Hi everybody.

I'd like you please to help me please what kind of network policy is the best for my system.

I manage a 150PCs network, with VLANs and several servers (mail server, file server, web server). Internet is reached through a 4Mbps ADSL and a router.

I'm beginning to notice a bandwidth problem because of the P2P programs that several users have installed on their PCs.

I'm not sure of what to do, because everybody pays a fee for the Internet access so I believe that blocking eMule it's not very fair for them. And also, I've read that eMule's able to work no matter the pair of ports you've configured, so there would be no use to block any port.

I've tried to encourage the people to be 'good boys' and limit eMule locally, but this has not worked. Bandwidth keeps strangled.

The best for me would be a solution in which they could use eMule at a low transfer rate and keep the "ethic bandwidth" always high. Some kind of eMule discrimination, I think. Is there any commercial solution that suits this point?

But also, it would be very helpful if you could tell me what kind of policy you've implemented in your network. Dou you allow P2P? How do you put the bandwidth under your control? If not, how have you managed to block P2P?

Many thanks in advance,

Rafael

As a rule of thumb, most businesses do not allow P2P programs to run. I know we do not where I work and anyone caught doing so will be terminated immediately, with prejudice (ie: no separation pay, walked out the door, account disabled, etc).

Generally speaking, the files being shared or downloaded are not work related. If this is the case in your workplace, put a policy in place that disallows use of such software and enforce it. You can also use QoS (quality of service) to limit the bandwidth use of such applications. However, I wouldn't go that route, I would disallow them completely. There's no excuse for this, not even during breaks or at lunch time.

Another big problem is people listening to music or live video streaming. Again, put a policy in place. Have all users read and sign it and then fire the first one you catch ignoring the policy they've signed. One example should make the rest toe the line. Remember, the computers and the network are property of the company and not the personal property of the users. Remind them of that too in the policy. They are there to work, they can play and download all they want at home.

As you've pointed out, this type of network activity uses up bandwidth which causes problems for legitimate business related computer/network usage.

Just think of all the money the company is wasting on letting employees spend their day in non work related activities. Your concern should not be for bandwidth but productivity. Personally I would have fired those installing P2P programs like emule at work. They don't have the proper work ethic to be employed at my company.

Give a person a fish you feed them for a day.
Ask a person to internet search and they learn a skill for a lifetime.

What's also missing in this discussion is P2P is a major liability and security risk.

You can get "medieval on their net activity" using a product like ISA 2004. Because ISA is an application level firewall, you can block eMule and the like no matter what port it uses. Burninate P2P use completely!

Please help survivors of Hurricane Katrina!

www.redcross.org

Rafael,

If I were you, here is what I would do:

1. Print out this article and study the part about What Companies Are Doing.

2. Request a conference with the upper management. Make your presentation then see what they have to say. Some Managers may object over the fear that if such policy is implemented the best people would quit.

i_XpUser

Notice the information about proprietary company information and legal liability of allowing P2P from your network.

If your best workers can't deal with no p2p, you don't have very good workers. :-)

Please help survivors of Hurricane Katrina!

www.redcross.org