IDS/IDP are used to scan for attacks using P2P as a vector, not to filter P2P altogether.
If your goal is to filter P2P then we may (this depends mostly on the protocol(s) we are trying to work against) be able to accomplish just that by setting up a set of IP Rules for you that are more restrictive. It would be much simplest to continue by phone at 1 877 354 6555 (our free Business Class Support line). If that is not an option then we can start by defining what P2P programs or protocols exactly are you trying to block?
Hi,
Thank you for your quick reply, the reason I am posting this is because my previous setup I was using a Zyxel ZyWall 5 with a Turbo Card and a IDP/IDS subscription. I was able to define in the filter that I want to block P2P application like BitTorrent, Emule and it is just so simple to create a rule and it works beautiful. Here I am struggling with the NetDefent DFL-800 to find a way and unsuccessful. This is 2 lines log entry from my Zyxel Zywall 5 with a Turbo card that is filtering P2P application, maybe it can give you some form of idea.
92|2009-04-03 19:13:16 |83.133.119.143:80 |192.168.0.153:1990 |Drop Packet
IDP ID:1053018, P2P BitTorrent seed download (W1 to L)! (Repeated: 3)
93|2009-04-03 19:11:12 |83.133.119.143:80 |192.168.0.153:1984 |Drop Packet
IDP ID:1053018, P2P BitTorrent seed download (W1 to L)!
Kindly advised because I am in Malaysia and the local support just mail me the FAQ which I had already read so I am lost and I do not think the number that you provide would work in Malaysia.
Regards
Andy Ng
P.S: As a work around I am now using OpenDNS as a curde but effective way of filtering P2P and **** Sites.
Author
Topic: How to use IDP / IDS to filter P2P (Read 10801 times)