Block Port Hopping Applications
Protocol Control lets administrators take back control of their networks from disruptive port-hopping applications like peer-to-peer applications or online games. Signature based layer 7 filtering makes it easy for administrators to:
- Conserve bandwidth by blocking applications like peer-to-peer that open multiple TCP ports
- Improve productivity by blocking IM & online games that evade firewall rules
- Write custom signatures for any protocol
Protocol control covers a broad set of applications, such as Instant Messaging, Peer to Peer activity, online games and streaming media, that can clog your network, reduce productivity, and infect computers with spyware, malware, and viruses.
These applications are extremely aggressive and will sneak out on ports used for other vital network traffic such as web and email, making it nearly impossible to control them with firewall rules.
Protocol Control takes a different approach to log and/or block these applications using their signatures. This allows you to lock down the unwanted activity.
Key Features:
- Open source & free under the GNU General Public License (GPL)
- Protocol control lets you select the protocol signatures to log or block
- Custom rules can be added for any unsupported protocols
- Time based policies let you decide when and if these applications are permitted
- Reporting lets you see which protocols are active on your network and who is using them
Protocol Control Technical Specifications
Protocol Control blocks unwanted protocols from entering or leaving your protected network. Unwanted protocols might include Instant Messaging and Peer-to-Peer (P2P). For example, you might want to block users from playing some video games and from streaming media.
Protocol Control uses signatures to identify "rogue" or unwanted protocols on all ports. Many protocols, such as Instant Messaging and Peer-to-Peer, are difficult to block with a traditional firewall because of their "port hopping" behavior. If clients are blocked after trying to connect through their default port, they will connect over port 80 or port 25. Port 80 and port 25 cannot be blocked without blocking Web and e-mail traffic. Protocol Control can identify this hopping behavior, and log and block the connections.
If Protocol Control is not pre-configured for a protocol that you want to block, you can use the Untangle Server's user interface to create custom rules to block additional protocols.
What It Does
Transparently scans application data stream, logging and blocking designated protocols
How It Does It
- Uses L7-Filter Netfilters to classify protocols based on OSI layer 7 data, regardless of port or port-hopping
- Uses Untangle custom scanning engine, default settings, tuning and updates
Controls
- Default settings include a wide array of protocol signatures that can be configured for logging and/or blocking
- Custom signatures can be added