08-03-2014 07:20 PM
hs anybody had any luck blocking bittorent with AppRF?
I'm trying it on my IAP-225 running 188.8.131.52-184.108.40.206_45063 and the bittorrent sessions are passing as normal. I seem to be able to block web based apps such as facebook ok.
It seems that IAP is classifying Bittorrent as UDP / Network Service and allowing it.
Solved! Go to Solution.
08-04-2014 04:41 PM
Seems to be catching some of it but there is no deny flag. This was using qBittorent and it seemed to block the traffic.
I tried uTorrent and it was able to connect to trackers and peers no problem and started downloading straight away.
I filtered the dpi output on a couple of the connected peers and this is what came up:
08-04-2014 06:57 PM
Instant DPI can detect about 1,800 applications You can see the list with the cli command "show dpi app all". uTorrent is not on the list.
Try "Web-Category" and "peer-to-peer networking". This uses webroot / BrightCloud to categorize sites. I just tried it and it blocked uTorrent.
08-04-2014 07:29 PM
It seems like uTorrent uses it's own protocol (instead of Bittorrent).. learned something today!
Time for a feature enhancement request!
08-04-2014 07:31 PM
Tim Cappalli | Aruba ClearPass TME
@timcappalli | ACMX #367 / ACCX #480 / ACEAP / CWSP
08-04-2014 07:50 PM
this is true, however i would expect that you should be able to block basic torrent access using a very popular client out of the box. my client has no special configuraiton.
Depending on how the DPI is implemented it shouldn't matter what port is used but i'm not sure if IAP uses tru DPI or just port mapping.