Blocking instant messengers specially MSN LIVE Messenger is a bit tricky and headache for any network administrator, because it uses varieties of ports and destinations. Even if you able to block them using ports / destination combination, some users may still able to use msn using online web base messenger application like ebuddy.com. So here is a solution you can apply on your network to minimize the messenger usage.
In ISA Server / Linux or whatever proxy/firewall you are using, you have to create two rules
1) Create first rule which will Block TCP port 1863 to ALL /or/ Specific Users.
2) Create another rule which will block the following destinations to ALL /or/ Specific Users.
Now try to login to live messenger from client side. It won’t work.
(This is a 100% working and tested solution , I have also applied it on my network successfully few days back)
As far as online web base messenger concerns, for rogue users, there are some suggestions,
Create an strict office policy with your BOSS approval about messenger usage in office timings, distribute the memo.
if someone still uses messenger, warn him, print there logs and present it to your management.
Another SERVER side solution is to create a ALLOWED SITES rule, create a COMPUTER SET for those rogue users, and deny there all outbound destinations EXCEPT your allowed destination set. for example company website, newspaper.
or just search for web base online messenger sites, and block them using URL Set for ALL/Specific Users.
Regards,
Hassam Sohail Ahmed

Post a Comment

Previous Post Next Post

propeller