First impression on unpacking the Q702 test unit was the solid feel and clean, minimalist styling.
Preventing P-to-P abuse
- — 10 December, 2003 16:10
Tim O'Rourke, vice president for computer and information services at Temple University, makes it a point to ask students in the classes he teaches whether they swap peer-to-peer (P-to-P) music and video files. He has yet to get no for an answer. With 33,000 network users, 5,000 of whom live on the Philadelphia campus, P-to-P file swapping has brought the university's network to its knees more than once, he says.
At the University of Florida, network services supervisor Rob Bird at one point last year recorded 3,500 simultaneous network connections to Kazaa, a popular P-to-P music site. That figure represents almost half of all students who reside on the Gainesville campus.
Colleges and universities are on the front line when it comes to combating the various computer security, copyright infringement and network overload problems that can result from users swapping massive P-to-P files. As a result, schools have been forced to come up with effective systems not only for detecting bandwidth hogs, but also for differentiating between legitimate and illegitimate P-to-P file transfers and pulling the plug on illegal activity. In several cases, their tools and tactics have resulted in a significant reduction in P-to-P headaches, making them well worth a close look by corporate IT managers, many of whom are facing the same problems.
Consider the University of Florida. Within an hour of implementing a homegrown network tool known as Icarus, network managers recorded an 86 percent drop in illegal P-to-P uploads to the Internet from the university's residence halls. Downloads dropped by 30 percent. School newspaper articles and the student handbook had also informed students about the university's downloading policies and the disciplinary actions that would be taken against violators.
Icarus, short for Integrated Computer Application for Recognizing User Services, collects and combines data from all of the university's many disparate network management systems. Once combined, the information can be analyzed in a comprehensive manner.
"We realized we had all of the (network monitoring and management) tools we needed. We just needed to find a way to use them all together," Bird explains. "By collecting data in one place, we're able to detect application usage in new and unusual ways."
How it works
Whenever Icarus detects P-to-P activity on the network, the software sends a pop-up message to the offending user's computer. If the user is a first-time violator, he is automatically directed to an educational Web site that outlines the university's network usage policy and specific details on his particular violation.
Second-time offenders are immediately restricted to on-campus Internet usage for a period of five days. Third-time violators are cut off from all Internet connectivity beyond the campus and immediately referred to the university's judicial affairs office.
"We try to stick to campus restriction as the most severe punishment, to minimize the impact on academic use, because there's plenty of legitimate applications that need to be accessed by students," Bird says.
Since the start of the academic year in September, the system has uncovered 919 first-time offenders and only nine repeat offenders.
"It's been extraordinarily successful," Bird says, adding that the university plans to release the application as an open-source project in the spring.
Differentiating between legal and illegal P-to-P files can be difficult for network managers, since most colleges have policies against viewing the content of files. The University of Miami in Coral Gables, Fla., keeps it simple by limiting all students to a maximum of 48MB of dedicated bandwidth.
"We tell them to use it wisely to do whatever they have to do. That could be downloading images from medical journals, or videos related to school communications," notes CIO Lew Temares. It also could be swapping music files, Temares concedes, which is why the university has implemented two network filters that sniff file transfer protocols and eliminate those with the known characteristics of P-to-P files that the university has identified as illegal. These include sites like Kazaa and Blubster that are primarily for downloading music.
At Temple, administrators are considering going a step further and implementing a policy that would deny hardware and software support to students whose computers contain illegal P-to-P programs and files.
The university also recently purchased an enterprisewide license for Symantec Corp.'s Norton AntiVirus software, which all students are required to install on their computers before they can tie into the university's network.
"I don't really want to work on (a computer) it takes me six or seven hours to rebuild because it has all this junk on it," O'Rourke says. "The Welchia (worm) alone has cost me at least US$400,000 in the last month just in time."
Chuck Linebaugh, director of information systems at Chicago law firm O'Hagan, Smith & Amundsen LLC, says corporate IT managers like him have somewhat more leverage over employees than university network managers may have over students. Linebaugh's firm locks out all P-to-P application programs and conducts weekly checks on all files for any illegal P-to-P activity.
Still, he keeps a close eye on the precautions that other IT managers, particularly university network managers, are taking on the P-to-P file-swapping front. One big reason, he notes, is self-preservation. "If we're investigated and files downloaded by users are on our network, we're liable for that," Linebaugh says.