P2P Threats Call In The Copyright CopsP2P Threats Call In The Copyright Cops

PROBLEM SOLVERS

The Motion Picture Association, the RIAA, the Electronic Frontier Foundation, and numerous advocacy groups offer free education packages that provide a good base for end-user training.

The RIAA recommends three vendors for network monitoring and traffic screening: Audible Magic, Enterasys, and Red Lambda. All offer software to manage P2P traffic in the enterprise, but each takes a slightly different approach to reducing file-sharing traffic.

Red Lambda's Integrity runs on the company's cGrid architecture and spreads detection of file sharing and P2P offenders across existing resources as part of the Red Lambda security suite. Integrity's sales pitch is that cGrid leverages surplus server cycles as needed to detect and mitigate file sharing. Red Lambda's cGrid grew out of the University of Florida's Icarus project and is designed to scale. Integrity starts at $10 per seat, with volume and educational discounts available. Ongoing support is 20% of the initial purchase price.

Enterasys' Secure Networks Dynamic Response isolates and categorizes P2P incidents, tagging the user and reconfiguring the network as required to penalize machines exhibiting behavior that violates policy. Dynamic Response is designed to work with either Enterasys Dragon security appliances or other third-party security event detection products. Enterasys says it views Dynamic Response as a complement to traditional packet inspection and edge defense offerings. The product starts at $19,995.

Audible Magic ups the ante by finding copyrighted material based on digital fingerprints. The company says its CopySense technology won't be fooled by compression or distortion as it scans the contents of a file rather than looking for metadata or telltale watermarks or embedded tags. In addition to the education market, Audible Magic has a number of municipal customers protecting large-scale public Wi-Fi deployments. The company also hosts an enormous content registry--the CopySense appliance relies on a growing database of more than 6 million copyrighted works to validate music, video, and software.

We see Audible Magic as holding the most promise for accuracy and limiting false positives, but we haven't tested the platform in our lab. Our biggest concern would be efficacy versus encrypted data streams. Audible Magic's pricing model is tied to monitored bandwidth, starting at $5,000 for a T1 and going up from there. Annual support and maintenance run 20% of purchase.

If you're concerned about piracy of your self-produced software or digital media, companies like Arxan Technologies can help implement DRM to secure intellectual property at the binary code level. Active filtering tools from Astaro, Blue Coat Systems, Websense, and others enable you to intercepting file-sharing traffic at the edge of your network. Packeteer and other bandwidth shapers offer granular control and analysis at the packet level to sift TCP and UDP flows. All of these vendors continually update their signature files and detection methodologies as new P2P variants emerge.

If there's no room in the budget for specialized software, established strategies, such as locking down the desktop, stateful traffic monitoring, storage analysis, and gateway filtering, still make sense. Often, the functionality exists in your existing security infrastructure to block P2P. Heck, even basic virtual LAN ACLs may minimize illicit internal file sharing without impacting access to legitimate resources.

There are legitimate uses for peer-to-peer traffic and distribution of media files. To paraphrase, P2P apps don't pirate music, people pirate music using P2P apps. Still, IT pros should apply reasonable effort to lock nonbusiness P2P file-sharing applications off the network--better safe than sued.

Continue to the sidebar:
Oregon AG Discovers New Way To Stand Up To RIAA