contact us 1 800 782 3762
Web Filtering: The Hidden Danger in Peer-to-Peer (P2P) Traffic

Peer-to-Peer (P2P)
Another growing trend in the workplace is Peer-to-Peer programs. These file-sharing programs are built so that information can be shared equally and conveniently, but their use can have serious consequences for your organization. Viruses, worms, trojans and botnets can be shared easily along with legitimate files. And since much of P2P activity is automatic, the threats can go unnoticed until it's too late. Even some of the P2P programs themselves contain spyware, furthering their ability to invade your network and obtain confidential information from your users or introduce unwanted and damaging agents.

In one recent event, a well known pharmaceutical company comprised the data of approximately 16,000 current and former employees because of file-sharing software downloaded onto a company laptop. Even though the download itself was done with no ill intention, the results were just as harmful as a malicious attack. The company was forced to disable file sharing on all company-issued laptops from then on although the damage had been done.

Unfortunately, as with other Internet threats, there seems to be no reduction in P2P applications, despite law enforcement efforts to curtail illegal sharing of pirated music and film files. Even worse, as long as hackers can write P2P applications, your organization will be vulnerable unless you can block P2P traffic at the perimeter.

iPrism Web Filter is the Answer
Only rarely does a P2P application have a legitimate business use on your network. The iPrism Web Filter allows you to block any or all P2P applications and ensure that no proprietary information leaves your organization via this hidden "escape tunnel". This ensures that you are also blocking an often-overlooked entry point for viruses, worms and other malicious agents.

Web Filter & Web Filtering
Risky Behavior: IM and P2P

Instant messaging (IM) allows instant communication between anyone, anywhere, faster than email. This immediate access makes it invaluable for business, but the technology has an important security hole. Messaging - and, similarly, peer to peer (P2P) - works by establishing a direct connection between two clients. That means that the communication between those two clients bypasses firewalls and servers - which is a problem with file transfers. Files transferred onto your network aren't scanned for viruses; files going out aren't restricted by the FTP server or logged to know who accessed them.

One way to control IM is to configure the web filter or firewall to block IM traffic. The firewall blocks the IM traffic based on the protocol, but enough different IM protocols exist that it can be difficult to block them all without a web filtering system. Even if the firewall is effectively blocking all IM traffic, all IM traffic is blocked. Firewalls cannot web filter messaging like a web filtering system, only stop it, which means your employees aren't able to use IM communication. Trying to block P2P connections is even less effective because firewalls, unlike web filter systems, only block incoming P2P requests. Some P2P applications can detect that the protocol is blocked on inbound traffic and initiate the connection on the outbound (allowed) HTTP port.

Your web filter should filter the IM content, not block the tool. iPrism web filtering recognizes both incoming and outbound sessions, so P2P can't get around it, and the web filter actively inspects every packet, so every chat passes through it. This web filtering utility gives you control over your messaging tools.

iPrism web filter doesn't block IM/P2P traffic; it actually filters the IM and P2P sessions, as it does with site content, through relevant web filtering:
  • Customizable content web filter. iPrism web filtering offers completely customizable blocking for sensitive or inappropriate words and phrases to control information typed during the chat session.
  • File blocking. iPrism web filtering can block files with an EXE or other specified extensions from being transferred, so viruses can't be sent over an IM session.
  • Web Filter Virus scanning. The IM sessions are virus scanned, using web filtering databases of known viruses that are updated every 10 minutes.
  • Logging chat sessions. All chat sessions are logged and tracked.
  • Web Filtering Notification and reports. Web filter notifications are sent every time iPrism intercepts blocked content or blocked file types, and reports can be generated on bandwidth usage, file transfers, and blocked file transfer attempts.

iPrism web filtering permits messaging while still keeping your network secure and maximizing the usefulness of your IM tools. The web filter fits the needs of your business, from completely blocking IM/P2P traffic to allowing free access, and everything in between.