Hows the performance on R55w since it incorporates multiple port checking for things like Kazaa?
I have HTTP security server in optimized mode and my modules run at about 20% during peak day traffic. If I use the full mode (security server) it spikes to about 90%+ so that is why I'm using optimized. I heard though that in R55w everything runs in the kernel and not as a security server? Derek O'Flynn Enterprise Information Security LSU Health Sciences Center [EMAIL PROTECTED] (504)568-6130 -----Original Message----- From: Reinhard Stich [mailto:[EMAIL PROTECTED] Sent: Thursday, December 02, 2004 1:41 PM To: [EMAIL PROTECTED]; [EMAIL PROTECTED] Subject: Re: [FW-1] How block Kazaa? Hello, you can upgrade to r55w with the license you have. An additional fee is only required for the web-subscription. Cheers reinhard ))) Message sent using Nokia One Business Server ((( ))) Internet Security AG - www.internet-security.ag ((( --- Original Message --- From: "O'Flynn, Derek" <[EMAIL PROTECTED]> To: [EMAIL PROTECTED] Date: Thu Dec 02 20:14:21 CET 2004 Subject: Re: [FW-1] How block Kazaa? You can block Kazaa if it utilizes Port 80 in R55. There's a Peer to Peer tab under Web in SmartDefense, but it's port 80 specific. I have Snort IDS configured to alert on Kazaa and issue a TCP RST. Seems to work well. I'm on R55 now, but would like to utilize the firewall to block Kazaa as well, and it seems it's possible now on all ports utilizing R55W. Anyone know if I can upgrade to R55W or is it a separate license? Performance issues? Thanks, Derek O'Flynn -----Original Message----- From: Mailing list for discussion of Firewall-1 [mailto:[EMAIL PROTECTED] On Behalf Of Oswaldo Silva Junior Sent: Thursday, December 02, 2004 1:20 PM To: [EMAIL PROTECTED] Subject: Re: [FW-1] How block Kazaa? I think that I misunderstood this issue. It isn�t possible to block P2P in CP AI R54 and R55. You can only track (log, alert) this type of traffic. I believe it�s possible only in R55W. am I wrong? regards, Dig. -----Original Message----- From: Michael J. Semaniuk [mailto:[EMAIL PROTECTED] Sent: quarta-feira, 1 de dezembro de 2004 23:29 To: [EMAIL PROTECTED] Subject: Re: [FW-1] How block Kazaa? What version of the firewall are you running? If it is AI R54 or R55, you can only block those protocols using SmartDefense when they are on port 80. If you're on R55w, then it should detect them on all ports. It's in the P2P section of the SmartDefense tab. If you are on a previous version of code, then you can try to block the ports, but it's not a very efficient way to go as the clients can generally be configured to work over any TCP port. Alternatively, you could look at products other than the firewall to manage this type of stuff. There are solutions from Akonix, Websense, SurfControl, etc. that have a story of some sort to help manage P2P applications. -Mike Oliver wrote: >Hi, Anybody knows how can i block Kazaa, eMule, etc >with SmartDefense or Resources?, I tried but didn't >work. >Regards, >Oliver > >_________________________________________________________ >Do You Yahoo!? >Informaci�n de Estados Unidos y Am�rica Latina, en Yahoo! Noticias. >Vis�tanos en http://noticias.espanol.yahoo.com > >================================================= >To set vacation, Out-Of-Office, or away messages, >send an email to [EMAIL PROTECTED] >in the BODY of the email add: >set fw-1-mailinglist nomail >================================================= >To unsubscribe from this mailing list, >please see the instructions at >http://www.checkpoint.com/services/mailing.html >================================================= >If you have any questions on how to change your >subscription options, email >[EMAIL PROTECTED] >================================================= > > > > ================================================= To set vacation, Out-Of-Office, or away messages, send an email to [EMAIL PROTECTED] in the BODY of the email add: set fw-1-mailinglist nomail ================================================= To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================= If you have any questions on how to change your subscription options, email [EMAIL PROTECTED] ================================================= ================================================= To set vacation, Out-Of-Office, or away messages, send an email to [EMAIL PROTECTED] in the BODY of the email add: set fw-1-mailinglist nomail ================================================= To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================= If you have any questions on how to change your subscription options, email [EMAIL PROTECTED] ================================================= ================================================= To set vacation, Out-Of-Office, or away messages, send an email to [EMAIL PROTECTED] in the BODY of the email add: set fw-1-mailinglist nomail ================================================= To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================= If you have any questions on how to change your subscription options, email [EMAIL PROTECTED] ================================================= ================================================= To set vacation, Out-Of-Office, or away messages, send an email to [EMAIL PROTECTED] in the BODY of the email add: set fw-1-mailinglist nomail ================================================= To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================= If you have any questions on how to change your subscription options, email [EMAIL PROTECTED] =================================================
