All known P2P and IM protocols/clients?
Depending on your hardware/provider you could always offload this task to those who are paid to do it daily. A lot of support contracts include black/white list updates to either firewalls or other in line packet inspection utilities that will deal with the variable nature of the industry while all you would have to do it set the specific rules. The caveat though is that if they inadvertently block access to a specific port/packet and it is being used by an application that you use within the organization you could be held accountable. Most of these types of “solutions” give you the ability for you to remove the offending entries while notifying the provider to include/exclude them in future updates. It’s not perfect, but it’s the best solution that I’ve seen. One specific provider that I’ve seen firsthand (and seems to work quite well) is Fortinet.
no, that’s exactly what you are looking to do. Err, no. That’s not what I’m looking to do. “They” are already using ISA and some packet/port inspection/filtering as well as other known methods. As you can imagine it’s not working out as well as they’d like it to. “They” are looking at investing in some behavior-based filtering appliances or contract services as well. What I’m personally being charged with is trying to compile a list of likely packages/apps/clients and helping to determine the installation/configuration specifics that these apps use, in an effort to lock up future approved distributions/images of our rolled out software to prevent further installation of these applications. So yeah, it’s policy, not technology. In this particular environment we (should) have full control of what the userbase can and cannot install both in the forms of written policy and system access. You’re free to surmise or suppose about whether or not they’re doing it correctly from this information
