Blocking music and streaming video with Check Point firewall
How can I block streaming video and music with a Check Point firewall?
Continue Reading This Article
Enjoy this article as well as all of our content, including E-Guides, news, tips and more.
First: RealAudio has the ability to tunnel streaming audio/video through http. Use the HTTP Security Server to deal with this in the current version. If you have CVP, you may be able to use the CVP server to screen out those MIME types. If you are not using a CVP server, you can do this with a wildcard URI. The URI Definition window would have the following in the "Match" tab:
Schemes: HTTP
Methods: GET
Host: *
Path: {*/*.{ra,rm,ram},*.{ra,rm,ram}}
Query: *
Note: You can stop HTTP downloads by adding {*/*.{exe,zip,bin},*.{exe,zip,bin}} to the path statement.
You would then create a rule that uses this resource and denies access to anything matching this resource.
Second: Proxy by secure authentication, then content check.
Third: Block the ports or known IPs, such as those for Napster, if you know them. You can gain IP information through the use of logs.
I think this will solve or at least direct you.
Featured Topic: Firewall Management
Best Web Links: Firewalls
Tech Tip: Performing firewall maintenance