Blocking online music access

ITKE member Almac advised:
In general, listening to music is not a big issue. However, I've had instances where listeners were used as "re-broadcasters" for other listeners. An audit of our bandwidth usage showed that one instance of "re-broadcasting" used half of the bandwidth on my T1.

What is your company's policy regarding listening to music? It is hard to enforce something if it isn't in writing. Our usage policy specifically prohibits listening to online music in the workplace. I used Group Policy to remove music players and I audit weekly to ensure it stays removed. We now play background music in the building, and users recommend the stations we play. The result has been no online music listening.

ITKE member astronomer advised:
We had problems with downloads and streaming music in particular. Our three T1s were saturated to the point that our business software became unusable. Since the current streaming protocols use port 80 to get through firewalls, we were forced to use two strategies. We blocked some sites and forced users to use a squid proxy, which limits individual download speeds so the Internet pipe isn't saturated. We also considered using the new class of traffic shapers that inspect the traffic up to Layer 7. This allows you to control traffic by application. We didn't buy the product because of the price, but it is worth looking at.

ITKE member bigshybear advised:
Yes, streaming audio takes up bandwidth -- 56kb/s to 128kb/s per person -- and it's a constant load; it doesn't spike like normal Internet usage. If you have a T1 and six people are streaming at 128kb/s, that's HALF of your bandwidth. Ouch.

Related information Read about the latest content filtering tools in this tip. Get the latest news and advice for writing acceptable use policies in our resource center.

If your firewall has the capability, you can block .wav, .mp3, .ram and .rm files, as well as most Web sites. If not, you have to start doing some investigating. My recommendation is first, find out what your WAN bandwidth utilization really is. If you have a Cisco router connected to a T1 or a fractional T1, I've found the PRTG (Paessler Traffic Grapher) useful. The freeware version will give you a graphic of bandwidth utilization for up to three Cisco routers. Once you've figured out your bandwidth utilization, compare it with your available bandwidth to determine if you have a problem. Then decide if you need to spend the time involved in investigating it. If you find that you do, you have to find out who is using the bandwidth. Some firewalls give you this information, but some don't. You may need to use a sniffer -- Ethereal is excellent and free. Once you find the culprit, you can either talk to them directly or set up a block list in the firewall to block the radio site. (Ethereal comes in handy here, it can give you the originating Web site IP address for your block list.) My experience is that my block list rapidly gets long as the offending person shifts from site to site to site as they hunt for stations that work. You will have to check often for at least one to two weeks before people start giving up.

Be aware of the political issue of whether or not you have the authority to cut off users' Internet radio. You may have to get allies in management. Reminding them how much more bandwidth would cost always seems to work well.

ITKE member HumbleNetAdmin advised:
The greater problem is whether or not you have backing from management. If your company doesn't have a policy and/or you run into trouble blocking usage, gather information to back up your claim. Don't just tell management that you feel the usage is consuming too much bandwidth, show them. Using tools, such as PRTG, you can monitor network traffic on everything -- servers, routers, firewalls -- and even end user's PCs.

I started seeing the problem of high bandwidth usage on incoming traffic that was not in keeping with the norm. After investigating, I was able to show management that users' accessing streaming audio was consuming bandwidth. The powers that be took an unexpected turn. Instead of creating an acceptable use policy and enforcing it, and/or blocking content, we installed a new T1 and routers/firewalls for an Internet connection that is strictly for inter-company use only. The users' PCs have their gateways set to the firewall on the new T1, so bandwidth is not taken away from the circuit that external customers depend on.

Rate this Tip To rate tips, you must be a member of SearchSecurity.com. Register now to start rating these tips. Log in if you are already a member. Digg This!     StumbleUpon     Del.icio.us    RELATED CONTENT Network Security Tactics Using Nessus Attack Scripting Language (NASL) to find application vulnerabilities Screencast: Recovering lost data with WinHex How to build security into a virtualized server environment How to install and configure Nessus How to run a Nessus system scan Nessus: Vulnerability scanning in the enterprise Screencast: An introduction to the Open Source Security Testing Methodology Manual (OSSTMM) Understanding multifactor authentication features in IAM suites Network intrusion prevention systems: Should enterprises deploy now? Webmail security: Best practices for data protection Network Firewalls Is it possible to allow select access to IP addresses using Windows Server 2003? Sophos finds patching issues through endpoint NAC tool Fortinet acquires database vulnerability scanner from IPLocks Is an IPsec VPN necessary when connecting remote servers that process financial transactions? Embedding security has drawbacks says TippingPoint chief architect Is security improved when the number of Internet gateways is reduced? Nipper audits routers, reveals insecure settings Product review: Netgear's Netgear FVS336G ProSafe Dual WAN Gigabit Firewall Product review: Tufin's Tufin SecureTrack 4.1 Product review: SonicWALL's SonicWALL NSA E5500 URL Filtering Web security gateways keep Web-based malware at bay Web security gateways meet rising malware threats Can watching online videos present enterprise security risks? How can hackers bypass proxy servers? What are the best ways to block proxy server sites? How well do content filtering tools limit network traffic? At Your Service Blocking Web anonymizers in the enterprise Mozilla fixes nearly two dozen Firefox flaws Review: StoneGate SG-4000 'hard to beat' RELATED GLOSSARY TERMS Terms from Whatis.com − the technology online dictionary bastion host  (SearchSecurity.com) firewall  (SearchSecurity.com) Firewall Builder  (SearchSecurity.com) personal firewall  (SearchSecurity.com) screened subnet  (SearchSecurity.com) virus  (SearchSecurity.com) RELATED RESOURCES 2020software.com, trial software downloads for accounting software, ERP software, CRM software and business software systems Search Bitpipe.com for the latest white papers and business webcasts Whatis.com, the online computer dictionary DISCLAIMER: Our Tips Exchange is a forum for you to share technical advice and expertise with your peers and to learn from other enterprise IT professionals. TechTarget provides the infrastructure to facilitate this sharing of information. However, we cannot guarantee the accuracy or validity of the material submitted. You agree that your use of the Ask The Expert services and your reliance on any questions, answers, information or other materials received through this Web site is at your own risk.