Blocking IM with a firewall

I have a client that wants to block their staff from using MsN, Yahoo, AOL and IRC messaging at the office. I have a netgear FSV318 does port blocking, etc. What ports should be blocked to do this or is there another way?

Answer Wiki

Thanks. We'll let you know when a new response is added.

I beleive your client is looking for a Proxy server. to block Content and services. Trend Micro Makes a good product called IWSS (Trend Micro InterScan Web Security Suite)
We use it to block what ever we define.

Discuss This Question: 5  Replies

There was an error processing your information. Please try again later.
Thanks. We'll let you know when a new response is added.
Send me notifications when members answer or reply to this question.
  • Wbdawson
    The FVS318 can block ports as most firewalls can but personally I would consider this a retail item rather than commercial. That being said, I would assume that their budget was high. My recommendation in this case (as in any other along these lines) would begin with policies. I would simply put a policy in place stating that IM was not permitted. Make sure everyone knows about the policy. If they must put a hardware/software solution into place they should understand the cost of the overall solution including purchase, installation, administration and long-term support. At the end of the day the customer should understand the risk from the use of IM, the financial impact of a security incident from the use of IM, and the cost of security countermeasure used to mitigate risk from the use of IM. If the cost of the countermeasure is significantly below the cost of the risk, they should put in a device such as the Symantec IMlogic product. I am of the opinion that you will spend more time (an in turn money) implement, supporting and chasing down ports than it is worth. Don't forget the fact that someone will have to monitor it, update it and keep track of IM changes that may bypass it. Every portion of information security with with a good risk management plan. Bryan Dawson
    0 pointsBadges:
  • KarenL
    You need to use an application filter. Most of the messengers and peer to peer aplications use port 80 (http) so using port blocking doesn't help. A lot of them also change their IP's so blocking that doesn't help either. I have used 2 products that work well, Checkpoint's Smart Defense and Aladdin's AppliFilter, but there a lot more on the market. You have to install them as a gateway or as a proxy server depending on you network configuration and your personal preference.
    20 pointsBadges:
  • Blessen
    I have used and configured Sonic WAll firewalls. They include IM filtering products. You should check into it. Or if you do not want to buy a new firewall, then I would suggest looking into SurfControl.
    0 pointsBadges:
  • Ultrix
    You could always lock down the users desktops so they were not allowed to install the IM program in the first place. For the most part, regular users are given too many privileges. One of the side-effects of locking down the desktops would be a whole lot less spyware could land and self-install. You could require the users to go through a proxy to get out the gateway into the internet as well.
    15 pointsBadges:
  • AdTechJO
    One of the best products that I used in several sites is FortiGate from Fortinet. It scans the internet Gateway line whether a leased line or ADSL and blocks the web applications as selected. It seems that your customer has abusive WAN users to be concerned. The Fortigate blocks Video and Audio Streams as well. In addition, services can be blocked through your domain controller General Directory policy
    0 pointsBadges:

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to:

To follow this tag...

There was an error processing your information. Please try again later.

Thanks! We'll email you when relevant content is added and updated.


Share this item with your network: