Peer-To-Peer Applications - Cisco ROUTER-SDM-CD User Manual

Peer-to-Peer Applications

Note
Peer-to-Peer Applications
Cisco Router and Security Device Manager 2.5 User's Guide
10-6
the router to block these applications, check the Send Alarm checkbox next to the
IM applications to reveal the names of the servers to which the applications
connect. Then, use the CLI to block traffic from these servers. The following
example uses the server name newserver.yahoo.com:
Router(config)# appfw policy-name SDM_HIGH
Router(cfg-appfw-policy)# application im yahoo
Router(cfg-appfw-policy-ymsgr)# server deny name newserver.yahoo.com
Router(cfg-appfw-policy-ymsgr)# exit
Router(cfg-appfw-policy)# exit
Router(config)#
IM applications are able to communicate over nonnative protocol ports, such
•
as HTTP, and through their native TCP and UDP ports. Cisco SDM
configures block and permit actions based on the native port for the
application, and always blocks communication conducted over HTTP ports.
Some IM applications, such as MSN Messenger 7.0, use HTTP ports by
•
default. To permit these applications, configure the IM application to use its
native port.
This page allows you to create policy settings for peer-to-peer applications such
as Gnutella, BitTorrent, and eDonkey. To learn about the buttons and drawers
available in the Application Security tab, click
Click Permit, Block, and Alarm Controls
the router takes if it encounters traffic with the characteristics that you specify in
this window.
The following example shows traffic blocked for BitTorrent traffic, and alarms
generated when traffic for that application arrives:
Example 10-1 Blocking BitTorrent Traffic
BitTorrent
Application Security
to learn how to specify the action that
Block
Chapter 10 Application Security
Windows.
OL-4015-12