Several years ago while working at my former company, IT issued a notice to all employees that Internet radio was off limits. IT had concerns that the pipe to the Internet didn’t have enough bandwidth to go around. Most people found the notice bothersome, even though at the time, I didn’t know anyone who was actually listening to Internet radio on a regular basis. The reason for their outrage was not because they were losing something they needed, but rather they weren’t given the option to have it at all.
At first, there was some open rebellion, with some employees playing radios in their cubicles without headphones to the annoyance of their neighbors. Then came defiance, when it became apparent that IT didn’t actually have the means to control streaming media on the network. Within the course of a year, most everyone had forgotten there was a policy banning Internet radio at all, including IT.
I learned several lessons from this experiment. One, it can be difficult for an organization to implement a method to block streaming media using traditional controls such as URL filtering, filetype filtering or port blocking. These approaches may catch a few services, break many others, and yet let many more through undetected.
Two, blocking may not always be the most prudent measure in the first place. Organizations often say they want to get a handle of excessive bandwidth consumption, but what they really want is to optimize traffic flow for high priority business applications. Sometimes blocking is the correct answer, but sometimes it's far better to enable services, manage use, and enforce control.
Three, while it’s easy to point to the finger at streaming audio as a bandwidth hog, this may be a situation where the policy was written based on assumption rather than evidence. For instance, in the Application Usage Report from 2011, streaming audio consumed a fraction of one percent (0.24%) of the total enterprise bandwidth. In other words, it’s quite possible that Internet radio served as the scapegoat for other bandwidth management issues. In practice, many companies don’t even know which applications are using the most bandwidth inside their organization.
Four, once it was discovered that the policies were not enforced, they were soon ignored and forgotten altogether. The policy did not ever go away, but rather bypassed in contempt.
Fast forward to today, and companies continue to struggle with managing streaming media. The game is different, as video does consume a considerable amount of bandwidth. This USA Today article points out some things that are new to the mix, as it’s not so easy for businesses to know what to manage anymore. For example, new applications constantly appear, and existing applications morph to add new functionality. Unconditionally blocking an application may not be smart, as many applications have a mix of personal and business use.
With the next-generation firewall, application visibility and control is at the very center of its design. It analyzes all traffic on all ports for all applications. It can help with organizations looking to get a handle on their traffic in a number of ways. First, application visibility and control allows an organization to identify exactly what’s using excessive bandwidth. Whether it’s a specific application or sets of users, an organization can spot the trouble areas and define a policy for control. Second, the next-generation firewall can be very precise about how to deliver the controls, such as providing groups of users with more access to streaming media while others may be placed under tighter scrutiny. Third, an organization can define a policy around a category of applications rather than statically defining a policy against a known list. As new streaming media applications emerge or existing applications add streaming capabilities, the policy continues to aim true.
It’s actually quite remarkable how many of the troublesome management issues of the past are easily addressed by application visibility and control. To learn more, join a weekly Jumpstart webinar to see a demonstration and ask questions with our product experts.