IM applications today use a wide range of ports and adaptthenselves to use port 80 or other normally open ports to ensure connectivity. In addition to this flexibility, the ports used will vary depending on the IM application version. One more thing to consider - if you block the use of IM applications but still leave port 80 open for web access, your users will most like make use of web-based versions of the messenger which run like any other web page.
That said - Your PIX firewall can block IM file attachments over most popular IM applications when used in conjunction with Websense and the IM Attachment Manager. This solution would also provide web content filtering and reporting for your network.
If you notice, you can add more ports via class-maps which tie to the inbound_policy I
created to tie to the interface. You can set the port-misuse default action to allow which we did above so you should be able to inspect other ports that are being used without blocking anything that you're currently doing as long as the P2P/IM headers aren't found in the packets.
Essentially this will cause the pix to block the IM/P2P applications while still allowing
We have configured the outside and inside Interface with official ipv6 adresses, set a default route on outside Interface to our router, we also have definied a rule , which also gets hits, to permit tcp from inside Interface to any6.
In Syslog I also se...