Re: [nsp] Best practices for blocking IM traffic

• Next message: Timothy Brown: "[nsp] Cisco OSPF MIB+traps (RFC 1850)"
• Previous message: Cheung, Rick: "[nsp] Best practices for blocking IM traffic"
• In reply to: Cheung, Rick: "[nsp] Best practices for blocking IM traffic"
• Next in thread: Deepak Jain: "RE: [nsp] Best practices for blocking IM traffic"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
• Mail actions: [ respond to this message ] [ mail a new topic ]

Thus spake "Cheung, Rick" <Rick.Cheung@NextelPartners.com>
> We've also looked into Cisco's NBAR, but that does not support IM.
> We could define a custom signature (PLDM), but that would be based off the
> port number or ip address too.

Minor correction: NBAR has the ability to look inside the TCP/UDP flow to
identify port-agile protocols such as SunRPC, Napster, etc. If you can create a
workable profile of the application protocol, you can get a PDLM written for it.

S

• Next message: Timothy Brown: "[nsp] Cisco OSPF MIB+traps (RFC 1850)"
• Previous message: Cheung, Rick: "[nsp] Best practices for blocking IM traffic"
• In reply to: Cheung, Rick: "[nsp] Best practices for blocking IM traffic"
• Next in thread: Deepak Jain: "RE: [nsp] Best practices for blocking IM traffic"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
• Mail actions: [ respond to this message ] [ mail a new topic ]

This archive was generated by hypermail 2b29 : Sun Aug 04 2002 - 04:13:48 EDT