Description
This article describes how to prevent Peer-to-Peer use.
Scope
All FortiGates 2.8 and 3.0.
Solution
Note.
These instructions are for FortiOS 2.8. For FortiOS 3.0, use the IM/P2P menu to configure file blocking.
See the FortiGate Administration Guide for details, see the Archived area for FortiOS 2.8.
FortiGates running FortiOS 2.8 include the signatures for common Peer-to-Peer (P2P) software such as Kazaa, Gnutella, eDonkey, Bit Torrent, and so on.
The signatures for this type of software are included in the IPS signatures (P2P) and can be used limit their use when the users have already installed the application and are using the application.
To block peer-to-peer requests:
- Go to IPS -> Signature.
- Select P2P to expand the list of file sharing applications.
- Select the desired P2P application and select Configure.
- Select the action the FortiGate unit should take when encountering the signature.
- Select 'OK'.
- Block downloads of Kazaa.
While the IPS will stop the use of this type of software, to prevent users from downloading it.
To do this, set the Anti-Virus Grayware options.
The FortiGate will view downloads of this type of software as a virus and act on it according to the protection profile.
On the FortiGate, Kazaa is defined as adware.
For details on protection profiles, see the FortiGate Administration Guide.
To add Kazaa to the Firewall protection profile:
- Go to Anti-Virus > Grayware.
- Select 'Adware'.
Tip.
When setting the IPS P2P when Anti-Virus is enabled, set the IPS Action to 'Reset' or 'Reset Server'.
If only IPS is used, set the Action to 'Clear Session', 'Drop Session' or 'Reset'.
