SurfControl Web Filter v5.5 Administrator’s Guide 73
What Objects
Filtering IM, P2P and Web Protocols by signature
The Instant Messsaging and Chat (IM) Peer 2 Peer (P2P) and Web Accelerator protocols in the table
below are port-agile. If a connection fails (for example, due to a disallow rule) on the default port, these
applications will attempt to use another available port. Enabling Protocol Signature Scanning from the
Protocol Signatures tab in the Web Filter Settings will ensure that these protocols are filtered when the
protocols use non-default ports. See "Protocol Signatures Tab" on page 107 for further details.
When adding an Instant Messaging and Chat, Peer to Peer (P2P) or Web Protocol and Port object to a
rule, the Rules Administrator will only filter the following protocols by signature:
Table 7-4 Signature scanning protocols
With Precise Bandwidth Control, you can accurately define what content you want to allow or block. By
creating rules with Precise Bandwidth Controls, you can block pages or files that contain precise prefixes,
suffixes, or word patterns. These rules operate by identifying the contents within the URL rather than just
the top level domain name.
Precise Bandwidth Control objects are “if” statements, which means that if you apply more than one
Precise Bandwidth Control object to a rule, the rule will be triggered when any combination of the objects
are met. For example, a disallow rule which has precise bandwidth control objects of Audio files and
Video Files assigned to it, will block an attempt to access web pages that contain audio files or video files
or both.
Application type Protocols
Instant Messaging
• MSN Messenger
• XMPP (Jabber)
Peer to Peer (P2P)
• eDonkey
• FastTrack (Kazaa)
• Gnutella
• Skype
• Yahoo! Messenger
• Google Web Accelerator
Note: Protocol signature scanning will filter direct HTTP connections and HTTP proxy
connections. It will not filter when connecting via a SOCKS proxy.
Note: If a Category object is assigned to a rule containing Precise Bandwidth Controls, a
destination will only be blocked if it is within the category AND the URL triggers one or all of
your Precise Bandwidth Controls.