It’s that time of year again when college basketball takes center stage in America - brackets are filled out, fretted over, and filled out again. Otherwise sane and reasonable coworkers morph into die-hard superfans, and full-grown men begin having serious debates about Cinderella. They call it March Madness for a reason.
It is also the time of year when IT and network teams brace for the surge of network traffic as employees tune in to watch the games on-line. This year the impact is likely to be largest ever as users can literally watch every game on-line whether on their laptops, iPhone or iPad. Streaming video is certainly nothing new, but it has never been so pervasive and of such a high quality (aka, high bandwidth).
The good news is that the team at Palo Alto Networks has you covered with custom App-IDs to identify and control the video players and ads running on these various platforms. These new App-IDs are available at no charge to Palo Alto Networks customers as XML files which can accessed from our online community, DevCenter at https://live.paloaltonetworks.com/docs/DOC-1773 .
Keep in mind that these custom signatures are just an example of the types of things that users can develop for any application based on HTTP, HTTPS, FTP, IMAP, SMTP, RTSP, and Telnet. Additionally, with the recent 4.0 release of PAN-OS this custom App-ID capability has been expanded to include unknown TCP and unknown UDP as well.
As always, Palo Alto Networks provides options to control these applications in the way that best suits your organization. Staff can limit the ability to watch games to certain times of day. Alternatively, staff can allow the NCAA traffic, but cap the amount of bandwidth it consumes so that when the network gets busy, the basketball video may suffer, but business traffic will not. Additionally you will have full visibility and control of traffic based on the user so that you can see where your resources being consumed or alternatively ensure that your CEO can watch her alma mater.
Of course, in addition to these custom App-IDs, customers can control the many proxies, circumventors, and remote access applications that users regular employ to bypass traditional firewalls. Collectively this technology will help you ensure that even while your user base goes temporarily insane, your network can stay safe, predictable and compliant.