Re: [fw-wiz] Blocking Video/Audio Streaming

-----Original Message-----
Subject: [fw-wiz] Blocking Video/Audio Streaming

Many of the streaming video/audios uses http port 80 as transport, It is
possible to
block this type of traffic on Cisco PIX/IOS FW? a sample config will
really help me.

The HTTP fixup doesn't allow you to deny a/v streams or files over HTTP on
its own. You may be able to add an additional system (like a content filter
or and IDS) that can leverage the PIX to block the connection once it is
properly identified. Part of the problem is that you have a pretty big set
of detection factors for this stuff inside of the HTTP headers. Maybe MIME
type for some things, URL regex for others, and User-Agent for the rest.
PIX can't do that on its own.


firewall-wizards mailing list