Re: PIX firewall - block IM and P2P application configuration
the first issue you have is to describe the applications. While at first blocking specific TCP/UDP ports seems the best choice, you will learn, that those applications can easily be reconfigured to use different ports.
What you can try is still the access-list approach to block the majority of traffic. You should try to find out which ports these applications are using in your network.
Another option is to use a router with NBAR and "match protocol gnutella" and the like and apply a service-policy to drop this traffic.
Table of ContentsIntroductionVersion HistoryPossible Future
UpdatesDocuments PurposeNAT Operation in ASA 8.3+ SectionsRule Types
Network Object NATTwice NAT / Manual NATRule Types used per SectionNAT
Types used with Twice NAT / Manual NAT and Network Obje...
Table of Contents Introduction:This document describes details on how
NAT-T works. Background: ESP encrypts all critical information,
encapsulating the entire inner TCP/UDP datagram within an ESP header.
ESP is an IP protocol in the same sense that TCP an...