P2P Control
P2P Control
Peer-to-peer (P2P) file sharing application use in enterprise environments is common and one need not look far to find examples of how theses applications led to the release, purposeful or not, of private or confidential information

Peer-to-Peer (P2P) Control

The most recent article highlights the former first lady’s safe house (Laura Bush) and a detailed list of the civilian nuclear complex, including precise locations of weapons grade nuclear fuel. These examples follow closely on the heals of previous discoveries of MarineOne blueprints and healthcare records on P2P networks.

Peer-to-Peer (P2P) technology is not new, nor is the desire to block P2P technology. In fact, one of the early P2P use cases was to distribute files and news articles across Usenet and news server systems. P2P applications are designed to leverage shared resources, CPU cycles and bandwidth, across an ad hoc network. The advantage of a P2P network is that it distributes the load across a network and decentralizes command and control, rather than focusing it on a small number of centralized servers. For many years, P2P was used quietly in the technical community and in fact can be a very useful tool for an IT department or anyone who needs to deal with moving large files around. It is a common delivery mechanism for LINUX binaries.

The Internet boom and the release of Napster brought P2P squarely into the music sharing application business and more recently it has expanded into video sharing and distribution. While Napster has been shut down, many more P2P offspring have risen, garnering an extremely bad reputation brought about more by how it is being used (distributing copyrighted materials) than by it’s distribution efficiency.

P2P and File Sharing Application Use is Rampant

Despite the risks and the control mechanisms that may be available, P2P use is rampant on enterprise network, as evidenced by the findings in the Spring 2009 Edition of the given the findings from the Application Usage and Risk Report:

  • An average of 5 P2P variants were found in 87% of the 200+ participating organizations.
  • A total of 22 P2P variants were found across the participating organizations.
  • The most common P2P application found was BitTorrent at 61%.
  • Bandwidth consumed was 15.9 terabytes, or 9% of the total bandwidth viewed across the participating enterprises.
  • There are many cases where P2P applications can be used in a beneficial manner but clearly control efforts are addressing the problem. IT departments need a mechanism to control P2P applications--blocking their use by rank and file employees while allowing the use by select individuals.
  • Palo Alto Networks can, when combined with best practices, help enterprises reign in the use of these applications.

Common P2P Based File Sharing Applications Chart