Re: MSM760 Controller and MSM310 AP's

abeldav · ‎01-22-2013

We are experiencing several "Connection Limit Reached" error messages on our MSM760 controller. Several users are bittorrenting so we will block their mac address when we see this. Unfortunately not all are malicious, some machines are just infected with virus.

My question is what options do we have to throttle or block bittorrent sessions or limit sessions from certain mac addresses?

Thanks,

Dave

cenk sasmaztin · ‎01-22-2013

hi

as for me you need 3 solutions

1-) fristly you need IPS solutions

http://www.hpenterprisesecurity.com/products/hp-tippingpoint-network-security/

many Hp network switch have some security protocol (connection rate filtering,dos protection)etc.

but they are insufficient. you can dynamically prevent network users connection to torrent site with IPS device

2-) wireless IPS solutions

http://h17007.www1.hp.com/us/en/products/wireless/HP_Mobility_Security_IDS_IPS_System_Series/index.aspx

Accurately autoclassifies APs and client devices using patented autoclassification techniques to block genuine threats
Automatically prevents denial-of-service attacks; prevents more than 20 threats simultaneously from a single sensor while continuing to scan for threats
Locates unauthorized WiFi devices on floor map for quick removal
Blocks unauthorized traffic without network disruption
Sends an alarm when a policy violation occurs via email, SNMP, and syslog

3- of course anti-virus solutions :)

cenk

Richard Litchfield · ‎02-02-2013

If you have ProCurve switches, quite a few of them have a virus throttling feature built in. You may want to investigate that too - automatic notification and/or blocking of the ports that exhibit the relevant behaviour (typically high connection rates...) Virus throttling also flags bittorrent - maybe that is an added bonus if you can disable that as well!

Categories

Company

Local Language

Forums

Discussions

Forums

Discussions

Discussions

Forums

Discussions

Forums

Discussions

Forums

Forums

Discussions

Forums

Discussions

Forums

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Community

Resources

Other HPE Sites

Discussions

Forums

Blogs

Re: MSM760 Controller and MSM310 AP's - virus throttling

MSM760 Controller and MSM310 AP's

Re: MSM760 Controller and MSM310 AP's - virus throttling