Ask the Expert

Blocking music and streaming video with Check Point firewall

How can I block streaming video and music with a Check Point firewall?


    Requires Free Membership to View

First: RealAudio has the ability to tunnel streaming audio/video through http. Use the HTTP Security Server to deal with this in the current version. If you have CVP, you may be able to use the CVP server to screen out those MIME types. If you are not using a CVP server, you can do this with a wildcard URI. The URI Definition window would have the following in the "Match" tab:
Schemes: HTTP
Methods: GET
Host: *
Path: {*/*.{ra,rm,ram},*.{ra,rm,ram}}
Query: *

Note: You can stop HTTP downloads by adding {*/*.{exe,zip,bin},*.{exe,zip,bin}} to the path statement.

You would then create a rule that uses this resource and denies access to anything matching this resource.

Second: Proxy by secure authentication, then content check.

Third: Block the ports or known IPs, such as those for Napster, if you know them. You can gain IP information through the use of logs.

I think this will solve or at least direct you.


For more information on this topic, visit these other SearchSecurity.com resources:
Featured Topic: Firewall Management
Best Web Links: Firewalls
Tech Tip: Performing firewall maintenance


This was first published in March 2002

There are Comments. Add yours.

 
TIP: Want to include a code block in your comment? Use <pre> or <code> tags around the desired text. Ex: <code>insert code</code>

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
Sort by: OldestNewest

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to: