption, never mind my brain hurts.
  • AhriakinAhriakin Member Posts: 1,799 ■■■■■■■■□□
    We filter well known ports at the perimeter firewall (For what they are worth these days since most are dynamic/tunnell through HTTP) but the real protection comes from the integrated IPS set to deny all P2P/Anonymizer traffic and enforce HTTP compliance on port 80, our dedicated webfilter is a Barracuda hardware unit set as bump-in-the-wire inline with the Firewall/IPS also set to block P2P. Last up is similar rules on Snort IDS' within the LAN.
    We responded to the Year 2000 issue with "Y2K" solutions...isn't this the kind of thinking that got us into trouble in the first place?
Sign In or Register to comment.