 Packeteer's line of network traffic monitoring and management appliances let you keep tabs on the types of network traffic traveling over your network. | Most of the talk about peer-to-peer networking tends to be pretty polarized. Those who think P2P is revolutionary technology never stop heaping praise on it, while those who feel P2P spells doom for copyright holders won't be content until every file sharer is stopped.
But no matter which side of the debate you're on, there is no doubt that P2P is immensely popular. Millions of people are now using P2P networks to exchange information.
The P2P explosion is beginning to worry CIOs and network administrators who have become justifiably concerned about the negative effects that rampant P2P use can have on their IT infrastructures. Read on to learn more about what small to midsized enterprises are doing to stem the P2P tide.
 The Problem With P2P
Uncontrolled P2P use in your business can cause you and your company untold headaches and aggravation, from decreased network performance to possible legal actions against your business.
Open sesame. First of all, when employees install clients such as Kazaa or Grokster, the programs create file-sharing folders that are visible to a network population composed of millions of other P2P users. The technology is predicated on the concept that every computer, or node, in a P2P network can act as both a client and a server.
This feature, although convenient for P2P users, is a severe problem for network administrators who now face a stream of files exiting and entering the corporate network. How do you know that the files exiting your firewall are not confidential company documents? And how do you know that files entering your business are free of malicious code, such as spyware, Trojans, viruses, or worms?
In fact, virus writers are already exploiting P2P as a convenient new channel for spreading malicious programs. A quick search of Symantec's Security Response Web site reveals hundreds of new viruses and worms that spread via Kazaa and other P2P networks. Uncontrolled P2P use simply creates another point of entry for viruses, worms, and other malware into your organization.
A bandwidth hog. One fine day, Joe in accounting decides to download the entire Rolling Stones catalog during his lunch hour. Marcie in marketing never left the KISS Army, and Denny in logistics is replenishing his '80s New Wave collection. Get the drift? The end result when P2P users download their wares through your network is a slower network. The files of choice shared over P2P networks are usually music or video multimedia files, so dozens of these downloads occurring simultaneously can adversely affect your network's performance.
I fought the law . . . Perhaps the most damning indictment against P2P use in your business is the legal exposure your company suffers as a result. Once the RIAA killed Napster, millions of music file sharers flocked to P2P networks, hoping that the decentralized network structure would keep the RIAA lawyers at bay. It worked—for a while, until the RIAA obtained file-sharer IP addresses from ISPs and began suing individual users.
The point is simple to understand: File-sharing of copyrighted material within your IT infrastructure opens up your business to legal headaches you simply don't need. Yes, when your employees download copyrighted material illegally through file-sharing networks, they expose your entire business to legal attack. And the RIAA loves nothing more than finding a company with deep pockets that has turned a blind eye to rampant, uncontrolled file-sharing within its network. Make sure you don't.
What Companies Are Doing
Defending your network against uncontrolled P2P use starts with the development of policies that clearly specify accepted business usage for your network and other IT resources such as desktops, laptops, and servers. Many businesses are prohibiting P2P use and are backing up these policies with severe enforcement actions, up to and including termination.
So develop a policy, train your users on it, and make sure you emphasize the types of usage you are forbidding and the consequences that will befall those foolhardy enough to press on with their P2P file-sharing activities.
Another approach enterprises are using to control the spread of P2P applications is to prohibit the majority of users from installing their own applications. Instead, many businesses either force IT support staff to install applications on individual desktops or use a software applications "catalog" that only allows the download and installation of company approved and licensed applications. This approach not only prevents the spread of unwanted P2P clients; it also helps companies maintain compliance with software licenses.
According to a recent Yankee Group Research Note ("New Weapons in the War Against Spyware, Adware and P2P File Sharing"), businesses can use network traffic monitoring tools to detect P2P activity in their networks. These applications examine network traffic and look for the protocols used by P2P applications. Examples of companies that perform sophisticated network traffic monitoring include Packeteer, Q1 Labs, and Mazu Networks. Packeteer's PacketSeeker traffic monitoring appliance, for example, detects specific applications operating within your network by looking for specific application "signatures."
The Bottom Line
Those of you who still believe that P2P will eventually find a legitimate home in corporate America shouldn't lose hope. The technology has immense potential for enabling the efficient sharing of digital resources across corporate networks. In fact, many trailblazing companies are already beginning to explore P2P's potential. But, until legitimate P2P uses join the mainstream, it's best to keep clandestine P2P file-sharing away from your business.  by Sixto Ortiz Jr.
|
