Hot Diggety! Jeremy Charles was rumored to have written: > I’ve been directed to figure out how to decrease the amount of > Internet capacity that is being used by employees to do things that > are not work-related. The examples I’ve been given are Netflix and > other streaming media. > For those of you who have had to carry out (or at least attempt to > carry out) similar direction, what techniques/products have you found > to be successful or not-so-successful?
Ah, that can become a thorny ball of fun sometimes. In general, anything that does content-based filtering (inspects packets with understanding of protocols at wire speed and can pass/reject or throttle, DSCP/QoS-style) does well. Not necessarily the cheapest of options but easily managed and reduces cases of throwing out the baby with the bathwater. I've seen various hardware-based appliances in use though I couldn't remember particular names now. The better ones can produce reports that provides graphs and breakdowns (plus numbers) helping you determine what to focus on. Or you could roll your own solution by filtering on source or port ranges but that's not easily automated, especially if content providers uses a widely distributed content distribution network all over the world. Other limitations is that craftier users could set up their own proxy for the sole purpose of encapsulating packets to bypass checks or diverting through ports you don't check. One does have to be careful to guard against inadvertent stompage -- say you throttle a particular protocol but then one day need to do a vendor presentation that happens to use the same protocol... -Dan _______________________________________________ Tech mailing list [email protected] https://lists.lopsa.org/cgi-bin/mailman/listinfo/tech This list provided by the League of Professional System Administrators http://lopsa.org/
