I have started tinkering with SDM and noticed that it has a feature for Netflow and Application/Protocol Traffic displays. I have been using my internet router as the test subject. I noticed that there appears to have been traffic such as edonkey, quntella and vdolive applications the router had detected. Is there a way I can narrow down the useage of this traffic or block it on the rotuer? I am running a feature set that allows firewall and IPS on the router?
Would it be better to block this traffic before it on the 4506 before it hits the PIX and the router or simply block it on the router? I am thinking the router would be better because of the difference in processing power and the like.
Does the IPS feature set on the router work in an inline mode that I could use to block or manage the unwanted traffic?